urlscan.io logo urlscan.io
SecurityTrails logo

uniq.offerrum.com Open in urlscan Pro
91.228.155.5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://uniq.offerrum.com/
Effective URL: https://uniq.offerrum.com/
Submission: On October 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 25 HTTP transactions. The main IP is 91.228.155.5, located in Germany and belongs to DE-FIRSTCOLO www.first-colo.net, DE. The main domain is uniq.offerrum.com.
TLS certificate: Issued by GoGetSSL RSA DV CA on June 19th 2023. Valid for: a year.
This is the only time uniq.offerrum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 91.228.155.5 44066 (DE-FIRSTC...)
1 2a00:1450:400... 15169 (GOOGLE)
5 12 2a02:6b8::1:119 208722 (GLOBAL_DC)
6 2a00:1450:400... 15169 (GOOGLE)
25 4
Apex Domain
Subdomains		 Transfer
12 offerrum.com
uniq.offerrum.com
59 KB
9 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 7957
3 KB
6 gstatic.com
fonts.gstatic.com
104 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3539
70 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
1 KB
25 5
Domain Requested by
12 uniq.offerrum.com 1 redirects uniq.offerrum.com
9 mc.yandex.com 3 redirects uniq.offerrum.com
mc.yandex.ru
6 fonts.gstatic.com fonts.googleapis.com
3 mc.yandex.ru 2 redirects uniq.offerrum.com
1 fonts.googleapis.com uniq.offerrum.com
25 5

This site contains links to these domains. Also see Links.

Domain
offerrum.com
Subject Issuer Validity Valid
*.offerrum.com
GoGetSSL RSA DV CA		 2023-06-19 -
2024-07-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://uniq.offerrum.com/
Frame ID: 3B97AEC9A1F19379FA9B7A2FA3765483
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Уникализатор креативов | OFFERRUM

Page URL History Show full URLs

  1. http://uniq.offerrum.com/ HTTP 301
    https://uniq.offerrum.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

25
Requests

88 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

234 kB
Transfer

409 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://uniq.offerrum.com/ HTTP 301
    https://uniq.offerrum.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10157.obiVOcouhIWvJXFAdIByRhNw2b2F21e9AJsp1OHSAtpMFDwsHceSJ9OlSCxAnNYx.TWE43pPGgpB-nQgsb9HbxK04auo%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10157.9t3h4lTGINOawERui1tw_NPwRtS2iSULr3AwzOM-5TZf_WtuLvBIM1dAukcYBIurIIXjDIeMCzB_2uJNVBN9Q5R_H9FvlL9YGe48SkgHKrE%2C.OpPhDgh4uD4GmKU8czaMeJbnGDQ%2C
Request Chain 20
  • https://mc.yandex.com/watch/73156471?wmode=7&page-url=https%3A%2F%2Funiq.offerrum.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A408%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1589931999158%3Ahid%3A673295030%3Az%3A120%3Ai%3A20231015224005%3Aet%3A1697402405%3Ac%3A1%3Arn%3A100875436%3Arqn%3A1%3Au%3A1697402405910639461%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C98%2C49%2C0%2C120%2C0%2C%2C155%2C0%2C%2C%2C%2C422%3Aco%3A0%3Acpf%3A1%3Ans%3A1697402404566%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697402406%3At%3A%D0%A3%D0%BD%D0%B8%D0%BA%D0%B0%D0%BB%D0%B8%D0%B7%D0%B0%D1%82%D0%BE%D1%80%20%D0%BA%D1%80%D0%B5%D0%B0%D1%82%D0%B8%D0%B2%D0%BE%D0%B2%20%7C%20OFFERRUM&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/73156471/1?wmode=7&page-url=https%3A%2F%2Funiq.offerrum.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A408%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1589931999158%3Ahid%3A673295030%3Az%3A120%3Ai%3A20231015224005%3Aet%3A1697402405%3Ac%3A1%3Arn%3A100875436%3Arqn%3A1%3Au%3A1697402405910639461%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C98%2C49%2C0%2C120%2C0%2C%2C155%2C0%2C%2C%2C%2C422%3Aco%3A0%3Acpf%3A1%3Ans%3A1697402404566%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697402406%3At%3A%D0%A3%D0%BD%D0%B8%D0%BA%D0%B0%D0%BB%D0%B8%D0%B7%D0%B0%D1%82%D0%BE%D1%80%20%D0%BA%D1%80%D0%B5%D0%B0%D1%82%D0%B8%D0%B2%D0%BE%D0%B2%20%7C%20OFFERRUM&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
Request Chain 21
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10157.KfRw837oNeV3QkbUSAs6aVvEUTvfraroBjwJTvN8bXMYt3Z7YU48fw6gGTvBh82Q.pmozVy-Yw3Hs0Pw6VtbujcVYU94%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10157.9CwPCtAudYR-VWtk-61ou2l07q0ZGxj47H1Eg_hL9fJy9ecWl3pU2cP60CdZFMo8_QXs94-rpZRg7eXZXJ2ZbaAyXo4EOBsJEdL_mTi7o6s%2C.RrZ1LyiZOVve5PoLKGo3vaQ2Yc0%2C

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
uniq.offerrum.com/
Redirect Chain
  • http://uniq.offerrum.com/
  • https://uniq.offerrum.com/
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uniq.offerrum.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.228.155.5 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-68.fornex.org
Software
nginx /
Resource Hash
06b4f20111039662df593228ae1a5bcad509d6ec10b298444bea653b9abda936
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin
date
Sun, 15 Oct 2023 20:40:04 GMT
etag
W/"65290e9b-2679"
last-modified
Fri, 13 Oct 2023 09:32:11 GMT
server
nginx
x-frame-options
sameorigin
x-xss-protection
1

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sun, 15 Oct 2023 20:40:04 GMT
Location
https://uniq.offerrum.com/
Server
nginx
css2
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&family=Roboto:wght@300;700&display=swap
Requested by
Host: uniq.offerrum.com
URL: https://uniq.offerrum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
113ba8126aa899cb07e8b4c222c5b8906b145c1023b883f93ccf768cc757d253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uniq.offerrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 15 Oct 2023 20:40:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 15 Oct 2023 20:40:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 15 Oct 2023 20:40:04 GMT
main.css
uniq.offerrum.com/uniq/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uniq.offerrum.com/uniq/css/main.css?e6b9ff863a73eb1f740a
Requested by
Host: uniq.offerrum.com
URL: https://uniq.offerrum.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.228.155.5 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-68.fornex.org
Software
nginx /
Resource Hash
3e7874cdc22bc65d32f6eebd97eae32a76b88ea54e53b5cdfc39998a6a6b4d3b
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uniq.offerrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 20:40:04 GMT
content-encoding
gzip
last-modified
Fri, 13 Oct 2023 09:31:59 GMT
server
nginx
cross-origin-opener-policy
same-origin
etag
W/"65290e8f-3fc1"
x-frame-options
sameorigin
content-type
text/css
x-xss-protection
1
logo.png
uniq.offerrum.com/uniq/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uniq.offerrum.com/uniq/img/logo.png
Requested by
Host: uniq.offerrum.com
URL: https://uniq.offerrum.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.228.155.5 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-68.fornex.org
Software
nginx /
Resource Hash
770cc91b90d44886ac6939745a24ae09c62dbb7b8e38b91917f8f9848c7d994c
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uniq.offerrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 20:40:04 GMT
last-modified
Fri, 13 Oct 2023 09:32:11 GMT
server
nginx
cross-origin-opener-policy
same-origin
etag
"65290e9b-771"
x-frame-options
sameorigin
content-type
image/png
accept-ranges
bytes
content-length
1905
x-xss-protection
1
comp.png
uniq.offerrum.com/uniq/img/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uniq.offerrum.com/uniq/img/comp.png
Requested by
Host: uniq.offerrum.com
URL: https://uniq.offerrum.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.228.155.5 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-68.fornex.org
Software
nginx /
Resource Hash
b94769ed3a1c05d534c7d1be622a9e7f92b3a2e292f65cec44acb33bf685fc48
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uniq.offerrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 20:40:04 GMT
last-modified
Fri, 13 Oct 2023 09:31:59 GMT
server
nginx
cross-origin-opener-policy
same-origin
etag
"65290e8f-2568"
x-frame-options
sameorigin
content-type
image/png
accept-ranges
bytes
content-length
9576
x-xss-protection
1
flash.png
uniq.offerrum.com/uniq/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uniq.offerrum.com/uniq/img/flash.png
Requested by
Host: uniq.offerrum.com
URL: https://uniq.offerrum.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.228.155.5 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-68.fornex.org
Software
nginx /
Resource Hash
e7f55bfc003a046aff861a5a1b01fe8b2507d4e9220614f61737eba60c059397
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uniq.offerrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 20:40:04 GMT
last-modified
Fri, 13 Oct 2023 09:32:11 GMT
server
nginx
cross-origin-opener-policy
same-origin
etag
"65290e9b-1e3f"
x-frame-options
sameorigin
content-type
image/png
accept-ranges
bytes
content-length
7743
x-xss-protection
1
safety.png
uniq.offerrum.com/uniq/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uniq.offerrum.com/uniq/img/safety.png
Requested by
Host: uniq.offerrum.com
