fa.mediageting.com Open in urlscan Pro
190.2.139.23  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response fa.mediageting.com/	14 KB 4 KB	489ms 153ms	Document text/html	190.2.139.23 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://fa.mediageting.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server73-vm12.openfrost.com Software nginx/1.24.0 / PHP/7.2.34 Resource Hash 6692d0aba3e794398a38868f4eec9834819696c366a83ba29f403ced94379715 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Sun, 07 Jan 2024 04:13:52 GMT Server nginx/1.24.0 Transfer-Encoding chunked Vary Accept-Encoding Accept-Encoding X-Powered-By PHP/7.2.34
GET H2	200	css fonts.googleapis.com/	717 B 443 B	212ms 78ms	Stylesheet text/css	2607:f8b0:4006:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato Requested by Host: fa.mediageting.com URL: https://fa.mediageting.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://fa.mediageting.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 07 Jan 2024 04:13:52 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 07 Jan 2024 02:47:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 07 Jan 2024 04:13:52 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 980 B	211ms 77ms	Stylesheet text/css	2607:f8b0:4006:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700 Requested by Host: fa.mediageting.com URL: https://fa.mediageting.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 992052b3f5033727a2aa70a6d5b4acf2012f63a951e528fc4675307414fff6e7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://fa.mediageting.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 07 Jan 2024 04:13:52 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 07 Jan 2024 02:43:49 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 07 Jan 2024 04:13:52 GMT
GET H/1.1	200 OK	1802-1.jpg fa.mediageting.com/webcontents/old/	187 KB 186 KB	289ms 289ms	Image image/jpeg	190.2.139.23 WORLDSTREAM
General Check archive.org Show headers Download Go to Show image Full URL https://fa.mediageting.com/webcontents/old/1802-1.jpg Requested by Host: fa.mediageting.com URL: https://fa.mediageting.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server73-vm12.openfrost.com Software nginx/1.24.0 / Resource Hash 06a1098601640df58420a0d04b36593ebe54a03f95120824bde4f3b6e3318943 Request headers accept-language en-US,en;q=0.9 Referer https://fa.mediageting.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Date Sun, 07 Jan 2024 04:13:52 GMT Content-Encoding gzip Last-Modified Wed, 27 May 2020 07:57:59 GMT Server nginx/1.24.0 ETag W/"5ece1d87-2eb9b" Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type image/jpeg Connection keep-alive
GET		1802-2.png rankexperience.com/articles/img/	0 0
GET H/1.1	200 OK	jquery2.js Show response semalt.com/js/	82 KB 34 KB	583ms 291ms	Script application/javascript	62.112.9.54 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://semalt.com/js/jquery2.js Requested by Host: fa.mediageting.com URL: https://fa.mediageting.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.112.9.54 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server42-vm05.openfrost.com Software nginx/1.20.2 / Resource Hash b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba Request headers accept-language en-US,en;q=0.9 Referer https://fa.mediageting.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Date Sun, 07 Jan 2024 04:13:52 GMT Content-Encoding gzip Last-Modified Tue, 10 Apr 2018 17:04:19 GMT Server nginx/1.20.2 ETag W/"5accee93-1469c" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=315360000 Connection keep-alive Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	jquery.cookie.js Show response semalt.com/js/	3 KB 2 KB	440ms 146ms	Script application/javascript	62.112.9.54 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://semalt.com/js/jquery.cookie.js Requested by Host: fa.mediageting.com URL: https://fa.mediageting.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.112.9.54 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server42-vm05.openfrost.com Software nginx/1.20.2 / Resource Hash c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96 Request headers accept-language en-US,en;q=0.9 Referer https://fa.mediageting.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Date Sun, 07 Jan 2024 04:13:52 GMT Content-Encoding gzip Last-Modified Tue, 10 Apr 2018 17:04:19 GMT Server nginx/1.20.2 ETag W/"5accee93-c31" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=315360000 Connection keep-alive Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	counter.js Show response fa.mediageting.com/actcntr/	10 KB 5 KB	460ms 167ms	Script application/javascript	190.2.139.23 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://fa.mediageting.com/actcntr/counter.js Requested by Host: fa.mediageting.com URL: https://fa.mediageting.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server73-vm12.openfrost.com Software nginx/1.24.0 / Resource Hash bafaae03a4a0091ffbdd8ccca9f9341348cf576a39e20aa1515fe24c6a02dda6 Request headers accept-language en-US,en;q=0.9 Referer https://fa.mediageting.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Date Sun, 07 Jan 2024 04:13:52 GMT Content-Encoding br CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 484 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Fri, 07 Jul 2023 11:18:54 GMT Server nginx/1.24.0 ETag W/"64a7f49e-2614" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0spETobU1SRwn5oh8%2Fext7QdERdZvjVgUTtA7G8yaD3Nhvh%2B2AONsS05Da39sZUiknsxnS1c6QtO3q0Bv1PLN8lsYVF428ObqndbNeYUwxdb38UsnMOIYsyi%2BhB0dzqXQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 CF-RAY 84195ee48959670e-AMS
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	195ms 62ms	Font font/woff2	2607:f8b0:4006:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fa.mediageting.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 16:28:28 GMT x-content-type-options nosniff age 387924 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 01 Jan 2025 16:28:28 GMT
POST H/1.1	200 OK	add-hit Show response fa.mediageting.com/actcntr/api/	115 B 754 B	179ms 178ms	XHR application/json	190.2.139.23 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://fa.mediageting.com/actcntr/api/add-hit Requested by Host: fa.mediageting.com URL: https://fa.mediageting.com/actcntr/counter.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server73-vm12.openfrost.com Software nginx/1.24.0 / Resource Hash 8ee3fc6cb3516cec554491861ac758261f9c0f78d99e3983c30446c7c308f422 Request headers Referer https://fa.mediageting.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Content-Type text/plain Response headers Date Sun, 07 Jan 2024 04:13:52 GMT Content-Encoding br CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server nginx/1.24.0 Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ktt%2BS2u%2B5PbmMQdXXvQul7x6VPbQP9yMgzeq3WckGRRm7grVLGhZCme04tnzoncInbylIzrOoHWA5HAM0VFxv%2Bjy2wPKNn36aaPpf2VIB61hK%2BpThHoarPPKS8fAbpoYA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin * Connection keep-alive CF-RAY 84195ee5af45669e-AMS alt-svc h3=":443"; ma=86400
POST H/1.1	200 OK	send-heartbeat fa.mediageting.com/actcntr/api/	0 656 B	182ms 182ms	Ping text/plain	190.2.139.23 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://fa.mediageting.com/actcntr/api/send-heartbeat Requested by Host: fa.mediageting.com URL: https://fa.mediageting.com/actcntr/counter.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server73-vm12.openfrost.com Software nginx/1.24.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://fa.mediageting.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Sun, 07 Jan 2024 04:13:53 GMT Content-Encoding br CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server nginx/1.24.0 Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLsoeBjmsUf3EWUIOWPzgRH6ORWjf20XJb8fCd8H7IJHee%2FfWWGjpB%2BiKFpeEej%2B9UkstR6DrhSPQCO%2FzlVTf929Oap%2Fr43bDJzu4Zn5yrE8QXkItoHa5VF7wn%2B1mbJdFg%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin * Connection keep-alive CF-RAY 84195ee6cc457746-AMS alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	popup_wow.php Show response semalt.com/popups/ Frame 643D	4 KB 2 KB	168ms 168ms	Document text/html	62.112.9.54 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://semalt.com/popups/popup_wow.php?lang=en Requested by Host: semalt.com URL: https://semalt.com/js/jquery2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.112.9.54 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server42-vm05.openfrost.com Software nginx/1.20.2 / PHP/7.2.34 Resource Hash e686b7781cbfaa9030b1dc330365813e0b4a3065a75d38a8d0182ffc17178d37 Request headers Referer https://fa.mediageting.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sun, 07 Jan 2024 04:13:53 GMT Server nginx/1.20.2 Transfer-Encoding chunked X-Powered-By PHP/7.2.34 p3p CP=semalt
GET H/1.1	200 OK	jquery2.js Show response semalt.com/js/ Frame 643D	82 KB 34 KB	148ms 148ms	Script application/javascript	62.112.9.54 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://semalt.com/js/jquery2.js Requested by Host: semalt.com URL: https://semalt.com/popups/popup_wow.php?lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.112.9.54 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server42-vm05.openfrost.com Software nginx/1.20.2 / Resource Hash b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba Request headers accept-language en-US,en;q=0.9 Referer https://semalt.com/popups/popup_wow.php?lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Date Sun, 07 Jan 2024 04:13:53 GMT Content-Encoding gzip Last-Modified Tue, 10 Apr 2018 17:04:19 GMT Server nginx/1.20.2 ETag W/"5accee93-1469c" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=315360000 Connection keep-alive Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	start_popup_wow.css semalt.com/css/ Frame 643D	7 KB 2 KB	147ms 146ms	Stylesheet text/css	62.112.9.54 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://semalt.com/css/start_popup_wow.css?1 Requested by Host: semalt.com URL: https://semalt.com/popups/popup_wow.php?lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.112.9.54 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server42-vm05.openfrost.com Software nginx/1.20.2 / Resource Hash a87cd819cd50b60d600205bfa0ec8ca5552773f8c03b880663380aa88b199f2c Request headers accept-language en-US,en;q=0.9 Referer https://semalt.com/popups/popup_wow.php?lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Date Sun, 07 Jan 2024 04:13:53 GMT Content-Encoding gzip Last-Modified Fri, 21 Apr 2023 09:30:31 GMT Server nginx/1.20.2 ETag W/"644257b7-1d99" Transfer-Encoding chunked Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=315360000 Connection keep-alive Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	button-close.svg semalt.com/img/cases/ Frame 643D	829 B 838 B	144ms 144ms	Image image/svg+xml	62.112.9.54 WORLDSTREAM
General Check archive.org Show headers Download Go to Show image Full URL https://semalt.com/img/cases/button-close.svg Requested by Host: fa.mediageting.com URL: https://fa.mediageting.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.112.9.54 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server42-vm05.openfrost.com Software nginx/1.20.2 / Resource Hash 259758faa11fb8fd71bdd01a57c2b4e698705a26d0bb3e016c443a76ae38833b Request headers accept-language en-US,en;q=0.9 Referer https://semalt.com/popups/popup_wow.php?lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Date Sun, 07 Jan 2024 04:13:54 GMT Content-Encoding gzip Last-Modified Fri, 12 Feb 2021 09:57:17 GMT Server nginx/1.20.2 ETag W/"602650fd-33d" Transfer-Encoding chunked Content-Type image/svg+xml p3p CP=semalt Cache-Control max-age=315360000 Connection keep-alive Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	MyriadPro-Light.woff semalt.com/css/fonts/ Frame 643D	25 KB 26 KB	292ms 291ms	Font application/font-woff	62.112.9.54 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://semalt.com/css/fonts/MyriadPro-Light.woff Requested by Host: fa.mediageting.com URL: https://fa.mediageting.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.112.9.54 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server42-vm05.openfrost.com Software nginx/1.20.2 / Resource Hash 57ca1ca3d414c1055d5b161c14e45fbf592991f70e4a76ec9ffa8450a8be212c Request headers Referer https://semalt.com/popups/popup_wow.php?lang=en Origin https://semalt.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Date Sun, 07 Jan 2024 04:13:54 GMT Last-Modified Tue, 10 Apr 2018 17:04:13 GMT Server nginx/1.20.2 ETag "5accee8d-65b8" Content-Type application/font-woff Access-Control-Allow-Origin * Cache-Control max-age=300, public Connection keep-alive Accept-Ranges bytes Content-Length 26040 Expires Sun, 07 Jan 2024 04:18:54 GMT
GET H/1.1	200 OK	ebrimabd.ttf semalt.com/css/fonts/ Frame 643D	859 KB 859 KB	288ms 144ms	Font application/octet-stream	62.112.9.54 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://semalt.com/css/fonts/ebrimabd.ttf Requested by Host: fa.mediageting.com URL: https://fa.mediageting.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.112.9.54 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server42-vm05.openfrost.com Software nginx/1.20.2 / Resource Hash 045f67887bf9347cebf12e153a3d7a10d48c064eae9fec936834debf520e8195 Request headers Referer https://semalt.com/popups/popup_wow.php?lang=en Origin https://semalt.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Date Sun, 07 Jan 2024 04:13:54 GMT Last-Modified Tue, 10 Apr 2018 17:04:13 GMT Server nginx/1.20.2 ETag "5accee8d-d6c20" Content-Type application/octet-stream Access-Control-Allow-Origin * Cache-Control max-age=300, public Connection keep-alive Accept-Ranges bytes Content-Length 879648 Expires Sun, 07 Jan 2024 04:18:54 GMT
POST H/1.1	200 OK	send-heartbeat fa.mediageting.com/actcntr/api/	0 654 B	179ms 178ms	Ping text/plain	190.2.139.23 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://fa.mediageting.com/actcntr/api/send-heartbeat Requested by Host: fa.mediageting.com URL: https://fa.mediageting.com/actcntr/counter.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server73-vm12.openfrost.com Software nginx/1.24.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://fa.mediageting.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Sun, 07 Jan 2024 04:13:55 GMT Content-Encoding br CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server nginx/1.24.0 Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9Fs6ER7vhrIX6%2F2ahAmAq93OO72qw9m%2Bstp5ISyPM5E8PZ9uSzvkRczjiHj8d33ZOUB8rcpBotM5godt21CVox%2Fr1LgtcaLCoE%2Bh4RhP%2B3xHTHdI3LKNvQnNbo5x1sV4Q%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin * Connection keep-alive CF-RAY 84195ef3491e671a-AMS alt-svc h3=":443"; ma=86400
POST		send-heartbeat fa.mediageting.com/actcntr/api/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

rankexperience.com

URL

https://rankexperience.com/articles/img/1802-2.png

Domain

fa.mediageting.com

URL

https://fa.mediageting.com/actcntr/api/send-heartbeat

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| _siData function| statInside function| $ function| jQuery function| listenerPopupSemalt

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fa.mediageting.com/	1970-01-21 02:15:36	Name: si_user_id Value: 4q6Tpn2L_273mRu
			fa.mediageting.com/	1970-01-20 17:30:01	Name: si_sess_id Value: 4q6Tpn2L_273mRu

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://fa.mediageting.com/ Message: Mixed Content: The page at 'https://fa.mediageting.com/' was loaded over HTTPS, but requested an insecure element 'http://rankexperience.com/articles/img/1802-2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://fa.mediageting.com/(Line 121) Message: Mixed Content: The page at 'https://fa.mediageting.com/' was loaded over HTTPS, but requested an insecure element 'http://rankexperience.com/articles/img/1802-2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fa.mediageting.com
fonts.googleapis.com
fonts.gstatic.com
rankexperience.com
semalt.com
fa.mediageting.com
rankexperience.com
190.2.139.23
2607:f8b0:4006:81c::2003
2607:f8b0:4006:824::200a
62.112.9.54
045f67887bf9347cebf12e153a3d7a10d48c064eae9fec936834debf520e8195
06a1098601640df58420a0d04b36593ebe54a03f95120824bde4f3b6e3318943
259758faa11fb8fd71bdd01a57c2b4e698705a26d0bb3e016c443a76ae38833b
57ca1ca3d414c1055d5b161c14e45fbf592991f70e4a76ec9ffa8450a8be212c
6692d0aba3e794398a38868f4eec9834819696c366a83ba29f403ced94379715
8ee3fc6cb3516cec554491861ac758261f9c0f78d99e3983c30446c7c308f422
992052b3f5033727a2aa70a6d5b4acf2012f63a951e528fc4675307414fff6e7
a87cd819cd50b60d600205bfa0ec8ca5552773f8c03b880663380aa88b199f2c
b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba
bafaae03a4a0091ffbdd8ccca9f9341348cf576a39e20aa1515fe24c6a02dda6
c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e686b7781cbfaa9030b1dc330365813e0b4a3065a75d38a8d0182ffc17178d37
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860