safeoff.ru Open in urlscan Pro
2606:4700:3036::ac43:defa Public Scan

Go To Rescan
Add Verdict Report

URL:
https://safeoff.ru/
Submission: On December 20 via automatic, source certstream-suspicious (December 20th 2021, 11:31:03 am UTC) — Scanned from DE

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 7 countries across 33 domains to perform 48 HTTP transactions. The main IP is 2606:4700:3036::ac43:defa, located in United States and belongs to CLOUDFLARENET, US. The main domain is safeoff.ru.
TLS certificate: Issued by R3 on December 20th 2021. Valid for: 3 months.

This is the only time safeoff.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3036::ac43:defa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1	62.76.25.27 62.76.25.27	61400 (NETRACK-AS) (NETRACK-AS)
1	45.130.41.21 45.130.41.21	198610 (BEGET-AS) (BEGET-AS)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3 5	185.26.99.58 185.26.99.58	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	217.12.104.100 217.12.104.100	15632 (ALFA-BANK-AS) (ALFA-BANK-AS)
1 2	178.248.232.86 178.248.232.86	197068 (QRATOR) (QRATOR)
1 2	93.171.201.16 93.171.201.16	50245 (SERVEREL-AS) (SERVEREL-AS)
1	193.233.15.88 193.233.15.88	42745 (SAFEVALUE-AS) (SAFEVALUE-AS)
1	93.171.200.6 93.171.200.6	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
2 4	95.163.127.66 95.163.127.66	12695 (DINET-AS) (DINET-AS)
1 2	93.171.200.41 93.171.200.41	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
2 3	5.187.6.153 5.187.6.153	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	188.42.198.44 188.42.198.44	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700:10:... 2606:4700:10::6816:3d96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	190.115.31.9 190.115.31.9	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
2 3	5.101.158.167 5.101.158.167	198610 (BEGET-AS) (BEGET-AS)
1	2a00:f940:4::8 2a00:f940:4::8	197695 (AS-REG) (AS-REG)
1 2	2a03:6f00:1:2... 2a03:6f00:1:2::5c35:746b	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1 2	91.236.136.100 91.236.136.100	44094 (WEBHOST1-AS) (WEBHOST1-AS)
1	2606:4700:20:... 2606:4700:20::681a:dc8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.253.61.220 34.253.61.220	16509 (AMAZON-02) (AMAZON-02)
2 2	104.111.216.213 104.111.216.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	62.128.97.7 62.128.97.7	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
1 1	104.111.214.74 104.111.214.74	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6814:34a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	116.202.164.135 116.202.164.135	24940 (HETZNER-AS) (HETZNER-AS)
1	5.253.61.60 5.253.61.60	211642 (ADMINVPS) (ADMINVPS)
1 2	185.26.122.131 185.26.122.131	62082 (HOSTLAND) (HOSTLAND)
1 1	185.203.72.141 185.203.72.141	42240 (VARITI-IN...) (VARITI-INT-AS)
1	185.165.123.99 185.165.123.99	64432 (VARITI-AS) (VARITI-AS)
1 2	78.110.50.108 78.110.50.108	31240 (HT-SYSTEM...) (HT-SYSTEMS-AS Uplinks:)
48	30

9 2606:4700:3036::ac43:defa (United States)

ASN13335 (CLOUDFLARENET, US)

safeoff.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.76.25.27 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)

qiklsv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.130.41.21 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.quasar.beget.com

static20.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.26.99.58 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde333-2.fornex.org

ad.admitad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.12.104.100 (Moscow, Russian Federation)

ASN15632 (ALFA-BANK-AS, RU)

alfabank.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.248.232.86 (Russian Federation) 1 redirects

ASN197068 (QRATOR, RU)

webmaster.leads.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.171.201.16 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: gw.gogetlinks.net

www.gogetlinks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.233.15.88 (Russian Federation)

ASN42745 (SAFEVALUE-AS, DE)

www.rookee.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.171.200.6 (Czech Republic)

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: www.miralinks.ru

www.miralinks.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.163.127.66 (Moscow, Russian Federation) 2 redirects

ASN12695 (DINET-AS, RU)

advego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.171.200.41 (Czech Republic) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: kwork.ru

kwork.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.187.6.153 (Frankfurt am Main, Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde392-1.fornex.org

letyshops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.198.44 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

aviasales.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3d96 (United States)

ASN13335 (CLOUDFLARENET, US)

www.aviasales.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 190.115.31.9 (Belize City, Belize) 2 redirects

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net

allpositions.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.101.158.167 (Russian Federation) 2 redirects

ASN198610 (BEGET-AS, RU)

beget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:f940:4::8 (Russian Federation)

ASN197695 (AS-REG, RU)

www.reg.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:6f00:1:2::5c35:746b (Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)

timeweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.236.136.100 (Moscow, Russian Federation) 1 redirects

ASN44094 (WEBHOST1-AS, RU)
PTR: bill.webhost1.ru

webhost1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:dc8 (United States)

ASN13335 (CLOUDFLARENET, US)

text.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.61.220 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-61-220.eu-west-1.compute.amazonaws.com

www.etxt.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.216.213 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-213.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.aliexpress.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.128.97.7 (Moscow, Russian Federation) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

best.aliexpress.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.214.74 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-74.deploy.static.akamaitechnologies.com

login.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:34a1 (United States)

ASN13335 (CLOUDFLARENET, US)

hostiq.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.164.135 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: my.adminvps.ru

my.adminvps.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.253.61.60 (Russian Federation)

ASN211642 (ADMINVPS, RU)

adminvps.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.26.122.131 (Russian Federation) 1 redirects

ASN62082 (HOSTLAND, RU)
PTR: serv131.hostland.ru

www.hostland.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.203.72.141 (Russian Federation) 1 redirects

ASN42240 (VARITI-INT-AS, CH)

fozzy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.165.123.99 (Russian Federation)

ASN64432 (VARITI-AS, RU)

ohio8.vchecks.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.110.50.108 (Moscow, Russian Federation) 1 redirects

ASN31240 (HT-SYSTEMS-AS Uplinks:, RU)
PTR: c6-w.ht-systems.ru

www.hts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	safeoff.ru safeoff.ru	304 KB
6	gstatic.com fonts.gstatic.com	72 KB
5	admitad.com 3 redirects ad.admitad.com	1 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
4	advego.com 2 redirects advego.com	273 B
3	aliexpress.ru 2 redirects best.aliexpress.ru login.aliexpress.ru	2 KB
3	beget.com 2 redirects beget.com	514 B
3	allpositions.ru 2 redirects allpositions.ru	413 B
3	letyshops.com 2 redirects letyshops.com	1 KB
2	hts.ru 1 redirects www.hts.ru	1 KB
2	hostland.ru 1 redirects www.hostland.ru	133 B
2	adminvps.ru 1 redirects my.adminvps.ru adminvps.ru	612 B
2	aliexpress.com 2 redirects s.click.aliexpress.com login.aliexpress.com	3 KB
2	etxt.ru 1 redirects www.etxt.ru	403 B
2	webhost1.ru 1 redirects webhost1.ru	2 KB
2	timeweb.com 1 redirects timeweb.com	3 KB
2	aviasales.ru 1 redirects aviasales.ru www.aviasales.ru	90 B
2	kwork.ru 1 redirects kwork.ru	610 B
2	gogetlinks.net 1 redirects www.gogetlinks.net	675 B
2	leads.su 1 redirects webmaster.leads.su	733 B
2	yandex.ru 1 redirects mc.yandex.ru	67 KB
1	vchecks.io ohio8.vchecks.io
1	fozzy.com 1 redirects fozzy.com	626 B
1	hostiq.ua hostiq.ua
1	text.ru text.ru
1	reg.ru www.reg.ru
1	miralinks.ru www.miralinks.ru
1	rookee.ru www.rookee.ru
1	alfabank.ru alfabank.ru
1	gravatar.com secure.gravatar.com	2 KB
1	static20.online static20.online	6 KB
1	qiklsv.com qiklsv.com	19 KB
1	googleapis.com fonts.googleapis.com	1 KB
48	33

	Domain	Requested by
9	safeoff.ru	safeoff.ru
6	fonts.gstatic.com	fonts.googleapis.com
5	ad.admitad.com	3 redirects
5	mc.yandex.com	2 redirects safeoff.ru
4	advego.com	2 redirects
3	beget.com	2 redirects
3	allpositions.ru	2 redirects
3	letyshops.com	2 redirects
2	www.hts.ru	1 redirects
2	www.hostland.ru	1 redirects
2	best.aliexpress.ru	1 redirects
2	www.etxt.ru	1 redirects
2	webhost1.ru	1 redirects
2	timeweb.com	1 redirects
2	kwork.ru	1 redirects
2	www.gogetlinks.net	1 redirects
2	webmaster.leads.su	1 redirects
2	mc.yandex.ru	1 redirects safeoff.ru
1	ohio8.vchecks.io
1	fozzy.com	1 redirects
1	adminvps.ru
1	my.adminvps.ru	1 redirects
1	hostiq.ua
1	login.aliexpress.ru	1 redirects
1	login.aliexpress.com	1 redirects
1	s.click.aliexpress.com	1 redirects
1	text.ru
1	www.reg.ru
1	www.aviasales.ru
1	aviasales.ru	1 redirects
1	www.miralinks.ru
1	www.rookee.ru
1	alfabank.ru
1	secure.gravatar.com	safeoff.ru
1	static20.online	safeoff.ru
1	qiklsv.com	safeoff.ru
1	fonts.googleapis.com	safeoff.ru
48	37

This site contains no links.

Subject Issuer	Validity	Valid
*.safeoff.ru R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
qiklsv.com R3	`2021-12-10` - `2022-03-10`	3 months	crt.sh
static20.online R3	`2021-11-07` - `2022-02-05`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.rookee.ru R3	`2021-11-11` - `2022-02-09`	3 months	crt.sh
miralinks.ru Sectigo RSA Domain Validation Secure Server CA	`2021-06-07` - `2022-07-08`	a year	crt.sh
www.reg.ru GlobalSign Extended Validation CA - SHA256 - G3	`2021-07-16` - `2022-08-15`	a year	crt.sh
advego.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-17` - `2022-10-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
hostiq.ua Sectigo RSA Extended Validation Secure Server CA	`2021-11-01` - `2022-12-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://safeoff.ru/
Frame ID: 132E46076BD7AA1DBB8F6B915DDFCB4C
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

СМИ -

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

48
Requests

56 %
HTTPS

29 %
IPv6

33
Domains

37
Subdomains

30
IPs

7
Countries

471 kB
Transfer

1305 kB
Size

28
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9493.OAfj8A2Specp8H0QzlcYHrc3b7e73hzp9_WFjG9s09SMonD6DI_jYImEFCbNbVlP.p0iPrbMkw9qQveyNPc6gtxx9cls%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9493.4fcNafk47Ovd89Xt_DVc8HJnu1MVM1ZJvfEP1-tV0LbtPXr2Tq3qDIKj8UPVQVpmFI58yKtBuOGTw5Fl4afQfQ%2C%2C.TvJ0qFtk3sg1QRyFhN1y5J1CiAs%2C

Request Chain 21

https://mc.yandex.com/watch/83393584?wmode=7&page-url=https%3A%2F%2Fsafeoff.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A1001633355276%3Ahid%3A1045669086%3Az%3A0%3Ai%3A20211220113056%3Aet%3A1639999857%3Ac%3A1%3Arn%3A427555457%3Arqn%3A1%3Au%3A1639999857849055659%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639999856032%3Ads%3A18%2C22%2C207%2C7%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A18%2C22%2C207%2C8%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639999857%3At%3A%D0%A1%D0%9C%D0%98%20-&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/83393584/1?wmode=7&page-url=https%3A%2F%2Fsafeoff.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A1001633355276%3Ahid%3A1045669086%3Az%3A0%3Ai%3A20211220113056%3Aet%3A1639999857%3Ac%3A1%3Arn%3A427555457%3Arqn%3A1%3Au%3A1639999857849055659%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639999856032%3Ads%3A18%2C22%2C207%2C7%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A18%2C22%2C207%2C8%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639999857%3At%3A%D0%A1%D0%9C%D0%98%20-&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 22

https://ad.admitad.com/g/i352cbwpfvd7bbbf08bf1cb5598fff/ HTTP 302
https://alfabank.ru/get-money/credit-cards/land/100-days-cpa/?platformId=alfapartners_cpa_118_CC-visaclassic-70field-sale-162273-0-admitad-237669-cpanetwork_b0e07b3127a1680fef03c128bc2682de&afclick=b0e07b3127a1680fef03c128bc2682de&utm_source=alfapartners&utm_medium=cpa&utm_campaign=118&utm_content=alfapartners_cpa_118_CC-visaclassic-70field-sale-162273-0-admitad-237669-cpanetwork_b0e07b3127a1680fef03c128bc2682de&card=master_card_mass&utm_term=b0e07b3127a1680fef03c128bc2682de&sub2=10&sub3=1cb5598fff

Request Chain 23

https://webmaster.leads.su/register?ref_id=142994 HTTP 302
https://webmaster.leads.su/register

Request Chain 24

https://www.gogetlinks.net/?inv=j0ptqg HTTP 302
https://www.gogetlinks.net/

Request Chain 27

https://advego.com/34gETAH5AN HTTP 301
https://advego.com/34gETAH5AN/ HTTP 301
https://advego.com/

Request Chain 28

https://kwork.ru/ref/116548 HTTP 302
https://kwork.ru/

Request Chain 29

https://letyshops.com/ua/soc/sh-1?r=12096197 HTTP 302
https://letyshops.com/uk/soc/sh-1?r=12096197 HTTP 302
https://letyshops.com/uk/winwin?ww=12096197

Request Chain 30

https://aviasales.ru/?marker=229555 HTTP 301
https://www.aviasales.ru/?marker=229555

Request Chain 31

https://allpositions.ru/redirect/289201 HTTP 301
https://allpositions.ru/redirect/index/289201/1 HTTP 301
https://allpositions.ru/

Request Chain 32

https://beget.com/p534763 HTTP 301
https://beget.com/ HTTP 301
https://beget.com/ru

Request Chain 34

https://timeweb.com/ru/?i=50887 HTTP 301
https://timeweb.com/ru/

Request Chain 35

https://webhost1.ru/?r=47552 HTTP 303
https://webhost1.ru/

Request Chain 38

https://www.etxt.ru/?r=anakot2010 HTTP 301
https://www.etxt.ru/

Request Chain 39

https://ad.admitad.com/g/6dadf43a4dd7bbbf08bff76aa61bb5/ HTTP 302
https://ad.admitad.com/dummy/?w=523986&c=3081&r=3&d=3&g=DE&x=7792c641eacccb080c9a7d1c383bfe75&y=7792c641eacccb080c9a7d1c383bfe75

Request Chain 40

https://ad.admitad.com/g/207bcbdf4cd7bbbf08bf159ac4a8d3/ HTTP 302
https://ad.admitad.com/dummy/?w=523986&c=2402&r=3&d=3&g=DE&x=84daccf0b408eb110d6cde2077e67dc4&y=84daccf0b408eb110d6cde2077e67dc4

Request Chain 41

https://s.click.aliexpress.com/e/_dSydzZH?dp=safeoff.ru HTTP 302
https://best.aliexpress.ru/?dp=safeoff.ru&aff_fcid=b2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH&aff_fsk=_dSydzZH&aff_platform=portals-tool&sk=_dSydzZH&aff_trace_key=b2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH&terminal_id=3c2093182ba34f3699bbeff01391e94f HTTP 302
https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fbest.aliexpress.ru%2F%3Fdp%3Dsafeoff.ru%26aff_fcid%3Db2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH%26aff_fsk%3D_dSydzZH%26aff_platform%3Dportals-tool%26sk%3D_dSydzZH%26aff_trace_key%3Db2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH%26terminal_id%3D3c2093182ba34f3699bbeff01391e94f HTTP 302
https://login.aliexpress.ru/sync_cookie_write.htm?acs_random_token=3c2093182ba34f3699bbeff01391e94f&xman_goto=https%3A%2F%2Fbest.aliexpress.ru%2F%3Fdp%3Dsafeoff.ru%26aff_fcid%3Db2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH%26aff_fsk%3D_dSydzZH%26aff_platform%3Dportals-tool%26sk%3D_dSydzZH%26aff_trace_key%3Db2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH%26terminal_id%3D3c2093182ba34f3699bbeff01391e94f HTTP 302
https://best.aliexpress.ru/?dp=safeoff.ru&aff_fcid=b2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH&aff_fsk=_dSydzZH&aff_platform=portals-tool&sk=_dSydzZH&aff_trace_key=b2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH&terminal_id=3c2093182ba34f3699bbeff01391e94f

Request Chain 43

https://my.adminvps.ru/aff.php?aff=700 HTTP 301
https://adminvps.ru/

Request Chain 44

https://www.hostland.ru/?r=3a81d50b HTTP 302
https://www.hostland.ru/

Request Chain 45

https://fozzy.com/aff.php?aff=16811 HTTP 307
https://ohio8.vchecks.io/share/wUg9X11nICg1?sid=2508&scheme=https&host=fozzy.com&uri=%2faff.php%3faff%3d16811%26utm_referrer%3dhttps%253a%252f%252fsafeoff.ru%252f&t=1639999858157&sad=v%2fW8d2Sg%3d%3d&uid=YSDCDhUWZkjW9wRq&uct=1639999858156&kct=0&m=2&ver=7&flags=2178&ua=14234534012806063377&v=9cl61mkEeKMAXsFWbsPiGg

Request Chain 46

https://www.hts.ru/?affid=68551 HTTP 302
https://www.hts.ru/

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
safeoff.ru/ 171 KB
32 KB 248ms
207ms Document
text/html 2606:4700:3036::ac43:defa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safeoff.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:defa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.25
Resource Hash: d8f505ba7a484f8e86696989ee463eb16bc2643bf976c697958e952f7d7bd981

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 20 Dec 2021 11:30:56 GMT
content-type: text/html
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mv85zKLNEqgk%2FFxH5zRLNYy5xm%2B0lTGZeC5WvfGQaPhMV%2BEppg%2FT2Q%2BRcRpSPXCmgne%2BwGS3OO08g%2F%2FChnUoEmZYR5FfSx1P03D8uRmFb6Pipucy7upc2H9yFfgnwIYF1YLxag9EfRv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c088a9c79bf690d-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bgrdx.css
safeoff.ru/wp-content/cache/wpfc-minified/mnpi86dp/ 101 KB
15 KB 628ms
627ms Stylesheet
text/css 2606:4700:3036::ac43:defa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safeoff.ru/wp-content/cache/wpfc-minified/mnpi86dp/bgrdx.css
Requested by: Host: safeoff.ru
URL: https://safeoff.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:defa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4fa7e11b99d09f049a451697352b47cf137deb9bd8fe412e4c97da2499badf4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 11:30:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Sep 2021 18:31:25 GMT
server: cloudflare
etag: W/"6131187d-19221"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFw%2F9hUG1hEUivzEJ9GcTZgw%2FT0243vLyRVDaQdGtwq5dIoWRZ%2BkDP82YVb8voRvixOcWFKPcUBhPYIRBJa8upfAfl8eVbH1uBcFb26wH9Z8nwnwkDfYcUiNgsaiMIAB19OGvts6dSFe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c088a9ded1c690d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 27 Dec 2021 11:30:56 GMT

GET
H2 200 plugins.min.css
safeoff.ru/wp-content/themes/breek/assets/dist/ 134 KB
22 KB 164ms
163ms Stylesheet
text/css 2606:4700:3036::ac43:defa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safeoff.ru/wp-content/themes/breek/assets/dist/plugins.min.css
Requested by: Host: safeoff.ru
URL: https://safeoff.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:defa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e28ce4da066f65906b1e845fff11a70ea50f25e4900cad812674e5011af9b6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 11:30:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 09 Jul 2021 13:28:24 GMT
server: cloudflare
etag: W/"60e84ef8-21792"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRt5DRVjMoFJk2fSobi4V6ZhkadFSqKt7gRm5ud02tYMITZ0SUVn%2FbyPZVe0oQng5DPvoheD15zlGTXCGZZunhF8xiK2TNQ8yVU0CgQx8%2BOsulLVToICdft4jSorJ%2FGuREtVbEKNdruo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c088a9ded21690d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 27 Dec 2021 11:30:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C500%2C600%2C600i%2C700%2C700i%7CMontserrat%3A400%2C500%2C600%2C700&subset=latin%2Clatin-ext&display=swap

Requested by

Host: safeoff.ru
URL: https://safeoff.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b5a74d19cf6cf7708cb896be63a375880eb78c491273fcc381d00d1784b4ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Dec 2021 10:06:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 20 Dec 2021 11:30:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Dec 2021 11:30:56 GMT

GET
H2 200 bgqpd.js Show response
safeoff.ru/wp-content/cache/wpfc-minified/8hwiwp8t/ 215 KB
67 KB 207ms
206ms Script
application/x-javascript 2606:4700:3036::ac43:defa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safeoff.ru/wp-content/cache/wpfc-minified/8hwiwp8t/bgqpd.js
Requested by: Host: safeoff.ru
URL: https://safeoff.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:defa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08ad491da424e3272d228e0c8751e48afd3b473958730969afdf619d39a7e558

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 11:30:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Sep 2021 18:27:21 GMT
server: cloudflare
etag: W/"61311789-35d30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wc8kW57wIlPFBDMZQ1juIm5U%2BYeXtmjsGbv9IgC3RRvuYtpSkvYjsuhTn0YRkw0Tsu9NadEf1oXtsh9lXa1fai1CN9alLDVztCL9N4q0PJJyxlZ6LIF98boa6AfUGbdPI9FlmId90BVb"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c088a9ded24690d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 27 Dec 2021 11:30:56 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 194 KB
66 KB 122ms
57ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: safeoff.ru
URL: https://safeoff.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

debb229daffbe34e17c32f8d56a72dfa9ba4debfcfcb330e733bf56d88da117c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 11:30:56 GMT
content-encoding: br
last-modified: Wed, 15 Dec 2021 16:08:50 GMT
etag: "61b9e8e2-107fa"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 67578
expires: Mon, 20 Dec 2021 12:30:56 GMT

GET
H2 200 678qvu876kpyd3.php Show response
qiklsv.com/yo11l7219ilvpm0y03h8q/ 58 KB
19 KB 168ms
49ms Script
application/javascript 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qiklsv.com/yo11l7219ilvpm0y03h8q/678qvu876kpyd3.php
Requested by: Host: safeoff.ru
URL: https://safeoff.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 33d33233fa304cba9ad1dac86ba996e277c70ccc98ba40bc8108870947581357

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 11:30:56 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 11:24:02 GMT
server: nginx/1.14.2
etag: "61714dd2-4abc"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 19132

GET
H2 200 frontend.min.js Show response
safeoff.ru/wp-content/plugins/wp-user-avatar/assets/js/ 9 KB
3 KB 135ms
134ms Script
application/x-javascript 2606:4700:3036::ac43:defa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safeoff.ru/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js
Requested by: Host: safeoff.ru
URL: https://safeoff.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:defa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3684b8902fe2f3f96b32be42dca7f2621827f8c8b92fde984b5b1787dd06a17b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 11:30:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 Nov 2021 11:29:16 GMT
server: cloudflare
etag: W/"6194e78c-236e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPAsgWB%2BSC2QWlcq8uOCodnGZzHme3%2F8Loj2SGo2S2JS5h7H5%2FLMK9d5OOLLz7AaERMVxS5NkXOWE%2BF5mhn8lt8IGauQBkbW1RXyzQb17Jk9QO5qSyNAB%2B3aPXd61tf7Yng4I9tJXBXd"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c088a9ded36690d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 27 Dec 2021 11:30:56 GMT

GET
H2 200 scripts.min.js Show response
safeoff.ru/wp-content/themes/breek/assets/dist/ 229 KB
72 KB 218ms
218ms Script
application/x-javascript 2606:4700:3036::ac43:defa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safeoff.ru/wp-content/themes/breek/assets/dist/scripts.min.js
Requested by: Host: safeoff.ru
URL: https://safeoff.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:defa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eeb7f7ce3e04b16c90f7c45b3a797a29b2ec14507bb3bb0810bb4183d582bc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 11:30:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 09 Jul 2021 13:28:24 GMT
server: cloudflare
etag: W/"60e84ef8-393d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lH8nPRYA8zxeAYBdAickrSpJ4CLtWsHEVRC6Qz5OQHRLAJX1J2KBuERqBu0FCjzndLK4Cpwx7aKdoP0GyU9oR5ap6NmIb5wVKyeJt%2BEG5FLEncA42umy75K9Xx18iyq70hASCkOxG8%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c088a9ded3a690d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 27 Dec 2021 11:30:56 GMT

GET
H2 200 q2w3-fixed-widget.min.js Show response
safeoff.ru/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 121ms
121ms Script
application/x-javascript 2606:4700:3036::ac43:defa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safeoff.ru/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js
Requested by: Host: safeoff.ru
URL: https://safeoff.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:defa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 11:30:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Sep 2021 18:23:48 GMT
server: cloudflare
etag: W/"613116b4-1108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NcojtyjAxmhxsA%2FfUYow2QkNeuBMO%2FZe22nHbgtxxNuyMvWyN9vvALAtsytxvAtPpvkTvXbd4%2BXgMZtxNcnyLxbr6gHx4u1R4n8ctShP4fyL%2FLDxS%2BUyOuAlnQUB0%2B%2BySWEjJDZFClz"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c088a9ded3f690d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 27 Dec 2021 11:30:56 GMT

GET
H2 200 statistics.js Show response
static20.online/ 13 KB
6 KB 175ms
44ms Script
application/x-javascript 45.130.41.21
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static20.online/statistics.js
Requested by: Host: safeoff.ru
URL: https://safeoff.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quasar.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 7cb47f56d6d8f8829f831bf4f1132b2e0d848b0289dc69179c0407b931f89b28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 11:30:57 GMT
content-encoding: gzip
last-modified: Sat, 16 May 2020 18:04:32 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ec02b30-3517"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 27 Dec 2021 11:30:57 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9493.OAfj8A2Specp8H0QzlcYHrc3b7e73hzp9_WFjG9s09SMonD6DI_jYImEFCbNbVlP.p0iPrbMkw9qQveyNPc6gtxx9cls%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9493.4fcNafk47Ovd89Xt_DVc8HJnu1MVM1ZJvfEP1-tV0LbtPXr2Tq3qDIKj8UPVQVpmFI58yKtBuOGTw5Fl4afQfQ%2C%2C.TvJ0qFtk3sg1QRyFhN1y5J1CiAs%2C

75 B
75 B

36ms
36ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9493.4fcNafk47Ovd89Xt_DVc8HJnu1MVM1ZJvfEP1-tV0LbtPXr2Tq3qDIKj8UPVQVpmFI58yKtBuOGTw5Fl4afQfQ%2C%2C.TvJ0qFtk3sg1QRyFhN1y5J1CiAs%2C

Requested by

Host: safeoff.ru
URL: https://safeoff.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 11:30:57 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9493.4fcNafk47Ovd89Xt_DVc8HJnu1MVM1ZJvfEP1-tV0LbtPXr2Tq3qDIKj8UPVQVpmFI58yKtBuOGTw5Fl4afQfQ%2C%2C.TvJ0qFtk3sg1QRyFhN1y5J1CiAs%2C
date: Mon, 20 Dec 2021 11:30:57 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 11-besshovnaya-tekstura-dlya-sayta-tekstil.png
safeoff.ru/wp-content/uploads/2020/04/ 2 KB
3 KB 125ms
125ms Image
image/png 2606:4700:3036::ac43:defa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safeoff.ru/wp-content/uploads/2020/04/11-besshovnaya-tekstura-dlya-sayta-tekstil.png
Requested by: Host: safeoff.ru
URL: https://safeoff.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:defa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ecaddb1fbc5f091c1d9b535fe34188b7cac56b3a0d7ce7a7a683212e18ff0c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 11:30:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2360
last-modified: Fri, 09 Jul 2021 13:28:24 GMT
server: cloudflare
etag: "60e84ef8-938"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84JoQocqBOJj7kSHMmpQJPOJJ6GxXSCZoN1IzwurFt%2B4dEmnP4EFHygutJ6pyFQ5npzMy%2FZSt5YQFeGTfVD4It9dI9A7ncfKZ5g5%2B7ANrC45BKPs1c9ZKpjmml2Gml3ttkQj3IJ%2FZqvL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c088aa1f86c5c74-FRA
expires: Wed, 19 Jan 2022 11:30:57 GMT

GET
H2 200 56746107bcbada33ad42f409d598bb6b
secure.gravatar.com/avatar/ 1 KB
2 KB 27ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/56746107bcbada33ad42f409d598bb6b?s=90&d=mm&r=g
Requested by: Host: safeoff.ru
URL: https://safeoff.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a3ae56687b2e271008caa899486e00cf5ffb43bb9291d35d892f9a1ad1d84ba7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 20 Dec 2021 11:30:56 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="56746107bcbada33ad42f409d598bb6b.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/56746107bcbada33ad42f409d598bb6b?s=90&d=mm&r=g>; rel="canonical"
content-length: 1486
expires: Mon, 20 Dec 2021 11:35:56 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C500%2C600%2C600i%2C700%2C700i%7CMontserrat%3A400%2C500%2C600%2C700&subset=latin%2Clatin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safeoff.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 20:12:20 GMT
x-content-type-options: nosniff
age: 487116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 20:12:20 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 35ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safeoff.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 19:58:58 GMT
x-content-type-options: nosniff
age: 487918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19824
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 19:58:58 GMT

GET
H3 200 remixicon.woff2
safeoff.ru/wp-content/themes/breek/assets/fonts/ 87 KB
88 KB 195ms
195ms Font
application/font-woff2 2606:4700:3036::ac43:defa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safeoff.ru/wp-content/themes/breek/assets/fonts/remixicon.woff2?t=1556503613854
Requested by: Host: safeoff.ru
URL: https://safeoff.ru/wp-content/themes/breek/assets/dist/plugins.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:defa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2fdf8dc183e5593742f5eefae23e30a8217dd99c395b3aed04a01f6c1abbeb9

Request headers

Referer: https://safeoff.ru/wp-content/themes/breek/assets/dist/plugins.min.css
Origin: https://safeoff.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 11:30:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 89520
last-modified: Fri, 09 Jul 2021 13:28:24 GMT
server: cloudflare
etag: "60e84ef8-15db0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RS7ssHCG%2BTbIam2lWBVG6TI%2FNLo8VTKzLHuAFUAPaGic8Uk8OA3mRniDYvM3QN5GGE5G%2Bq2SIGo2Tns2fICgbK56ln1UakxSr4ZnalnZl7g2WlY1Ejc%2FJmVmmNunCWpJ264IO8DviBqT"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c088aa208885c74-FRA
expires: Wed, 19 Jan 2022 11:30:57 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 38ms
16ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safeoff.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 17:53:46 GMT
x-content-type-options: nosniff
age: 495430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 17:53:46 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3g3D_u50.woff2
fonts.gstatic.com/s/montserrat/v18/ 12 KB
12 KB 21ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3g3D_u50.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88238ba9ddb1bc1d0f5075399928eefe3b6428e99e5cf83b80a5584eec9ad40d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safeoff.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 06:37:11 GMT
x-content-type-options: nosniff
age: 276825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12352
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 17 Dec 2022 06:37:11 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v18/ 12 KB
12 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

637fc05835856f967578386134fe8a10b4fc4afaae082c8052226d5bd5a23e4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safeoff.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 23:09:11 GMT
x-content-type-options: nosniff
age: 476505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12196
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:45 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 23:09:11 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3g3D_u50.woff2
fonts.gstatic.com/s/montserrat/v18/ 12 KB
12 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3g3D_u50.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8196be678c526d8daccd9db5d7c03532a16b0e6261351b2acf8377f6111a5b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://safeoff.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 10:56:56 GMT
x-content-type-options: nosniff
age: 520440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12376
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 10:56:56 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
160 B 31ms
31ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: safeoff.ru
URL: https://safeoff.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 11:30:57 GMT
last-modified: Wed, 15 Dec 2021 16:08:50 GMT
etag: "61b9e8e2-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 20 Dec 2021 12:30:57 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/83393584/
Redirect Chain

https://mc.yandex.com/watch/83393584?wmode=7&page-url=https%3A%2F%2Fsafeoff.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A72...
https://mc.yandex.com/watch/83393584/1?wmode=7&page-url=https%3A%2F%2Fsafeoff.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A...

331 B
413 B

32ms
32ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/83393584/1?wmode=7&page-url=https%3A%2F%2Fsafeoff.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A1001633355276%3Ahid%3A1045669086%3Az%3A0%3Ai%3A20211220113056%3Aet%3A1639999857%3Ac%3A1%3Arn%3A427555457%3Arqn%3A1%3Au%3A1639999857849055659%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639999856032%3Ads%3A18%2C22%2C207%2C7%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A18%2C22%2C207%2C8%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639999857%3At%3A%D0%A1%D0%9C%D0%98%20-&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: safeoff.ru
URL: https://safeoff.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

072de7544350df29d88d0355fe52563c8cb6a44b2ff59d910b43531e84a06600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 11:30:57 GMT
x-content-type-options: nosniff
last-modified: Mon, 20-Dec-2021 11:30:57 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://safeoff.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Mon, 20-Dec-2021 11:30:57 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Dec 2021 11:30:57 GMT
last-modified: Mon, 20-Dec-2021 11:30:57 GMT
location: /watch/83393584/1?wmode=7&page-url=https%3A%2F%2Fsafeoff.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A1001633355276%3Ahid%3A1045669086%3Az%3A0%3Ai%3A20211220113056%3Aet%3A1639999857%3Ac%3A1%3Arn%3A427555457%3Arqn%3A1%3Au%3A1639999857849055659%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639999856032%3Ads%3A18%2C22%2C207%2C7%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A18%2C22%2C207%2C8%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639999857%3At%3A%D0%A1%D0%9C%D0%98%20-&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://safeoff.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 20-Dec-2021 11:30:57 GMT

GET
H/1.1

200
OK

/
alfabank.ru/get-money/credit-cards/land/100-days-cpa/
Redirect Chain

https://ad.admitad.com/g/i352cbwpfvd7bbbf08bf1cb5598fff/
https://alfabank.ru/get-money/credit-cards/land/100-days-cpa/?platformId=alfapartners_cpa_118_CC-visaclassic-70field-sale-162273-0-admitad-237669-cpanetwork_b0e07b3127a1680fef03c128bc2682de&afclick...

0
0

290ms
69ms

Image
text/html

217.12.104.100
ALFA-BANK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alfabank.ru/get-money/credit-cards/land/100-days-cpa/?platformId=alfapartners_cpa_118_CC-visaclassic-70field-sale-162273-0-admitad-237669-cpanetwork_b0e07b3127a1680fef03c128bc2682de&afclick=b0e07b3127a1680fef03c128bc2682de&utm_source=alfapartners&utm_medium=cpa&utm_campaign=118&utm_content=alfapartners_cpa_118_CC-visaclassic-70field-sale-162273-0-admitad-237669-cpanetwork_b0e07b3127a1680fef03c128bc2682de&card=master_card_mass&utm_term=b0e07b3127a1680fef03c128bc2682de&sub2=10&sub3=1cb5598fff
Protocol: HTTP/1.1
Server: 217.12.104.100 Moscow, Russian Federation, ASN15632 (ALFA-BANK-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Mon, 20 Dec 2021 11:30:57 GMT
server: nginx
p3p: CP="NON DSP COR CURa TIA"
location: https://alfabank.ru/get-money/credit-cards/land/100-days-cpa/?platformId=alfapartners_cpa_118_CC-visaclassic-70field-sale-162273-0-admitad-237669-cpanetwork_b0e07b3127a1680fef03c128bc2682de&afclick=b0e07b3127a1680fef03c128bc2682de&utm_source=alfapartners&utm_medium=cpa&utm_campaign=118&utm_content=alfapartners_cpa_118_CC-visaclassic-70field-sale-162273-0-admitad-237669-cpanetwork_b0e07b3127a1680fef03c128bc2682de&card=master_card_mass&utm_term=b0e07b3127a1680fef03c128bc2682de&sub2=10&sub3=1cb5598fff
cache-control: private, no-cache, no-store, must-revalidate
content-type: text/html; charset=utf-8
content-length: 2286
expires: Tue, 01 Jan 1980 1:00:00 GMT

GET
H/1.1

200
OK

https://webmaster.leads.su/register?ref_id=142994
https://webmaster.leads.su/register

0
0

49ms
49ms

Image
text/html

178.248.232.86
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webmaster.leads.su/register
Protocol: HTTP/1.1
Server: 178.248.232.86 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 11:30:57 GMT
Server: QRATOR
X-FRAME-OPTIONS: DENY
Content-Type: text/html; charset=UTF-8
Location: https://webmaster.leads.su/register
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

/
www.gogetlinks.net/
Redirect Chain

https://www.gogetlinks.net/?inv=j0ptqg
https://www.gogetlinks.net/

0
0

149ms
149ms

Image
text/html

93.171.201.16
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gogetlinks.net/
Protocol: HTTP/1.1
Server: 93.171.201.16 , Czech Republic, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: gw.gogetlinks.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 11:30:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Dec 2021 11:30:57 GMT
Server: nginx/1.10.3
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.3.11-1+0~20191026.48+debian9~1.gbpf71ca0
Strict-Transport-Security: max-age=15552000
Content-Type: text/html; charset=windows-1251
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Location: /
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 /
www.rookee.ru/ 0
0 465ms
173ms Image
text/html 193.233.15.88
SAFEVALUE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rookee.ru/?pid=5844d76c0aa6a75afe4fa86a1d5ceda1f03108
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.233.15.88 , Russian Federation, ASN42745 (SAFEVALUE-AS, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 403 from:255537
www.miralinks.ru/users/registration/ 0
0 72ms
34ms Image
text/html 93.171.200.6
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.miralinks.ru/users/registration/from:255537
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.171.200.6 , Czech Republic, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: www.miralinks.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2

200

/
advego.com/
Redirect Chain

https://advego.com/34gETAH5AN
https://advego.com/34gETAH5AN/
https://advego.com/

0
0

54ms
54ms

Image
text/html

95.163.127.66
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://advego.com/
Protocol: H2
Server: 95.163.127.66 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

location: https://advego.com/
date: Mon, 20 Dec 2021 11:30:57 GMT
server: nginx
content-length: 178
content-type: text/html

GET
H2

200

/
kwork.ru/
Redirect Chain

https://kwork.ru/ref/116548
https://kwork.ru/

0
0

82ms
82ms

Image
text/html

93.171.200.41
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kwork.ru/
Protocol: H2
Server: 93.171.200.41 , Czech Republic, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: kwork.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date: Mon, 20 Dec 2021 11:30:57 GMT
x-content-type-options: nosniff
server: ddos-guard
strict-transport-security: max-age=15552000
content-type: text/html; charset=UTF-8
location: /
content-security-policy: frame-ancestors 'self' http://webvisor.com http://awards.ratingruneta.ru
vary: Accept-Encoding, User-Agent

GET
H/1.1

200
OK

winwin
letyshops.com/uk/
Redirect Chain

https://letyshops.com/ua/soc/sh-1?r=12096197
https://letyshops.com/uk/soc/sh-1?r=12096197
https://letyshops.com/uk/winwin?ww=12096197

0
0

71ms
70ms

Image
text/html

5.187.6.153
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://letyshops.com/uk/winwin?ww=12096197
Protocol: HTTP/1.1
Server: 5.187.6.153 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde392-1.fornex.org
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Date: Mon, 20 Dec 2021 11:30:57 GMT
X-SERVER-NAME: letyshops.com
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: /uk/winwin?ww=12096197
Cache-Control: max-age=0, must-revalidate, private
Transfer-Encoding: chunked
X-LSVTKN: 26cfda6b80e986a470748dd2d481d4e2
Connection: keep-alive
Keep-Alive: timeout=15
Server: nginx
Expires: Mon, 20 Dec 2021 11:30:57 GMT

GET
H2

200

/
www.aviasales.ru/
Redirect Chain

https://aviasales.ru/?marker=229555
https://www.aviasales.ru/?marker=229555

0
0

258ms
218ms

Image
text/html

2606:4700:10::6816:3d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aviasales.ru/?marker=229555
Protocol: H2
Server: 2606:4700:10::6816:3d96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

location: https://www.aviasales.ru/?marker=229555
date: Mon, 20 Dec 2021 11:30:57 GMT
server: nginx
content-length: 170
content-type: text/html

GET
H2

200

/
allpositions.ru/
Redirect Chain

https://allpositions.ru/redirect/289201
https://allpositions.ru/redirect/index/289201/1
https://allpositions.ru/

0
0

16ms
16ms

Image
text/html

190.115.31.9
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allpositions.ru/
Protocol: H2
Server: 190.115.31.9 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date: Mon, 20 Dec 2021 11:29:44 GMT
content-encoding: gzip
server: ddos-guard
age: 73
x-powered-by: PHP/5.2.17
vary: Accept-Encoding
content-type: text/html; charset=utf-8
location: http://allpositions.ru/
x-ddg-cachegen: 1606101960
content-length: 26

GET
H2

200

ru
beget.com/
Redirect Chain

https://beget.com/p534763
https://beget.com/
https://beget.com/ru

0
0

181ms
181ms

Image
text/html

5.101.158.167
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beget.com/ru
Protocol: H2
Server: 5.101.158.167 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

location: /ru
date: Mon, 20 Dec 2021 11:30:57 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 /
www.reg.ru/ 0
0 376ms
201ms Image
text/html 2a00:f940:4::8
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.reg.ru/?rlink=reflink-5356619
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a00:f940:4::8 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2

200

/
timeweb.com/ru/
Redirect Chain

https://timeweb.com/ru/?i=50887
https://timeweb.com/ru/

0
0

296ms
296ms

Image
text/html

2a03:6f00:1:2::5c35:746b
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timeweb.com/ru/
Protocol: H2
Server: 2a03:6f00:1:2::5c35:746b , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

content-security-policy: frame-ancestors 'self' *.jivosite.com *.jivosite.com/ metrika.yandex.ru *.yandex.tld *.yandex.net webvisor.com *.webvisor.com http://*.webvisor.com http://webvisor.com https://*.webvisor.com http://webvisor.com https://metrika.yandex.ru https://mc.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.ua https://mc.yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://yastatic.net; form-action 'self' *.timeweb.ru *.timeweb.com *.timeweb.net timeweb.com timeweb.ru timeweb.net http://timeweb.com/; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.jivosite.com *.jivosite.com/ *.timeweb.net *.timeweb.ru timeweb.eu *.yandex.ru yandex.ru wss://*.timeweb.ru wss://*.timeweb.net www.googletagmanager.com www.google-analytics.com disutgh7q0ncc.cloudfront.net eligibility.wootric.com wootric-eligibility.herokuapp.com facebook.com connect.facebook.net *.facebook.com mc.yandex.md mc.yandex.ru *.livetex.ru *.livetex.me stats.g.doubleclick.net *.google.com *.google.ru *.sendpulse.com data: vk.com *.vk.com dadata.ru *.dadata.ru *.hostings.info *.hosters.ru bitrix.info static.criteo.net *.push.world *.gstatic.com recreativ.ru sslwidget.criteo.com *.googleapis.com *.webpushs.com onthe.io *.onthe.io i.imgur.com ipic.su *.sendpulse.com www.youtube.com s.tmimgcdn.com cdn.jsdelivr.net mc.webvisor.org https://*.getsitecontrol.com yastatic.net *.witstroom.com metrika.yandex.ru *.yandex.tld *.yandex.net webvisor.com *.witstroom.com:8080 https://checks.botfaqtor.ru *.giphy.com *.giphy.com/ *.jivosite.com *.jivosite.com/ wss://*.jivosite.com blob: timeweb.com
x-content-type-options: nosniff
x-powered-cms: Bitrix Site Manager (06c17fc122b49b7452818b3a0eaceb47)
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-xss-protection: 1; mode=block
x-page-speed: 1.13.35.2-0
location: https://timeweb.com/ru/
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 20 Dec 2021 11:30:57 GMT
expect-ct: max-age=86400, enforce
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8
pragma: no-cache
cache-control: max-age=0, no-cache, no-store, must-revalidate
feature-policy: autoplay 'none'; camera 'none'; microphone 'none'

GET
H2

200

/
webhost1.ru/
Redirect Chain

https://webhost1.ru/?r=47552
https://webhost1.ru/

0
0

382ms
382ms

Image
text/html

91.236.136.100
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webhost1.ru/
Protocol: H2
Server: 91.236.136.100 Moscow, Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: bill.webhost1.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

content-security-policy: script-src 'self' data: 'unsafe-inline' 'unsafe-eval' bp.webhost1.ru *.yoomoney.ru geoadv-partner.yandex.ru yookassa.ru *.yandex.ru *.yandex.net h.online-metrix.net mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.tj mc.yandex.tm mc.yandex.ua mc.yandex.uz mc.webvisor.com mc.webvisor.org yastatic.net www.google-analytics.com www.google.com www.gstatic.com connect.facebook.net www.googletagmanager.com tagmanager.google.com *.jivosite.com webhost1.bitrix24.ru *.roistat.com cfv4.com qoopler.ru; frame-ancestors 'self' blob: http://webvisor.com https://webvisor.com
x-content-type-options: nosniff
x-powered-by: PHP/7.1.33
strict-transport-security: max-age=15552000, max-age=31536000;
content-length: 248
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
date: Mon, 20 Dec 2021 11:30:58 GMT
vary: Host
content-type: text/html; charset=UTF-8
location: /
expires: -1
cache-control: no-cache, private, private, must-revalidate
x-webkit-csp: script-src 'self' data: 'unsafe-inline' 'unsafe-eval' bp.webhost1.ru *.yoomoney.ru yookassa.ru geoadv-partner.yandex.ru *.yandex.ru *.yandex.net h.online-metrix.net mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.tj mc.yandex.tm mc.yandex.ua mc.yandex.uz mc.webvisor.com mc.webvisor.org yastatic.net www.google-analytics.com www.google.com www.gstatic.com connect.facebook.net www.googletagmanager.com tagmanager.google.com *.jivosite.com webhost1.bitrix24.ru *.roistat.com cfv4.com qoopler.ru; frame-ancestors 'self' blob: http://webvisor.com https://webvisor.com
x-content-security-policy: script-src 'self' data: 'unsafe-inline' 'unsafe-eval' bp.webhost1.ru *.yoomoney.ru geoadv-partner.yandex.ru yookassa.ru *.yandex.ru *.yandex.net h.online-metrix.net mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.tj mc.yandex.tm mc.yandex.ua mc.yandex.uz mc.webvisor.com mc.webvisor.org yastatic.net www.google-analytics.com www.google.com www.gstatic.com connect.facebook.net www.googletagmanager.com tagmanager.google.com *.jivosite.com webhost1.bitrix24.ru *.roistat.com cfv4.com qoopler.ru; frame-ancestors 'self' blob: http://webvisor.com https://webvisor.com

GET
H2 200 /
advego.com/blog/read/faq_partner/1284469/ 0
0 90ms
86ms Image
text/html 95.163.127.66
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://advego.com/blog/read/faq_partner/1284469/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.127.66 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 404 nikmaz
text.ru/ 0
0 372ms
339ms Image
text/html 2606:4700:20::681a:dc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://text.ru/nikmaz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2

200

/
www.etxt.ru/
Redirect Chain

https://www.etxt.ru/?r=anakot2010
https://www.etxt.ru/

0
0

88ms
88ms

Image
text/html

34.253.61.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.etxt.ru/
Protocol: H2
Server: 34.253.61.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-61-220.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

location: https://www.etxt.ru/
date: Mon, 20 Dec 2021 11:30:57 GMT
server: Apache/2.4.46 (Ubuntu)
content-length: 0
content-type: text/html; charset=windows-1251

GET
H2

200

/
ad.admitad.com/dummy/
Redirect Chain

https://ad.admitad.com/g/6dadf43a4dd7bbbf08bff76aa61bb5/
https://ad.admitad.com/dummy/?w=523986&c=3081&r=3&d=3&g=DE&x=7792c641eacccb080c9a7d1c383bfe75&y=7792c641eacccb080c9a7d1c383bfe75

0
0

32ms
19ms

Image
text/html

185.26.99.58
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.admitad.com/dummy/?w=523986&c=3081&r=3&d=3&g=DE&x=7792c641eacccb080c9a7d1c383bfe75&y=7792c641eacccb080c9a7d1c383bfe75
Protocol: H2
Server: 185.26.99.58 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde333-2.fornex.org
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

location: https://ad.admitad.com/dummy/?w=523986&c=3081&r=3&d=3&g=DE&x=7792c641eacccb080c9a7d1c383bfe75&y=7792c641eacccb080c9a7d1c383bfe75
date: Mon, 20 Dec 2021 11:30:57 GMT
server: nginx
content-type: text/html; charset=utf-8
content-length: 511
p3p: CP="NON DSP COR CURa TIA"

GET
H2

200

/
ad.admitad.com/dummy/
Redirect Chain

https://ad.admitad.com/g/207bcbdf4cd7bbbf08bf159ac4a8d3/
https://ad.admitad.com/dummy/?w=523986&c=2402&r=3&d=3&g=DE&x=84daccf0b408eb110d6cde2077e67dc4&y=84daccf0b408eb110d6cde2077e67dc4

0
0

47ms
23ms

Image
text/html

185.26.99.58
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.admitad.com/dummy/?w=523986&c=2402&r=3&d=3&g=DE&x=84daccf0b408eb110d6cde2077e67dc4&y=84daccf0b408eb110d6cde2077e67dc4
Protocol: H2
Server: 185.26.99.58 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde333-2.fornex.org
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

location: https://ad.admitad.com/dummy/?w=523986&c=2402&r=3&d=3&g=DE&x=84daccf0b408eb110d6cde2077e67dc4&y=84daccf0b408eb110d6cde2077e67dc4
date: Mon, 20 Dec 2021 11:30:57 GMT
server: nginx
content-type: text/html; charset=utf-8
content-length: 511
p3p: CP="NON DSP COR CURa TIA"

GET
H2

200

/
best.aliexpress.ru/
Redirect Chain

https://s.click.aliexpress.com/e/_dSydzZH?dp=safeoff.ru
https://best.aliexpress.ru/?dp=safeoff.ru&aff_fcid=b2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH&aff_fsk=_dSydzZH&aff_platform=portals-tool&sk=_dSydzZH&aff_trace_key=b2fa6fe0853f493...
https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fbest.aliexpress.ru%2F%3Fdp%3Dsafeoff.ru%26aff_fcid%3Db2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH%26aff_fs...
https://login.aliexpress.ru/sync_cookie_write.htm?acs_random_token=3c2093182ba34f3699bbeff01391e94f&xman_goto=https%3A%2F%2Fbest.aliexpress.ru%2F%3Fdp%3Dsafeoff.ru%26aff_fcid%3Db2fa6fe0853f4933b93f...
https://best.aliexpress.ru/?dp=safeoff.ru&aff_fcid=b2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH&aff_fsk=_dSydzZH&aff_platform=portals-tool&sk=_dSydzZH&aff_trace_key=b2fa6fe0853f493...

0
0

84ms
84ms

Image
text/html

62.128.97.7
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://best.aliexpress.ru/?dp=safeoff.ru&aff_fcid=b2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH&aff_fsk=_dSydzZH&aff_platform=portals-tool&sk=_dSydzZH&aff_trace_key=b2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH&terminal_id=3c2093182ba34f3699bbeff01391e94f
Protocol: H2
Server: 62.128.97.7 Moscow, Russian Federation, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
x-akamai-fwd-auth-sha: 41625AEE4B2C6C693BEFA453758E61822C7207DCE5662E82929B4B45D5E63128
server: Tengine/Aserver
date: Mon, 20 Dec 2021 11:31:00 GMT
content-language: en-US
p3p: CP="CAO PSA OUR"
location: https://best.aliexpress.ru/?dp=safeoff.ru&aff_fcid=b2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH&aff_fsk=_dSydzZH&aff_platform=portals-tool&sk=_dSydzZH&aff_trace_key=b2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH&terminal_id=3c2093182ba34f3699bbeff01391e94f
x-akamai-fwd-auth-data: 1530762769, 2.16.187.13, 1639999860, 91.199.118.74
x-akamai-fwd-auth-sign: P7iJWS/B6HA1aNBUVprGm2LetZ0DpxUopS9qRlAnIhoGWy35+kROEZNMGbc7JjlYy0uTYSO8h5gTKDBWD4Tn8tmggriF3KcG9unVMG4nG4k=
content-type: text/html;charset=UTF-8
content-length: 0
eagleeye-traceid: 0ab6f83916399998597497519e17ce

GET
H2 403 aff.php
hostiq.ua/clients/ 0
0 372ms
297ms Image
text/html 2606:4700:10::6814:34a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostiq.ua/clients/aff.php?aff=381
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:34a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2

200

/
adminvps.ru/
Redirect Chain

https://my.adminvps.ru/aff.php?aff=700
https://adminvps.ru/

0
0

203ms
128ms

Image
text/html

5.253.61.60
ADMINVPS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adminvps.ru/
Protocol: H2
Server: 5.253.61.60 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 11:30:58 GMT
Server: nginx
X-Powered-By: PHP/7.2.34
X-Frame-Options: DENY, DENY
Content-Type: text/html; charset=utf-8
Location: https://adminvps.ru
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/
www.hostland.ru/
Redirect Chain

https://www.hostland.ru/?r=3a81d50b
https://www.hostland.ru/

0
0

163ms
163ms

Image
text/html

185.26.122.131
HOSTLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hostland.ru/
Protocol: H2
Server: 185.26.122.131 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS: serv131.hostland.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

location: /
date: Mon, 20 Dec 2021 11:30:58 GMT
server: nginx
strict-transport-security: max-age=63072000
content-length: 0
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

wUg9X11nICg1
ohio8.vchecks.io/share/
Redirect Chain

https://fozzy.com/aff.php?aff=16811
https://ohio8.vchecks.io/share/wUg9X11nICg1?sid=2508&scheme=https&host=fozzy.com&uri=%2faff.php%3faff%3d16811%26utm_referrer%3dhttps%253a%252f%252fsafeoff.ru%252f&t=1639999858157&sad=v%2fW8d2Sg%3d%...

0
0

40ms
9ms

Image
text/html

185.165.123.99
VARITI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ohio8.vchecks.io/share/wUg9X11nICg1?sid=2508&scheme=https&host=fozzy.com&uri=%2faff.php%3faff%3d16811%26utm_referrer%3dhttps%253a%252f%252fsafeoff.ru%252f&t=1639999858157&sad=v%2fW8d2Sg%3d%3d&uid=YSDCDhUWZkjW9wRq&uct=1639999858156&kct=0&m=2&ver=7&flags=2178&ua=14234534012806063377&v=9cl61mkEeKMAXsFWbsPiGg
Protocol: HTTP/1.1
Server: 185.165.123.99 , Russian Federation, ASN64432 (VARITI-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

pragma: no-cache, no-cache
date: Mon, 20 Dec 2021 11:30:58 GMT
x-iauth-set-uid: 1:YSDCDhUWZkjW9wRq:1639999858156:YSDCDhUWZkjW9wRq/TGpB4DNfhU2LM6538woJfg==:1000
server: nginx
location: https://ohio8.vchecks.io/share/wUg9X11nICg1?sid=2508&scheme=https&host=fozzy.com&uri=%2faff.php%3faff%3d16811%26utm_referrer%3dhttps%253a%252f%252fsafeoff.ru%252f&t=1639999858157&sad=v%2fW8d2Sg%3d%3d&uid=YSDCDhUWZkjW9wRq&uct=1639999858156&kct=0&m=2&ver=7&flags=2178&ua=14234534012806063377&v=9cl61mkEeKMAXsFWbsPiGg
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-cache
content-length: 0
x-request-id: wUg9X11nICg1
expires: Mon, 20 Dec 2021 11:30:57 GMT

GET
H2

200

/
www.hts.ru/
Redirect Chain

https://www.hts.ru/?affid=68551
https://www.hts.ru/

0
0

544ms
544ms

Image
text/html

78.110.50.108
HT-SYSTEMS-AS Upl...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hts.ru/
Protocol: H2
Server: 78.110.50.108 Moscow, Russian Federation, ASN31240 (HT-SYSTEMS-AS Uplinks:, RU),
Reverse DNS: c6-w.ht-systems.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safeoff.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Mon, 20 Dec 2021 11:30:58 GMT
server: nginx
x-powered-by: PHP/5.4.16
content-type: text/html; charset=WINDOWS-1251
location: /
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-ancestors 'self' http://webvisor.com; default-src 'self' https://yandex.ru; font-src 'self'; script-src 'self' https://api-maps.yandex.ru https://maps.google.com https://code.jivosite.com https://www.googletagmanager.com https://stats.hts.ru https://mc.yandex.ru https://yastatic.net https://www.google-analytics.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://mc.yandex.ru https://code.jivosite.com https://*.jivosite.com; img-src 'self' https://ext.host-tracker.com https://api-maps.yandex.ru https://counter.yadro.ru http://cp.hts.ru https://mc.yandex.ru https://*.maps.yandex.net http://www.hts.ru http://hubble.ht-systems.ru https://stats.hts.ru https://www.google-analytics.com data:; media-src 'self' https://code.jivosite.com; style-src 'self' 'unsafe-inline'; object-src 'self'
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
safeoff.ru/	1970-01-19 23:34:46	Name: qdynTi Value: d8B_4ap5e
safeoff.ru/	1970-01-19 23:34:46	Name: eFdyTR Value: WlyhY9qIZMN
.safeoff.ru/	1970-01-20 08:18:55	Name: _ym_uid Value: 1639999857849055659
.safeoff.ru/	1970-01-20 08:18:55	Name: _ym_d Value: 1639999857
.mc.yandex.com/	1970-01-19 23:33:20	Name: sync_cookie_csrf Value: 2552141422fake
.safeoff.ru/	1969-12-31 23:59:59	Name: surfer_uuid Value: d57a4f7e-0826-487f-93ca-ee6c1012419e
.safeoff.ru/	1969-12-31 23:59:59	Name: la_page_depth Value: %7B%22last%22%3A%22https%3A%2F%2Fsafeoff.ru%2F%22%2C%22depth%22%3A1%7D
.safeoff.ru/	1969-12-31 23:59:59	Name: page_load_uuid Value: 5639e70c-859e-4de2-a641-2ca0a73dc8eb
.safeoff.ru/	1970-01-19 23:34:31	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-19 23:33:20	Name: sync_cookie_csrf Value: 2462458311fake
.yandex.com/	1970-01-20 08:18:55	Name: yandexuid Value: 2303538761639999857
.yandex.com/	1970-01-20 08:18:55	Name: yuidss Value: 2303538761639999857
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 611260471639999857
.yandex.com/	1970-01-23 15:09:19	Name: i Value: 2Tqwk+N0w0H3Q5e7nQCtI0Dlb4Z9eHzSuz26K1RFMp2k/8Hx3N5npIQiBBTTP6IOtus0BBB2nsVHmI2h5x230QpdYVo=
.yandex.com/	1970-01-20 08:18:55	Name: ymex Value: 1671535857.yrts.1639999857#1671535857.yrtsi.1639999857
.ad.admitad.com/	1970-01-20 17:04:31	Name: UID Value: v=3\|id=7048f53e3a2aff6c626ad0726779cd25\|expr=1703071857\|type=0\|business_expr=1642591857
.ad.admitad.com/	1969-12-31 23:59:59	Name: UID2 Value: v=3\|id=7048f53e3a2aff6c626ad0726779cd25\|expr=1703071857\|type=0\|business_expr=1642591857
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=7zfk05a_n24d&acs_rt=3c2093182ba34f3699bbeff01391e94f
.aliexpress.com/	1970-02-13 20:04:43	Name: aeu_cid Value: b2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH
.aliexpress.com/	1970-01-20 01:42:55	Name: xman_t Value: bGi+eM0VBuGO80gZI6lB20Hd8oNs49DgllMgGoPzUplOjUadxCY3vyjR7Fym1gd/
.aliexpress.com/	1970-02-13 20:04:43	Name: xman_f Value: ApeFoKRnOQ9EVve6yQ3d0n6FUT6cymle1VlNtJe4ZDcXgmB9+1OZgCagqfdeN/TbEkhzutSoAjrUezzGqN/9ANyh4IBm8ISg2TxhzJajsrZB1Et/KssetQ==
.aliexpress.com/	1970-02-13 20:04:43	Name: af_ss_a Value: 1
.aliexpress.ru/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=opq50dsjc1t0&acs_rt=973a620ad04a423ca84efef12e496fa1
.aliexpress.ru/	1970-01-20 01:42:55	Name: xman_t Value: 6btVc3edYtTUqH/cGGZ2lpNodvhxpRgW9sBzG1wWUAnbJ6g32+YQKIvOe3ErWduG
.aliexpress.com/	1970-02-13 20:04:43	Name: xman_us_f Value: x_l=0&acs_rt=3c2093182ba34f3699bbeff01391e94f&x_as_i=%7B%22aeuCID%22%3A%22b2fa6fe0853f4933b93f14fde6e87a7b-1639999858495-02437-_dSydzZH%22%2C%22affiliateKey%22%3A%22_dSydzZH%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22818320463%22%2C%22tagtime%22%3A1639999858495%7D
.aliexpress.ru/	1970-02-13 20:04:43	Name: xman_f Value: Lpu1VJTlj9s3Tl6jvyVychdCKEe4G9zzcO/8LTizar+LUTIBCK/UOoFN/HXM1/JpNDU9VtwPwUHjbIJ4oSIe/dPV9leozntUI4a1KLPwQaFpuXtmJFji9A==
.aliexpress.ru/	1970-02-13 20:04:43	Name: xman_us_f Value: x_locale=ru_RU&x_l=0&x_c_chg=1&acs_rt=3c2093182ba34f3699bbeff01391e94f
.aliexpress.ru/	1970-02-13 20:04:43	Name: aep_usuc_f Value: site=rus&c_tp=GBP&region=UK&b_locale=ru_RU

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9493.4fcNafk47Ovd89Xt_DVc8HJnu1MVM1ZJvfEP1-tV0LbtPXr2Tq3qDIKj8UPVQVpmFI58yKtBuOGTw5Fl4afQfQ%2C%2C.TvJ0qFtk3sg1QRyFhN1y5J1CiAs%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://www.miralinks.ru/users/registration/from:255537 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://text.ru/nikmaz Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://hostiq.ua/clients/aff.php?aff=381 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.admitad.com
adminvps.ru
advego.com
alfabank.ru
allpositions.ru
aviasales.ru
beget.com
best.aliexpress.ru
fonts.googleapis.com
fonts.gstatic.com
fozzy.com
hostiq.ua
kwork.ru
letyshops.com
login.aliexpress.com
login.aliexpress.ru
mc.yandex.com
mc.yandex.ru
my.adminvps.ru
ohio8.vchecks.io
qiklsv.com
s.click.aliexpress.com
safeoff.ru
secure.gravatar.com
static20.online
text.ru
timeweb.com
webhost1.ru
webmaster.leads.su
www.aviasales.ru
www.etxt.ru
www.gogetlinks.net
www.hostland.ru
www.hts.ru
www.miralinks.ru
www.reg.ru
www.rookee.ru
104.111.214.74
104.111.216.213
116.202.164.135
178.248.232.86
185.165.123.99
185.203.72.141
185.26.122.131
185.26.99.58
188.42.198.44
190.115.31.9
193.233.15.88
217.12.104.100
2606:4700:10::6814:34a1
2606:4700:10::6816:3d96
2606:4700:20::681a:dc8
2606:4700:3036::ac43:defa
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
2a00:f940:4::8
2a02:6b8::1:119
2a03:6f00:1:2::5c35:746b
2a04:fa87:fffe::c000:4902
34.253.61.220
45.130.41.21
5.101.158.167
5.187.6.153
5.253.61.60
62.128.97.7
62.76.25.27
78.110.50.108
91.236.136.100
93.171.200.41
93.171.200.6
93.171.201.16
95.163.127.66
072de7544350df29d88d0355fe52563c8cb6a44b2ff59d910b43531e84a06600
08ad491da424e3272d228e0c8751e48afd3b473958730969afdf619d39a7e558
0ecaddb1fbc5f091c1d9b535fe34188b7cac56b3a0d7ce7a7a683212e18ff0c2
33d33233fa304cba9ad1dac86ba996e277c70ccc98ba40bc8108870947581357
3684b8902fe2f3f96b32be42dca7f2621827f8c8b92fde984b5b1787dd06a17b
3eeb7f7ce3e04b16c90f7c45b3a797a29b2ec14507bb3bb0810bb4183d582bc1
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4e28ce4da066f65906b1e845fff11a70ea50f25e4900cad812674e5011af9b6b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
637fc05835856f967578386134fe8a10b4fc4afaae082c8052226d5bd5a23e4e
6b5a74d19cf6cf7708cb896be63a375880eb78c491273fcc381d00d1784b4ebb
7cb47f56d6d8f8829f831bf4f1132b2e0d848b0289dc69179c0407b931f89b28
8196be678c526d8daccd9db5d7c03532a16b0e6261351b2acf8377f6111a5b7a
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
88238ba9ddb1bc1d0f5075399928eefe3b6428e99e5cf83b80a5584eec9ad40d
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
a3ae56687b2e271008caa899486e00cf5ffb43bb9291d35d892f9a1ad1d84ba7
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d8f505ba7a484f8e86696989ee463eb16bc2643bf976c697958e952f7d7bd981
debb229daffbe34e17c32f8d56a72dfa9ba4debfcfcb330e733bf56d88da117c
e2fdf8dc183e5593742f5eefae23e30a8217dd99c395b3aed04a01f6c1abbeb9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4fa7e11b99d09f049a451697352b47cf137deb9bd8fe412e4c97da2499badf4

safeoff.ru Open in urlscan Pro 2606:4700:3036::ac43:defa Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

56 %HTTPS

29 %IPv6

33 Domains

37 Subdomains

30 IPs

7 Countries

471 kBTransfer

1305 kBSize

28 Cookies

0 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

safeoff.ru Open in urlscan Pro
2606:4700:3036::ac43:defa Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

56 %
HTTPS

29 %
IPv6

33
Domains

37
Subdomains

30
IPs

7
Countries

471 kB
Transfer

1305 kB
Size

28
Cookies

48 HTTP transactions
0 data transactions