URL: https://uniq.offerrum.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.228.155.5 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-68.fornex.org
Software
nginx /
Resource Hash
cc06028e7e72ed5139174e771ac7a7cda8be4aac24a84eb03e56dff4c36e0ff0
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uniq.offerrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 20:40:04 GMT
last-modified
Fri, 13 Oct 2023 09:31:59 GMT
server
nginx
cross-origin-opener-policy
same-origin
etag
"65290e8f-1cf9"
x-frame-options
sameorigin
content-type
image/png
accept-ranges
bytes
content-length
7417
x-xss-protection
1
cloud.png
uniq.offerrum.com/uniq/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uniq.offerrum.com/uniq/img/cloud.png
Requested by
Host: uniq.offerrum.com
URL: https://uniq.offerrum.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.228.155.5 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-68.fornex.org
Software
nginx /
Resource Hash
640033e2c9e30fc43e76c8cd971cecf18c492a3080826120ea262c7ed7267f5d
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uniq.offerrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 20:40:04 GMT
last-modified
Fri, 13 Oct 2023 09:32:11 GMT
server
nginx
cross-origin-opener-policy
same-origin
etag
"65290e9b-332f"
x-frame-options
sameorigin
content-type
image/png
accept-ranges
bytes
content-length
13103
x-xss-protection
1
vendors.js
uniq.offerrum.com/uniq/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uniq.offerrum.com/uniq/js/vendors.js?e6b9ff863a73eb1f740a
Requested by
Host: uniq.offerrum.com
URL: https://uniq.offerrum.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.228.155.5 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-68.fornex.org
Software
nginx /
Resource Hash
bda3a43f6f128efde5cb149e0aaf737d910d521782865535d9edb809fbc8a299
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uniq.offerrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 20:40:04 GMT
content-encoding
gzip
last-modified
Fri, 13 Oct 2023 09:31:59 GMT
server
nginx
cross-origin-opener-policy
same-origin
etag
W/"65290e8f-48ba"
x-frame-options
sameorigin
content-type
application/javascript
x-xss-protection
1
main.js
uniq.offerrum.com/uniq/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uniq.offerrum.com/uniq/js/main.js?e6b9ff863a73eb1f740a
Requested by
Host: uniq.offerrum.com
URL: https://uniq.offerrum.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.228.155.5 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-68.fornex.org
Software
nginx /
Resource Hash
1d7e3662c90ed72c81f9d5a857bacf304038b0a01f533292e73da33cb7558c70
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uniq.offerrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 20:40:04 GMT
content-encoding
gzip
last-modified
Fri, 13 Oct 2023 09:32:11 GMT
server
nginx
cross-origin-opener-policy
same-origin
etag
W/"65290e9b-2347"
x-frame-options
sameorigin
content-type
application/javascript
x-xss-protection
1
tag.js
mc.yandex.ru/metrika/ 		202 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: uniq.offerrum.com
URL: https://uniq.offerrum.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uniq.offerrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 20:40:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 06 Oct 2023 14:28:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"651fef42-11470"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70768
expires
Sun, 15 Oct 2023 21:40:05 GMT
paperclip.svg
uniq.offerrum.com/uniq/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uniq.offerrum.com/uniq/img/paperclip.svg
Requested by
Host: uniq.offerrum.com
URL: https://uniq.offerrum.com/uniq/css/main.css?e6b9ff863a73eb1f740a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.228.155.5 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-68.fornex.org
Software
nginx /
Resource Hash
3349e545912db4e58a93e3202ce77e0b89b63061637878797f6d8c3ea50cd69a
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uniq.offerrum.com/uniq/css/main.css?e6b9ff863a73eb1f740a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 20:40:04 GMT
last-modified
Fri, 13 Oct 2023 09:31:59 GMT
server
nginx
cross-origin-opener-policy
same-origin
etag
"65290e8f-413"
x-frame-options
sameorigin
content-type
image/svg+xml
accept-ranges
bytes
content-length
1043
x-xss-protection
1
arrow.svg
uniq.offerrum.com/uniq/img/ 		146 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uniq.offerrum.com/uniq/img/arrow.svg
Requested by
Host: uniq.offerrum.com
URL: https://uniq.offerrum.com/uniq/css/main.css?e6b9ff863a73eb1f740a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.228.155.5 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-68.fornex.org
Software
nginx /
Resource Hash
c90d0b9afedad2866094a61f72feeb53684c0798dddcc5a9f52497eb95d7b78a
Security Headers
Name Value
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uniq.offerrum.com/uniq/css/main.css?e6b9ff863a73eb1f740a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 20:40:04 GMT
last-modified
Fri, 13 Oct 2023 09:32:11 GMT
server
nginx
cross-origin-opener-policy
same-origin
etag
"65290e9b-92"
x-frame-options
sameorigin
content-type
image/svg+xml
accept-ranges
bytes
content-length
146
x-xss-protection
1
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&family=Roboto:wght@300;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://uniq.offerrum.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:19:58 GMT
x-content-type-options
nosniff
age
267606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21288
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:43:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:19:58 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&family=Roboto:wght@300;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://uniq.offerrum.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:17:59 GMT
x-content-type-options
nosniff
age
267725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:17:59 GMT
KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&family=Roboto:wght@300;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://uniq.offerrum.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 04:30:34 GMT
x-content-type-options
nosniff
age
317370
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9576
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 04:30:34 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&family=Roboto:wght@300;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://uniq.offerrum.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 13:37:19 GMT
x-content-type-options
nosniff
age
111765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 13:37:19 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&family=Roboto:wght@300;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://uniq.offerrum.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 15:22:55 GMT
x-content-type-options
nosniff
age
191829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 15:22:55 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&family=Roboto:wght@300;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://uniq.offerrum.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 17:43:58 GMT
x-content-type-options
nosniff
age
269766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 17:43:58 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10157.obiVOcouhIWvJXFAdIByRhNw2b2F21e9AJsp1OHSAtpMFDwsHceSJ9OlSCxAnNYx.TWE43pPGgpB-nQgsb9HbxK04auo%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10157.9t3h4lTGINOawERui1tw_NPwRtS2iSULr3AwzOM-5TZf_WtuLvBIM1dAukcYBIurIIXjDIeMCzB_2uJNVBN9Q5R_H9FvlL9YGe48SkgHKrE%2C.OpPhDgh4uD4GmKU8czaMeJbnGDQ%2C
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10157.9t3h4lTGINOawERui1tw_NPwRtS2iSULr3AwzOM-5TZf_WtuLvBIM1dAukcYBIurIIXjDIeMCzB_2uJNVBN9Q5R_H9FvlL9YGe48SkgHKrE%2C.OpPhDgh4uD4GmKU8czaMeJbnGDQ%2C
Requested by
Host: uniq.offerrum.com
URL: https://uniq.offerrum.com/
Protocol
H2
Server
2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uniq.offerrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 20:40:05 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10157.9t3h4lTGINOawERui1tw_NPwRtS2iSULr3AwzOM-5TZf_WtuLvBIM1dAukcYBIurIIXjDIeMCzB_2uJNVBN9Q5R_H9FvlL9YGe48SkgHKrE%2C.OpPhDgh4uD4GmKU8czaMeJbnGDQ%2C
date
Sun, 15 Oct 2023 20:40:05 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: uniq.offerrum.com
URL: https://uniq.offerrum.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uniq.offerrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 20:40:05 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 06 Oct 2023 14:26:04 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"651feecc-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 15 Oct 2023 21:40:05 GMT
1
mc.yandex.com/watch/73156471/
Redirect Chain
  • https://mc.yandex.com/watch/73156471?wmode=7&page-url=https%3A%2F%2Funiq.offerrum.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A408%3Afu%3A0%3Aen%3Au...
  • https://mc.yandex.com/watch/73156471/1?wmode=7&page-url=https%3A%2F%2Funiq.offerrum.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A408%3Afu%3A0%3Aen%3...
435 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/73156471/1?wmode=7&page-url=https%3A%2F%2Funiq.offerrum.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A408%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1589931999158%3Ahid%3A673295030%3Az%3A120%3Ai%3A20231015224005%3Aet%3A1697402405%3Ac%3A1%3Arn%3A100875436%3Arqn%3A1%3Au%3A1697402405910639461%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C98%2C49%2C0%2C120%2C0%2C%2C155%2C0%2C%2C%2C%2C422%3Aco%3A0%3Acpf%3A1%3Ans%3A1697402404566%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697402406%3At%3A%D0%A3%D0%BD%D0%B8%D0%BA%D0%B0%D0%BB%D0%B8%D0%B7%D0%B0%D1%82%D0%BE%D1%80%20%D0%BA%D1%80%D0%B5%D0%B0%D1%82%D0%B8%D0%B2%D0%BE%D0%B2%20%7C%20OFFERRUM&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
Protocol
H2
Server
2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
53ee61eef107dacb41bae6a53c47ae49955d6f8bd177f7c5cf70e51a2a1f69e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uniq.offerrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 20:40:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 15-Oct-2023 20:40:05 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://uniq.offerrum.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Sun, 15-Oct-2023 20:40:05 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Oct 2023 20:40:05 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 15-Oct-2023 20:40:05 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/73156471/1?wmode=7&page-url=https%3A%2F%2Funiq.offerrum.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A408%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1589931999158%3Ahid%3A673295030%3Az%3A120%3Ai%3A20231015224005%3Aet%3A1697402405%3Ac%3A1%3Arn%3A100875436%3Arqn%3A1%3Au%3A1697402405910639461%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C98%2C49%2C0%2C120%2C0%2C%2C155%2C0%2C%2C%2C%2C422%3Aco%3A0%3Acpf%3A1%3Ans%3A1697402404566%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697402406%3At%3A%D0%A3%D0%BD%D0%B8%D0%BA%D0%B0%D0%BB%D0%B8%D0%B7%D0%B0%D1%82%D0%BE%D1%80%20%D0%BA%D1%80%D0%B5%D0%B0%D1%82%D0%B8%D0%B2%D0%BE%D0%B2%20%7C%20OFFERRUM&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin
https://uniq.offerrum.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 15-Oct-2023 20:40:05 GMT
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10157.KfRw837oNeV3QkbUSAs6aVvEUTvfraroBjwJTvN8bXMYt3Z7YU48fw6gGTvBh82Q.pmozVy-Yw3Hs0Pw6VtbujcVYU94%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10157.9CwPCtAudYR-VWtk-61ou2l07q0ZGxj47H1Eg_hL9fJy9ecWl3pU2cP60CdZFMo8_QXs94-rpZRg7eXZXJ2ZbaAyXo4EOBsJEdL_mTi7o6s%2C.RrZ1LyiZOVve5PoLK...
43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10157.9CwPCtAudYR-VWtk-61ou2l07q0ZGxj47H1Eg_hL9fJy9ecWl3pU2cP60CdZFMo8_QXs94-rpZRg7eXZXJ2ZbaAyXo4EOBsJEdL_mTi7o6s%2C.RrZ1LyiZOVve5PoLKGo3vaQ2Yc0%2C
Protocol
H2
Server
2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uniq.offerrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 20:40:05 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10157.9CwPCtAudYR-VWtk-61ou2l07q0ZGxj47H1Eg_hL9fJy9ecWl3pU2cP60CdZFMo8_QXs94-rpZRg7eXZXJ2ZbaAyXo4EOBsJEdL_mTi7o6s%2C.RrZ1LyiZOVve5PoLKGo3vaQ2Yc0%2C
date
Sun, 15 Oct 2023 20:40:05 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
73156471
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/73156471?wv-part=1&wmode=0&wv-hit=673295030&page-url=https%3A%2F%2Funiq.offerrum.com%2F&rn=276343927&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1697402408%3Aw%3A1600x1200%3Av%3A1135%3Az%3A120%3Ai%3A20231015224008%3Au%3A1697402405910639461%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Ast%3A1697402408&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uniq.offerrum.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 20:40:08 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 15-Oct-2023 20:40:08 GMT
content-type
image/gif
access-control-allow-origin
https://uniq.offerrum.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 15-Oct-2023 20:40:08 GMT
73156471
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/73156471?wv-part=1&wmode=0&wv-hit=673295030&page-url=https%3A%2F%2Funiq.offerrum.com%2F&rn=192507191&wv-type=3&browser-info=we%3A1%3Aet%3A1697402409%3Aw%3A1600x1200%3Av%3A1135%3Az%3A120%3Ai%3A20231015224008%3Au%3A1697402405910639461%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Ast%3A1697402409&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uniq.offerrum.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 20:40:08 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 15-Oct-2023 20:40:08 GMT
content-type
image/gif
access-control-allow-origin
https://uniq.offerrum.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 15-Oct-2023 20:40:08 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ym object| webpackChunkuniq object| Ya object| yaCounter73156471

12 Cookies

Domain/Path Name / Value
.offerrum.com/ Name: _ym_uid
Value: 1697402405910639461
.offerrum.com/ Name: _ym_d
Value: 1697402405
.offerrum.com/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3857044937fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1793167097fake
mc.yandex.com/ Name: yabs-sid
Value: 1470874571697402405
.yandex.com/ Name: i
Value: Skt4muETiHs6zO9GWLurv5IQoBzozGLp+eI+SB7HRM6sLfaNcP6JmEgHDxpy3Ngkt1HGxdAl1dYcPM2dITtSJ70M1VQ=
.yandex.com/ Name: yandexuid
Value: 1897752351697402405
.yandex.com/ Name: yuidss
Value: 1897752351697402405
.yandex.com/ Name: ymex
Value: 1728938405.yrts.1697402405#1728938405.yrtsi.1697402405
.yandex.com/ Name: bh
Value: KgI/MA==
.offerrum.com/ Name: _ym_visorc
Value: w

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options sameorigin
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
uniq.offerrum.com
2a00:1450:4001:806::200a
2a00:1450:4001:811::2003
2a02:6b8::1:119
91.228.155.5
06b4f20111039662df593228ae1a5bcad509d6ec10b298444bea653b9abda936
113ba8126aa899cb07e8b4c222c5b8906b145c1023b883f93ccf768cc757d253
1d7e3662c90ed72c81f9d5a857bacf304038b0a01f533292e73da33cb7558c70
3349e545912db4e58a93e3202ce77e0b89b63061637878797f6d8c3ea50cd69a
3e7874cdc22bc65d32f6eebd97eae32a76b88ea54e53b5cdfc39998a6a6b4d3b
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
53ee61eef107dacb41bae6a53c47ae49955d6f8bd177f7c5cf70e51a2a1f69e7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
640033e2c9e30fc43e76c8cd971cecf18c492a3080826120ea262c7ed7267f5d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
770cc91b90d44886ac6939745a24ae09c62dbb7b8e38b91917f8f9848c7d994c
b94769ed3a1c05d534c7d1be622a9e7f92b3a2e292f65cec44acb33bf685fc48
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bda3a43f6f128efde5cb149e0aaf737d910d521782865535d9edb809fbc8a299
c90d0b9afedad2866094a61f72feeb53684c0798dddcc5a9f52497eb95d7b78a
cc06028e7e72ed5139174e771ac7a7cda8be4aac24a84eb03e56dff4c36e0ff0
e7f55bfc003a046aff861a5a1b01fe8b2507d4e9220614f61737eba60c059397
e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef