leostop.com Open in urlscan Pro
2606:4700:3030::ac43:c4d4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://1safeinc.com/
Effective URL:
https://leostop.com/tracking/tracking.php?full_url=https://1safeinc.com/
Submission: On January 12 via automatic, source certstream-suspicious (January 12th 2022, 1:20:14 am UTC) — Scanned from DE

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3030::ac43:c4d4, located in United States and belongs to CLOUDFLARENET, US. The main domain is leostop.com. The Cisco Umbrella rank of the primary domain is 768541.
TLS certificate: Issued by R3 on November 18th 2021. Valid for: 3 months.

This is the only time leostop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2606:4700:303... 2606:4700:3031::ac43:9392	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700:303... 2606:4700:3030::ac43:c4d4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	92.123.225.9 92.123.225.9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	208.91.196.46 208.91.196.46	40034 (CONFLUENC...) (CONFLUENCE-NETWORK-INC)
26	5

20 2606:4700:3031::ac43:9392 (United States)

ASN13335 (CLOUDFLARENET, US)

1safeinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::ac43:c4d4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

leostop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.225.9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-9.deploy.static.akamaitechnologies.com

cdn.jsinit.directfwd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.91.196.46 (Virgin Islands (British))

ASN40034 (CONFLUENCE-NETWORK-INC, VG)

findquickresultsnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	1safeinc.com 1safeinc.com	4 MB
3	leostop.com 1 redirects leostop.com — Cisco Umbrella Rank: 768541	3 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	2 KB
1	findquickresultsnow.com findquickresultsnow.com — Cisco Umbrella Rank: 240804	2 KB
1	directfwd.com cdn.jsinit.directfwd.com — Cisco Umbrella Rank: 463322	812 B
26	5

	Domain	Requested by
20	1safeinc.com	1safeinc.com
3	leostop.com	1 redirects 1safeinc.com leostop.com
2	fonts.googleapis.com	1safeinc.com
1	findquickresultsnow.com	cdn.jsinit.directfwd.com
1	cdn.jsinit.directfwd.com	leostop.com
26	5

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.leostop.com R3	`2021-11-18` - `2022-02-16`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
findquickresultsnow.com R3	`2021-11-19` - `2022-02-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://leostop.com/tracking/tracking.php?full_url=https://1safeinc.com/
Frame ID: 1C6F1C3F306E49F323B6D0F5077A8E40
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://1safeinc.com/ Page URL
http://leostop.com/tracking/tracking.php?full_url=https://1safeinc.com/ HTTP 301
https://leostop.com/tracking/tracking.php?full_url=https://1safeinc.com/ Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

96 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

4206 kB
Transfer

4539 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://1safeinc.com/ Page URL
http://leostop.com/tracking/tracking.php?full_url=https://1safeinc.com/ HTTP 301
https://leostop.com/tracking/tracking.php?full_url=https://1safeinc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
1safeinc.com/ 20 KB
5 KB 429ms
378ms Document
text/html 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1safeinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcede2439c18e494c53bb6c6f49c85963a8a8ae03d04c66872d885116db2f652

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 12 Jan 2022 01:20:01 GMT
content-type: text/html; charset=UTF-8
last-modified: Sun, 15 Nov 2020 22:57:52 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pwmb3yY7KZ1ERcJEHehIdEtwxRbZLKpU62n%2BkxT1CFAvFUylVDK204hUI19fUNpaGal4%2FvoYZtLjLetI8DBFz3nb%2F3BzHwz2LYQeAsnb4wXh%2B3nolxJ%2BSjSqE0MSEpiMF7inzMQuG5TFSyQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6cc28f59cce0d608-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bootstrap.min.css
1safeinc.com/css/ 150 KB
24 KB 3682ms
3680ms Stylesheet
text/css 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1safeinc.com/css/bootstrap.min.css
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:30 GMT
server: cloudflare
etag: W/"2565e-5b42d2fb6d112"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgjqss0VDy%2FXRaTygbF%2BbZdvJf5erUHGsufgFhDsJFEXhS9c2vbfQcuOzFVOkJieMaGI5eVX7ZHLwKcjZ%2Bkw6X7KPkIKA8cVQdgPRIBq3dJoCNBXg0NcVtBMjD%2F4%2FcrI4tfZJcuZIF%2Fk0xQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cc28f5c5e34d608-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.css
1safeinc.com/css/ 21 KB
4 KB 506ms
503ms Stylesheet
text/css 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1safeinc.com/css/style.css
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 906715e174dae3d0b220eec10f550d88bb09fa3a1ec4343f140dcb94b5b13636

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:30 GMT
server: cloudflare
etag: W/"5234-5b42d2fb3e313"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0Pw7QJOGVm1PAKY0Ikb5v8%2BsF1m%2Fm%2FNRYF4UBnOkDMslqYKTG%2BZow6%2Bu80xEO2bCfQt5O33YtTVsErSe6iaND7QfTSz3WCx2nFwcSl1hSlpybbwGPrhwsD0gAbk280Ftenk2IOPvqIc6Mo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cc28f5c5e36d608-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 fontawesome.min.css
1safeinc.com/css/ 53 KB
12 KB 693ms
690ms Stylesheet
text/css 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1safeinc.com/css/fontawesome.min.css
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96a4ebe886f82dd197006ab4e0b5cb4cac2cf62d932de639a080f00dde7ddf17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:30 GMT
server: cloudflare
etag: W/"d575-5b42d2fba99d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qa49blAItw35THf0iKpN6GDPmuTeYVC%2BBT0TqINLoBZslcNCA3HaJ21PVx0am9ZbtS6Ed2ZOiYr2AxFLV8jwQMeAeFzJebpI%2BusJbgSJHRNw2zEnghw6gr9SziUtLpIQyqSeHABZKYfw99Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cc28f5c5e37d608-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans|Roboto

Requested by

Host: 1safeinc.com
URL: https://1safeinc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6eda27a736f5de4901d3ef686ba531538018b9dc8203e5a2703b68cf958d8c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 23:50:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 12 Jan 2022 01:20:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Jan 2022 01:20:01 GMT

GET
H2 200 logo.png
1safeinc.com/imgs/ 9 KB
9 KB 371ms
369ms Image
image/png 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1safeinc.com/imgs/logo.png
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9810a9450a8609f05db2105daf2c776089d6ab9ffe56ec94cde4a7e5fb165fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:02 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:29 GMT
server: cloudflare
etag: "2440-5b42d2fa70236"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LX2ssi118Jv%2Br02PDbb3%2BEhN7A8%2B5v1C41I3gPzonVOXN6gTSd1QI0OV4zWdjrVpmgbrG%2FP80mWXuapo2lvJYf0o%2F3xunvvHgrag2%2Bk3VYNzXlIkyXdCfMONPCG96bHuG4e8Rss3q7oqcPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cc28f5c5e38d608-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9280

GET
H2 200 since1995.png
1safeinc.com/imgs/ 1 KB
2 KB 378ms
376ms Image
image/png 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1safeinc.com/imgs/since1995.png
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f3992ac77b0c55a1d1fb40082b84b94003299bebcef0a4bd55a8bd21e8de19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:02 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:25 GMT
server: cloudflare
etag: "585-5b42d2f6238eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLRzhApK0YJoHerckSDD6aHThGEU5nHmGQQdrqxyKw4gSxkGK%2FqGH86caDw9astVDcEyZwDNTV%2FntrDu3gJlkgFs83KvgZx5m9Bx7aByuu9NEc6Da%2BQfpITnpwR5tAFxT4m0VJ0wTaPSobI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cc28f5c5e3ad608-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1413

GET
H2 200 slide1.jpg
1safeinc.com/imgs/ 769 KB
770 KB 719ms
717ms Image
image/jpeg 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1safeinc.com/imgs/slide1.jpg
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dcae25f2536966b8e8f29c779161c3e009b29b63007d65081e48370182c9a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:02 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:24 GMT
server: cloudflare
etag: "c025d-5b42d2f56520e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94zGngfjUezacnQ2FuBFNr0qHt8qnII%2FPLsYMmz7NyNxINjwXoiphPA%2FWKtHVbaZcFtxjgsb9%2BRPyYejUQKfi5nkSb%2F4s58AOs3S%2BefxyrLuHV8M8tOV%2BcjcPGJHiq0KjC6yj4pSiiaBPQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cc28f5c5e3bd608-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 787037

GET
H2 200 slide3.jpg
1safeinc.com/imgs/ 923 KB
925 KB 718ms
716ms Image
image/jpeg 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1safeinc.com/imgs/slide3.jpg
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26f6392af2b724c4b7190dbc711cb473c8529d147a91175cd0393f08ead09041

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:02 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:26 GMT
server: cloudflare
etag: "e6cba-5b42d2f7a6464"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfD5KCeFG3iogMf1TOlTTdandK%2B%2F3WgVVUJTKCOhD4Mdb%2F%2BFdbYRA6g90leNI4OKM28EmnvzrOwTN99X2RLm3ruddJzLBrTQs%2BQ%2F75t1jln53WVSKy9MLwpAMj2gtMUegD4M6nIdXv7rly0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cc28f5c5e3cd608-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 945338

GET
H2 200 slide4.jpg
1safeinc.com/imgs/ 917 KB
918 KB 1460ms
1459ms Image
image/jpeg 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1safeinc.com/imgs/slide4.jpg
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a0006576ccc4053cec6b2c099124e1d171def3641e85918cf66836c6d9e8653

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:03 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:25 GMT
server: cloudflare
etag: "e5388-5b42d2f6c6a48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnQ580olonWfq%2BUPQLRzV2kNhch0FytfpI%2FIqgu2AG3dEnbcHzPbQ1p7FpTuIIZKMoc9MA9B2F9c3H2FFkDiKqK4r4BfbRqNuE2CXcr%2FUMbaXGbcME2MBx%2BIVeEn22cIntj8IDErU%2FZLqUY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cc28f5c5e3ed608-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 938888

GET
H2 200 left.png
1safeinc.com/imgs/ 2 KB
2 KB 3109ms
3108ms Image
image/png 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1safeinc.com/imgs/left.png
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5418bf9c8d93c595ac0a6735b6230d2732c9d4c918a8a1211f341e4559e41d4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:05 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:27 GMT
server: cloudflare
etag: "654-5b42d2f8ed6be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FImYgJkSfB8KMfJzqTiGROPDhXJ0UggbPDe26zqEoOYZKT2Q%2Bt%2FBlQe1pPmxsjdoZAZGSnpONcH6Pmt7r%2FhiqHZvDscq%2BgHlwXKraUcRyx9wcisM98XbbF6t5oFmudIMOEpyu1b%2B%2BOBrfrc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cc28f5c5e3fd608-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1620

GET
H2 200 right.png
1safeinc.com/imgs/ 2 KB
2 KB 2102ms
2101ms Image
image/png 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1safeinc.com/imgs/right.png
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 215aee62250cdd16bbdc25ef64a4b568cd954fb3071fea610ceeaa98dec5ff88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:04 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:22 GMT
server: cloudflare
etag: "66b-5b42d2f3ef1b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpeRG8m5vMLw9y46xutnL16ZQdA54Pr6HF0GygDmg%2FJdXejlrg75GqCb%2BYYnVLtUlH0xgRiYs%2FIFesVGaTq2bTudH62GZlTV07YbjyM1%2BT3iJ1iv0vgQz1%2BSJK2S8FYZBxO%2BW1rKX0aXGhk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cc28f5c5e40d608-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1643

GET
H2 200 beforeandafter.png
1safeinc.com/imgs/ 391 KB
392 KB 678ms
677ms Image
image/png 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1safeinc.com/imgs/beforeandafter.png
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15598c80a1c7a8528000b971a015141c11b1cc097eb489c18c388ad491879a7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:02 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:27 GMT
server: cloudflare
etag: "61b6a-5b42d2f833e01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLGyAFIFWMEzNc2RQT7j0Gl7V%2FyHP70ZQ4BuoaFkM8JWhClcH1eUFCUv777NYHBJFIAWjLDBHKd5QDeh1ltNkmBc3w8cAKYhy0%2Fc%2BkO7F04r1C1CJDSmnotjpgkIvEuheKzH4GFKd6esMHE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cc28f5c6e4bd608-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 400234

GET
H2 200 about2.png
1safeinc.com/imgs/ 377 KB
378 KB 2465ms
2464ms Image
image/png 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1safeinc.com/imgs/about2.png
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b7a049829389eabc84e1e38b697ecaee426b7554ab671bacb241e3fed260d39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:04 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:23 GMT
server: cloudflare
etag: "5e3f2-5b42d2f44dd54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7qD7iwsFM2Wkmn5OznZVWc2nA2Vbhgu8ctV8h%2BTNdOeVBE%2FrXkQNXkNcuXK9yxGy8Y98APE1e5NKwdbO0s8gCmuRcyYlke9YrfRcLjV4Xgw1%2FYjeQ4ZjLFBjfaIOuH9KWGBBuC4KgQ7z0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cc28f5c6e4ed608-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 386034

GET
H2 200 lights.png
1safeinc.com/imgs/ 407 KB
408 KB 857ms
856ms Image
image/png 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1safeinc.com/imgs/lights.png
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c1ee530d38bb79fa63a751ea734fe1f538d09d40d1c1c92af5ef24f0636cdec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:02 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:24 GMT
server: cloudflare
etag: "65c09-5b42d2f596eee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQkgeUkZ191YtIXsNHmBS1vRAH6ynzAnGxgt3wZRLzWYBhLeGv5MBIkBUm1FeSEdWJM9aD4aRoqzbtSWC5XIP%2FHDcSv2RgSxuQ%2FFs9JwlDdMgTkCjoKB30bAsfh8zvLGstEIMHoLxCFFftA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cc28f5c6e50d608-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 416777

GET
H3 200 man_cartoon.png
1safeinc.com/imgs/ 295 KB
296 KB 4342ms
4342ms Image
image/png 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1safeinc.com/imgs/man_cartoon.png
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:06 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:24 GMT
server: cloudflare
etag: "49c01-5b42d2f52a890"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FiUS%2BFYquiE5KQOokjBgc%2BOeAgeci1JWVTXmPCo60HZwc7P9jlxqQkFNQdEAj0aRrovGArDiOtSxERwvYkdV1i79w%2B6AYsZOsSP%2B4QgBZARhUoZHC4iUoJT9xh56qaPzcNB7BEGYZDWbI0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cc28f5d5cae3755-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 302081

GET
H3 200 phone_icon.png
1safeinc.com/imgs/ 1 KB
2 KB 3963ms
3962ms Image
image/png 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1safeinc.com/imgs/phone_icon.png
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e25f7e397c9ad98ede538c465f72ba014554f49a0c5551d5d82bad7da3bf85ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:06 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:22 GMT
server: cloudflare
etag: "538-5b42d2f3c22f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2oFhMym49Gx5woGOfHaHQb1lAjw%2FfoXw%2BV%2F4TgVkSvoa%2BT%2Fu%2BFHUp8C4sMclRsRApzy8BY6fg9Ift998g0XjqjHd5uDc%2Bst%2BNZCk042d35O8zdxFi7wsCymllddTBtJJCoF6l%2FC1JQDaFxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cc28f5d5cb03755-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1336

GET
H3 200 jquery-3.3.1.min.js Show response
1safeinc.com/js/ 85 KB
31 KB 3299ms
3298ms Script
text/javascript 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1safeinc.com/js/jquery-3.3.1.min.js
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b775ccbef88f0e5770cbfd46c2fe532b65c27a53cf8abe70a188d743032d7f78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:32 GMT
server: cloudflare
etag: W/"15393-5b42d2fd0062a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyIVRvzj6grgu4x8BZJ9VtBfft%2Bxr1gy5WfISLSj3%2BP8saPAEwhu7Rw0A4ytn8AzjC7b5sbZYeyNyO8vi1KntmMdxvWlZjbtT1KXo%2F4YTpoIorsJRJQsuDJQERjUYZ1%2FWVt%2F1J7AZ7o4Jyo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cc28f5d5cb43755-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 bootstrap.min.js Show response
1safeinc.com/js/ 62 KB
16 KB 3280ms
3280ms Script
text/javascript 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1safeinc.com/js/bootstrap.min.js
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f73b45dcecd7c30f6b9898ddc800a7da2ceac0066499d2b1de4bdc5fc2b60da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 15 Nov 2020 22:57:32 GMT
server: cloudflare
etag: W/"f80c-5b42d2fd2f429"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifb4qghxxlntXbEhJ2GWjbTNXx%2BB8NL912mG6pM0RFCBDR5FGmPPwtOMWvANlFMEA4wK1kG8ijphB%2B8vXEYyNGYPqBEsQtbpN%2Be2s%2BAz94FI%2BRyiNpTSqgbRJ9%2FqUyjI5En%2FgZix%2BOfiT1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cc28f5d5cb83755-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 css
fonts.googleapis.com/ 25 KB
1 KB 29ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap

Requested by

Host: 1safeinc.com
URL: https://1safeinc.com/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00c8eb28301cf1a0c2ff74264a1b5c80e592fb25c15391b73516823156e06ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 23:44:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 12 Jan 2022 01:20:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Jan 2022 01:20:02 GMT

GET
H3 200 / Show response
1safeinc.com/ 20 KB
5 KB 407ms
405ms XHR
text/html 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1safeinc.com/
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/js/jquery-3.3.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcede2439c18e494c53bb6c6f49c85963a8a8ae03d04c66872d885116db2f652

Request headers

Accept: */*
Referer: https://1safeinc.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 15 Nov 2020 22:57:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DE0w2GNrdnkzsODdm0eGXTfpPtGe9XXEQs6icehAnfKIWLBOT0J1tURT7%2FtgrrGPDWczQVff3Izn0ws8YbfwHHfRTiemdf%2FOWqKsHN7vhaIYXXuPbgACfMIgIVzczYKEYOHhM%2Fyh0RjJ%2FYA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 6cc28f738b393755-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 404 CALIFR.TTF
1safeinc.com/css/ 0
0 405ms
404ms Font
text/html 2606:4700:3031::ac43:9392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1safeinc.com/css/CALIFR.TTF
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:9392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://1safeinc.com/css/style.css
Origin: https://1safeinc.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:06 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wHx6jLu2PeA%2F3cBmqRZg0TlHHIUQw3OiXYp%2BmuDZfDFYJ4RsVBS2j321yjhe9rAfmGvK4xDup7hmKgmgDRWjfeucK37w0iREViOuJPdz9bjLfF%2FKsCM3D0aJ1b04nz%2BV%2Fc9AtB8xEc7jkY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6cc28f738b3e3755-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 tracking.js Show response
leostop.com/tracking/ 1 KB
1 KB 346ms
298ms Script
application/javascript 2606:4700:3030::ac43:c4d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://leostop.com/tracking/tracking.js?_=1641950405660
Requested by: Host: 1safeinc.com
URL: https://1safeinc.com/js/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c4d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c8cc127719e3993f661514dbe8431acde258f34f2cab63675f119572ee91cfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 01:20:06 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 14 Dec 2019 13:47:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QftdZAjQOpsSefxgQpVc6BEeWxh8sPQr5ZSj3JFhO6R1rpfdoIfAIXX1yIUMfrpx6rEQmkV3sbGL9addVuXSqHMPilgFGQ8U5ll0EpqnuXYmTIYA%2FphbrYk%2BxviYn2oybMCfD04%2FthuWBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6cc28f7769123761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 525

GET
H3

403

Primary Request tracking.php Show response
leostop.com/tracking/
Redirect Chain

http://leostop.com/tracking/tracking.php?full_url=https://1safeinc.com/
https://leostop.com/tracking/tracking.php?full_url=https://1safeinc.com/

584 B
968 B

336ms
299ms

Document
text/html

2606:4700:3030::ac43:c4d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://leostop.com/tracking/tracking.php?full_url=https://1safeinc.com/
Requested by: Host: leostop.com
URL: https://leostop.com/tracking/tracking.js?_=1641950405660
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:c4d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bf5e5ca85ce6ad688a371a2d67d083c0be0dc4200bb39ddd125de745d9fdff5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1safeinc.com/

Response headers

date: Wed, 12 Jan 2022 01:20:06 GMT
content-type: text/html
last-modified: Sun, 02 May 2021 11:22:55 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tR2G7rFKyYbzj%2BZWOUYdkXxltArOKprPRxM8HcAv8MGglixbQDR2yyUC%2FLhzUWM2FlIXpfEKHay45zoyQqD2gRqwArXad5XZQir2R9FeS5PPpgw2Mpa8hUI%2FkuDoW3uz%2FYiPoC1kmSp9EA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6cc28f79ba2783ae-MXP
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Wed, 12 Jan 2022 01:20:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 12 Jan 2022 02:20:06 GMT
Location: https://leostop.com/tracking/tracking.php?full_url=https://1safeinc.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tYy8IjSpc8Q7pK9b%2BJrGiEajsW86yGMpVjipAORfA0w1KwkGBuAxQeSP2hzdd%2BpsR6NtJdzbvvS4x25UjuzSKER97THvcMXuvj5MA%2FnMSCi%2BgffcGl9pNqmr0EYvQ4ASQ1NEB0B9UKlLw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6cc28f7958d23746-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK sk-jspark_init.php Show response
cdn.jsinit.directfwd.com/ 2 KB
812 B 193ms
13ms Script
text/javascript 92.123.225.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsinit.directfwd.com/sk-jspark_init.php
Requested by: Host: leostop.com
URL: https://leostop.com/tracking/tracking.php?full_url=https://1safeinc.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.225.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-9.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: f2475c2555b56eaf5f8be09c16f2ee7b7b9620d8b093c884d2f8d8a218c1efd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://leostop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 01:20:07 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Content-Length: 600
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK sk-jspark.php Show response
findquickresultsnow.com/ 1 KB
2 KB 679ms
164ms Script
text/javascript 208.91.196.46
CONFLUENCE-NETWOR...

General

Check archive.org

Show headers Download Go to

Full URL: https://findquickresultsnow.com/sk-jspark.php?dn=leostop.com&pid=9POBEX80W&kwrf=https%3A%2F%2Fleostop.com%2Ftracking%2Ftracking.php%3Ffull_url%3Dhttps%3A%2F%2F1safeinc.com%2F&reqref=
Requested by: Host: cdn.jsinit.directfwd.com
URL: https://cdn.jsinit.directfwd.com/sk-jspark_init.php
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 208.91.196.46 , Virgin Islands (British), ASN40034 (CONFLUENCE-NETWORK-INC, VG),
Reverse DNS
Software: Apache /
Resource Hash: 356af08d0463121005183c3b96d4a4f3e7dd9324a5a558eb4474b2322e5084b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://leostop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Jan 2022 01:20:07 GMT
Server: Apache
Content-Type: text/javascript;charset=UTF-8
Cache-Control: private, no-cache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 1330
Expires: Mon, 22 Jul 2002 11:12:01 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			1safeinc.com/	1970-01-20 00:11:05	Name: hname1safeinc.com Value: 1safeinc.com

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://1safeinc.com/css/CALIFR.TTF Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://leostop.com/tracking/tracking.php?full_url=https://1safeinc.com/ Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1safeinc.com
cdn.jsinit.directfwd.com
findquickresultsnow.com
fonts.googleapis.com
leostop.com
208.91.196.46
2606:4700:3030::ac43:c4d4
2606:4700:3031::ac43:9392
2a00:1450:4001:82f::200a
92.123.225.9
00c8eb28301cf1a0c2ff74264a1b5c80e592fb25c15391b73516823156e06ec2
0c1ee530d38bb79fa63a751ea734fe1f538d09d40d1c1c92af5ef24f0636cdec
0dcae25f2536966b8e8f29c779161c3e009b29b63007d65081e48370182c9a53
15598c80a1c7a8528000b971a015141c11b1cc097eb489c18c388ad491879a7a
215aee62250cdd16bbdc25ef64a4b568cd954fb3071fea610ceeaa98dec5ff88
26f6392af2b724c4b7190dbc711cb473c8529d147a91175cd0393f08ead09041
356af08d0463121005183c3b96d4a4f3e7dd9324a5a558eb4474b2322e5084b7
3bf5e5ca85ce6ad688a371a2d67d083c0be0dc4200bb39ddd125de745d9fdff5
3f73b45dcecd7c30f6b9898ddc800a7da2ceac0066499d2b1de4bdc5fc2b60da
4c8cc127719e3993f661514dbe8431acde258f34f2cab63675f119572ee91cfa
5418bf9c8d93c595ac0a6735b6230d2732c9d4c918a8a1211f341e4559e41d4e
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
6eda27a736f5de4901d3ef686ba531538018b9dc8203e5a2703b68cf958d8c01
7a0006576ccc4053cec6b2c099124e1d171def3641e85918cf66836c6d9e8653
8b7a049829389eabc84e1e38b697ecaee426b7554ab671bacb241e3fed260d39
906715e174dae3d0b220eec10f550d88bb09fa3a1ec4343f140dcb94b5b13636
96a4ebe886f82dd197006ab4e0b5cb4cac2cf62d932de639a080f00dde7ddf17
a3f3992ac77b0c55a1d1fb40082b84b94003299bebcef0a4bd55a8bd21e8de19
b775ccbef88f0e5770cbfd46c2fe532b65c27a53cf8abe70a188d743032d7f78
c9810a9450a8609f05db2105daf2c776089d6ab9ffe56ec94cde4a7e5fb165fc
dcede2439c18e494c53bb6c6f49c85963a8a8ae03d04c66872d885116db2f652
e25f7e397c9ad98ede538c465f72ba014554f49a0c5551d5d82bad7da3bf85ef
f2475c2555b56eaf5f8be09c16f2ee7b7b9620d8b093c884d2f8d8a218c1efd3

leostop.com Open in urlscan Pro 2606:4700:3030::ac43:c4d4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

96 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

4206 kBTransfer

4539 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

leostop.com Open in urlscan Pro
2606:4700:3030::ac43:c4d4 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

96 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

4206 kB
Transfer

4539 kB
Size

1
Cookies

26 HTTP transactions
0 data transactions