santa55.ru Open in urlscan Pro
2606:4700:3037::ac43:a305 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.natalhistory.ru/campaigns/mz793xfgjs72f/track-url/od1383k04q785/36ee45e3b00359cbb11ef1a7fbc4c8944f0d3195
Effective URL:
https://santa55.ru/TxPqh89N
Submission: On July 12 via manual (July 12th 2024, 7:22:00 am UTC) from RU — Scanned from CA

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3037::ac43:a305, located in United States and belongs to CLOUDFLARENET, US. The main domain is santa55.ru.
TLS certificate: Issued by WE1 on July 1st 2024. Valid for: 3 months.

This is the only time santa55.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::ac43:d8e3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3037::ac43:a305	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
9	65.21.140.114 65.21.140.114	24940 (HETZNER-AS) (HETZNER-AS)
1	199.232.194.2 199.232.194.2	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
16	5

1 2606:4700:3032::ac43:d8e3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

info.natalhistory.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:a305 (United States)

ASN13335 (CLOUDFLARENET, US)

santa55.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 65.21.140.114 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.114.140.21.65.clients.your-server.de

ecefplw.stripocdn.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.2 (United States)

ASN54113 (FASTLY, US)

media.giphy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	stripocdn.email ecefplw.stripocdn.email	314 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	2 KB
2	santa55.ru santa55.ru	5 KB
1	giphy.com media.giphy.com — Cisco Umbrella Rank: 15254	234 KB
1	natalhistory.ru 1 redirects info.natalhistory.ru	631 B
16	6

	Domain	Requested by
9	ecefplw.stripocdn.email	santa55.ru
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	santa55.ru
2	santa55.ru
1	media.giphy.com	santa55.ru
1	info.natalhistory.ru	1 redirects
16	6

This site contains no links.

Subject Issuer	Validity	Valid
santa55.ru WE1	`2024-07-01` - `2024-09-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.stripocdn.email Sectigo RSA Domain Validation Secure Server CA	`2023-12-01` - `2024-12-09`	a year	crt.sh
*.giphy.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-07-05` - `2025-08-06`	a year	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://santa55.ru/TxPqh89N
Frame ID: 0C15F59497EB2D5DEE4AADEC1E298B89
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ошибка

Page URL History Show full URLs

https://info.natalhistory.ru/campaigns/mz793xfgjs72f/track-url/od1383k04q785/36ee45e3b00359cbb11ef1a7fbc4... HTTP 301
https://santa55.ru/TxPqh89N Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

16
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

580 kB
Transfer

607 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.natalhistory.ru/campaigns/mz793xfgjs72f/track-url/od1383k04q785/36ee45e3b00359cbb11ef1a7fbc4c8944f0d3195 HTTP 301
https://santa55.ru/TxPqh89N Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request TxPqh89N Show response
santa55.ru/
Redirect Chain

https://info.natalhistory.ru/campaigns/mz793xfgjs72f/track-url/od1383k04q785/36ee45e3b00359cbb11ef1a7fbc4c8944f0d3195
https://santa55.ru/TxPqh89N

30 KB
4 KB

986ms
408ms

Document
text/html

2606:4700:3037::ac43:a305
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://santa55.ru/TxPqh89N
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a305 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4355726c3b0077936995840d11e08547b277db4317ae65f4c2b2514d4bacbacb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a1f4771db93a226-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 12 Jul 2024 07:21:54 GMT
expires: Fri, 12 Jul 2024 07:21:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O3xv0y%2BRZqbJ%2FjF%2BgP6Jo2GDABQXtFVTK%2BKFLL6sK5VACrwUMLZYz9ahNWGezctMMdAv6BrhNjUUBS3rYJxieq0y8gZqlPGSk4hcpIpQ9Mc%2FUzfL9D3jSgtJWo5Eve4LflLKmxBd1GJ3"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8a1f476bbedc5491-YYZ
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=UTF-8
date: Fri, 12 Jul 2024 07:21:53 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 12 Jul 2024 07:21:53 GMT
location: https://santa55.ru/TxPqh89N
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9HmyjsS5joXEi9keeqLW2pjptFKYiBl%2FceNpnH3RS%2FTfXG%2BredmrXYYgjyeMkh9TWXa03ZLNvrkAEXSzzWXYM78u1ZTGyW%2BwFPPbORIgas0wsfqlkNO33YChsGLY98lt9aR%2BorU0EYZJWRPAO7D3ndG1A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33

GET
H2 200 css2
fonts.googleapis.com/ 794 B
798 B 383ms
99ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Righteous&display=swap

Requested by

Host: santa55.ru
URL: https://santa55.ru/TxPqh89N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5e5a9ac8a8293996ac2bbcc605ea27e2771dd8236801de7da91654e07c08d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://santa55.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jul 2024 07:21:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 06:52:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jul 2024 07:21:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
905 B 383ms
100ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i

Requested by

Host: santa55.ru
URL: https://santa55.ru/TxPqh89N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

88f51053efa43af03cea7b56b78bba6c8db041dcb5a152c2bcc457b8a9fabc53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://santa55.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jul 2024 07:21:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 05:47:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jul 2024 07:21:54 GMT

GET
H2 200 35631622473363226.png
ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/ 19 KB
20 KB 906ms
489ms Image
image/png 65.21.140.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/35631622473363226.png

Requested by

Host: santa55.ru
URL: https://santa55.ru/TxPqh89N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.21.140.114 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.114.140.21.65.clients.your-server.de

Software

nginx /

Resource Hash

1448569503618ac56511b387bd3ce99055da523e1e98f17b2f2c2c4270073b8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://santa55.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 07:21:55 GMT
x-amz-version-id: VMSVNCCg2E.vvCNhq05iq2bZHAoaKK2.
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn9.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 387
content-length: 19491
x-xss-protection: 1; mode=block
last-modified: Mon, 31 May 2021 15:02:44 GMT
server: nginx
etag: "1ff8e3ce8f3e18b0dcd9317437388898"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 121
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: Group+36.png
x-amz-meta-stripothumbnailurl: https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_621dd5dccf4f6787e98a586b2cebf383%2Fimages%2F93691622473363231.png

GET
H2 200 giphy.gif
media.giphy.com/media/35B3Val0pYgtpScqsz/ 234 KB
234 KB 344ms
61ms Image
image/gif 199.232.194.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.giphy.com/media/35B3Val0pYgtpScqsz/giphy.gif

Requested by

Host: santa55.ru
URL: https://santa55.ru/TxPqh89N

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.2 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0d9a460488cfb8a755fad15414a7e743437267bbdfb3283b0be5c2155cfe5ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

Referer: https://santa55.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 07:21:54 GMT
strict-transport-security: max-age=15465600
age: 0
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
fastly-restarts: 1
content-length: 239321
x-served-by: cache-iad-kcgs7200102-IAD, cache-yyz4530-YYZ
last-modified: Wed, 13 Mar 2019 18:20:37 GMT
x-timer: S1720768915.925645,VS0,VE25
etag: "42c4349b611a739a8317f17ae74b7587"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex, noai, noimageai
x-cache-hits: 4, 0

GET
H2 200 11201622473968785.png
ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/ 6 KB
6 KB 873ms
492ms Image
image/png 65.21.140.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/11201622473968785.png

Requested by

Host: santa55.ru
URL: https://santa55.ru/TxPqh89N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.21.140.114 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.114.140.21.65.clients.your-server.de

Software

nginx /

Resource Hash

08f5dadc644e2470d1e1f2691c2579adbaeef25d8bb622f0ee60e7dc6311f8c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://santa55.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 07:21:55 GMT
x-amz-version-id: K2Wcki_DXOy6JPY4hs7yB181bHyHp6ob
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn9.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 0
content-length: 5725
x-xss-protection: 1; mode=block
last-modified: Mon, 31 May 2021 15:12:49 GMT
server: nginx
etag: "51bcc60a45c6618ee4aab0df9d611d7c"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 0
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: Group.png

GET
H2 200 69921622473106793.png
ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/ 3 KB
4 KB 870ms
489ms Image
image/png 65.21.140.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/69921622473106793.png

Requested by

Host: santa55.ru
URL: https://santa55.ru/TxPqh89N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.21.140.114 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.114.140.21.65.clients.your-server.de

Software

nginx /

Resource Hash

c1313eb5d36ca12b1b99bcb7cc388b4c1239e735a72f6199575789f0ba40630a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://santa55.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 07:21:55 GMT
x-amz-version-id: sziZlDw8h8dU9Ur1vgWm3_zp0XYILl7i
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn9.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 0
content-length: 3251
x-xss-protection: 1; mode=block
last-modified: Mon, 31 May 2021 14:58:27 GMT
server: nginx
etag: "b625885797b636c53693966146b6ff54"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 0
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: Mask+Group.png

GET
H2 200 55191622473106934.png
ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/ 5 KB
5 KB 871ms
490ms Image
image/png 65.21.140.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/55191622473106934.png

Requested by

Host: santa55.ru
URL: https://santa55.ru/TxPqh89N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.21.140.114 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.114.140.21.65.clients.your-server.de

Software

nginx /

Resource Hash

084e28d11c646d8b52814d751ed05cf513578daa5c0af6e28d646bc57497e620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://santa55.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 07:21:55 GMT
x-amz-version-id: qX9GlUPyVuJYUGTmzqzI9eYh1yVIFMwq
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn9.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 0
content-length: 4797
x-xss-protection: 1; mode=block
last-modified: Mon, 31 May 2021 14:58:27 GMT
server: nginx
etag: "f6c42402804c67b4fd19e73145f85441"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 0
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: Mask+Group-1.png

GET
H2 200 18071622473106941.png
ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/ 6 KB
6 KB 872ms
491ms Image
image/png 65.21.140.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/18071622473106941.png

Requested by

Host: santa55.ru
URL: https://santa55.ru/TxPqh89N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.21.140.114 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.114.140.21.65.clients.your-server.de

Software

nginx /

Resource Hash

6ce73ceab12157daf2c7e9c2037ce107347ce4d20bd2de5c3d408b7cf25bf41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://santa55.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 07:21:55 GMT
x-amz-version-id: vSL6Vzy1B2vAw6MyMOkV3W2Scp.F2IA.
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn9.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 0
content-length: 5908
x-xss-protection: 1; mode=block
last-modified: Mon, 31 May 2021 14:58:27 GMT
server: nginx
etag: "165f15259bcfb34c7d8c2c5ce03c7dcc"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 0
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: Mask+Group-2.png

GET
H2 200 3071622474072133.png
ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/ 30 KB
30 KB 521ms
491ms Image
image/png 65.21.140.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/3071622474072133.png

Requested by

Host: santa55.ru
URL: https://santa55.ru/TxPqh89N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.21.140.114 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.114.140.21.65.clients.your-server.de

Software

nginx /

Resource Hash

92ec9fb29933bd8af32d580be46192025489f2a932a1acfc8daf95c334a1221c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://santa55.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 07:21:55 GMT
x-amz-version-id: eqO1SvBiutne6UoxX1ZX80LKmw7mzB4s
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn9.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 554
content-length: 30556
x-xss-protection: 1; mode=block
last-modified: Mon, 31 May 2021 15:14:33 GMT
server: nginx
etag: "99a1da8f623de1b81aed28301180ba3d"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 98
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: Group.png
x-amz-meta-stripothumbnailurl: https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_621dd5dccf4f6787e98a586b2cebf383%2Fimages%2F58331622474072138.png

GET
H2 200 75441622472866900.png
ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/ 202 KB
202 KB 317ms
301ms Image
image/png 65.21.140.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/75441622472866900.png

Requested by

Host: santa55.ru
URL: https://santa55.ru/TxPqh89N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.21.140.114 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.114.140.21.65.clients.your-server.de

Software

nginx /

Resource Hash

02163c765a99733361bdf95f53811d3438ec4f69f2d6851f4ecd7f74267f6d9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://santa55.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 07:21:55 GMT
x-amz-version-id: IY7dcis77HJZKEZhInNIsuydFjCbggrC
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn9.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 600
content-length: 206508
x-xss-protection: 1; mode=block
last-modified: Mon, 31 May 2021 14:54:27 GMT
server: nginx
etag: "3d208223c5b5e35e29253b1a5258a65f"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 464
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: Rectangle+49.png
x-amz-meta-stripothumbnailurl: https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_621dd5dccf4f6787e98a586b2cebf383%2Fimages%2F68951622472866916.png

GET
H2 200 21071622474227364.png
ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/ 21 KB
22 KB 507ms
491ms Image
image/png 65.21.140.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/21071622474227364.png

Requested by

Host: santa55.ru
URL: https://santa55.ru/TxPqh89N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.21.140.114 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.114.140.21.65.clients.your-server.de

Software

nginx /

Resource Hash

59c0156a6e9e19b07ad5b9e2e66f9c36dc74ecefa8f536b0dae340f764004f2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://santa55.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 07:21:55 GMT
x-amz-version-id: MpADx6IEeNTJXYYot91JLQd5IOPqm_h0
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn9.stripocdn.email
x-cache-status: EXPIRED
x-amz-meta-orgignalwidth: 416
content-length: 21670
x-xss-protection: 1; mode=block
last-modified: Mon, 31 May 2021 15:17:08 GMT
server: nginx
etag: "9e8c259d668473e0c35b83a087350c8e"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 73
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: Group.png
x-amz-meta-stripothumbnailurl: https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_621dd5dccf4f6787e98a586b2cebf383%2Fimages%2F94901622474227368.png

GET
H2 200 39581622474311696.png
ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/ 18 KB
19 KB 507ms
490ms Image
image/png 65.21.140.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ecefplw.stripocdn.email/content/guids/CABINET_621dd5dccf4f6787e98a586b2cebf383/images/39581622474311696.png

Requested by

Host: santa55.ru
URL: https://santa55.ru/TxPqh89N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.21.140.114 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.114.140.21.65.clients.your-server.de

Software

nginx /

Resource Hash

9d7b526d10f54d7647fa8bd3a87257a0a022345b782ccc12c093fa6faf638630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://santa55.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 07:21:55 GMT
x-amz-version-id: aVS.jqRDmDDH05mK9uMSpIF8yhTnsSxu
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn9.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 416
content-length: 18652
x-xss-protection: 1; mode=block
last-modified: Mon, 31 May 2021 15:18:32 GMT
server: nginx
etag: "f0922776744189812fbe563f954f8974"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 73
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: Group.png
x-amz-meta-stripothumbnailurl: https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_621dd5dccf4f6787e98a586b2cebf383%2Fimages%2F47681622474311700.png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 288ms
92ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://santa55.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 23:03:11 GMT
x-content-type-options: nosniff
age: 289124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Jul 2025 23:03:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 279ms
84ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://santa55.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 04:43:32 GMT
x-content-type-options: nosniff
age: 268703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 04:43:32 GMT

GET
H3 404 favicon.ico
santa55.ru/ 548 B
560 B 292ms
291ms Other
text/html 2606:4700:3037::ac43:a305
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://santa55.ru/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a305 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://santa55.ru/TxPqh89N
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 07:21:56 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vUJ1KydjhvOLiBViHJc8bQk%2B2WfBO3g7GCiV%2Bcxq%2BXop3tDCvQP%2Bs42iZxipqdsuoPQhLtdpotGYd%2BfGxzYCnah3OYTTUMAkNzGgKbmvRuEfpwtLWwZxtATOFBecq8Vf56w7EByEya6g"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8a1f477d0811a226-YYZ
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			santa55.ru/	1970-01-20 22:44:07	Name: _subid Value: 1d2fli6nri
			santa55.ru/	1970-01-21 07:35:28	Name: 2e74b Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM2XCI6MTcyMDc2ODkxNH0sXCJjYW1wYWlnbnNcIjp7XCIxOFwiOjE3MjA3Njg5MTR9LFwidGltZVwiOjE3MjA3Njg5MTR9In0.n6uVIgMPdROVYk7SP8cDlQ4F935CmdX_T9YN5Qj0wgs

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://santa55.ru/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ecefplw.stripocdn.email
fonts.googleapis.com
fonts.gstatic.com
info.natalhistory.ru
media.giphy.com
santa55.ru
199.232.194.2
2606:4700:3032::ac43:d8e3
2606:4700:3037::ac43:a305
2607:f8b0:4004:c1b::5f
2607:f8b0:4004:c1d::5e
65.21.140.114
02163c765a99733361bdf95f53811d3438ec4f69f2d6851f4ecd7f74267f6d9e
084e28d11c646d8b52814d751ed05cf513578daa5c0af6e28d646bc57497e620
08f5dadc644e2470d1e1f2691c2579adbaeef25d8bb622f0ee60e7dc6311f8c8
0d9a460488cfb8a755fad15414a7e743437267bbdfb3283b0be5c2155cfe5ca2
1448569503618ac56511b387bd3ce99055da523e1e98f17b2f2c2c4270073b8a
4355726c3b0077936995840d11e08547b277db4317ae65f4c2b2514d4bacbacb
59c0156a6e9e19b07ad5b9e2e66f9c36dc74ecefa8f536b0dae340f764004f2f
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6ce73ceab12157daf2c7e9c2037ce107347ce4d20bd2de5c3d408b7cf25bf41e
88f51053efa43af03cea7b56b78bba6c8db041dcb5a152c2bcc457b8a9fabc53
92ec9fb29933bd8af32d580be46192025489f2a932a1acfc8daf95c334a1221c
9d7b526d10f54d7647fa8bd3a87257a0a022345b782ccc12c093fa6faf638630
c1313eb5d36ca12b1b99bcb7cc388b4c1239e735a72f6199575789f0ba40630a
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5e5a9ac8a8293996ac2bbcc605ea27e2771dd8236801de7da91654e07c08d39

santa55.ru Open in urlscan Pro 2606:4700:3037::ac43:a305 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

5 IPs

2 Countries

580 kBTransfer

607 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

santa55.ru Open in urlscan Pro
2606:4700:3037::ac43:a305 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

580 kB
Transfer

607 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions