urlscan.io logo urlscan.io
SecurityTrails logo

oiqgdihf.simple-site2c.xyz Open in urlscan Pro
2606:4700:3031::681c:8d8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://goskassa-rub45s.tumblr.com/?ouI1f
Effective URL: https://oiqgdihf.simple-site2c.xyz/
Submission: On January 11 via manual from RU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 9 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3031::681c:8d8, located in United States and belongs to CLOUDFLARENET, US. The main domain is oiqgdihf.simple-site2c.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 1st 2020. Valid for: a year.
This is the only time oiqgdihf.simple-site2c.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 74.114.154.18 2635 (AUTOMATTIC)
4 192.0.77.40 2635 (AUTOMATTIC)
1 152.199.21.147 15133 (EDGECAST)
16 2a00:f940:1:1... 197695 (AS-REG)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a05:d014:286... 16509 (AMAZON-02)
1 3 190.115.24.146 262254 (DDOS-GUAR...)
14 2606:4700:303... 13335 (CLOUDFLAR...)
1 190.115.24.62 262254 (DDOS-GUAR...)
47 10
1    74.114.154.18 (Canada)

ASN2635 (AUTOMATTIC, US)
goskassa-rub45s.tumblr.com
4    192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com
assets.tumblr.com
1    152.199.21.147 (United States)

ASN15133 (EDGECAST, US)
static.tumblr.com
16    2a00:f940:1:1:2::5a1 (Russian Federation)

ASN197695 (AS-REG, RU)
finbankru.site
2    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a05:d014:286:3502:280f:5c03:88aa:6d81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.banksber.xyz
3    190.115.24.146 (Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net
clklife.surf
14    2606:4700:3031::681c:8d8 (United States)

ASN13335 (CLOUDFLARENET, US)
oiqgdihf.simple-site2c.xyz
1    190.115.24.62 (Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net
clickpay24.tv
Domain Requested by
16 finbankru.site goskassa-rub45s.tumblr.com
finbankru.site
14 oiqgdihf.simple-site2c.xyz clklife.surf
oiqgdihf.simple-site2c.xyz
4 assets.tumblr.com goskassa-rub45s.tumblr.com
3 clklife.surf 1 redirects clklife.surf
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com finbankru.site
oiqgdihf.simple-site2c.xyz
1 clickpay24.tv oiqgdihf.simple-site2c.xyz
1 ad.banksber.xyz 1 redirects
1 static.tumblr.com goskassa-rub45s.tumblr.com
1 goskassa-rub45s.tumblr.com
0 ip-api.com Failed oiqgdihf.simple-site2c.xyz
47 11

This site contains no links.

Subject Issuer Validity Valid
*.tumblr.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-26 -
2022-06-28		 2 years crt.sh
tumblr.com
DigiCert SHA2 Extended Validation Server CA		 2020-07-09 -
2022-04-14		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
clklife.surf
R3		 2021-01-10 -
2021-04-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-11-01 -
2021-10-31		 a year crt.sh
clickpay24.tv
R3		 2020-12-04 -
2021-03-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://oiqgdihf.simple-site2c.xyz/
Frame ID: 964921A75CDA1A7939B1C8591A92FF13
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://goskassa-rub45s.tumblr.com/?ouI1f Page URL
  2. http://finbankru.site/ Page URL
  3. https://ad.banksber.xyz/go/2b50513b-46e0-4ba2-85eb-b59144d79ea7 HTTP 302
    https://clklife.surf/tds/98324 Page URL
  4. https://clklife.surf/tds/98324?fp=798ea619170d9541d47494b8579ef5f6 HTTP 307
    https://oiqgdihf.simple-site2c.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/(?:www\.)?[^/]+\.tumblr\.com\//i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

47
Requests

57 %
HTTPS

50 %
IPv6

9
Domains

11
Subdomains

10
IPs

5
Countries

3454 kB
Transfer

3811 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://goskassa-rub45s.tumblr.com/?ouI1f Page URL
  2. http://finbankru.site/ Page URL
  3. https://ad.banksber.xyz/go/2b50513b-46e0-4ba2-85eb-b59144d79ea7 HTTP 302
    https://clklife.surf/tds/98324 Page URL
  4. https://clklife.surf/tds/98324?fp=798ea619170d9541d47494b8579ef5f6 HTTP 307
    https://oiqgdihf.simple-site2c.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://ad.banksber.xyz/go/2b50513b-46e0-4ba2-85eb-b59144d79ea7 HTTP 302
  • https://clklife.surf/tds/98324

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
goskassa-rub45s.tumblr.com/ 		32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goskassa-rub45s.tumblr.com/?ouI1f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
74.114.154.18 , Canada, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
openresty /
Resource Hash
652651daf0e45305a97baf93f6d8394eda37de11c1729c49ce5a0f78fc52ae8f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: blob: 'unsafe-inline';
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
goskassa-rub45s.tumblr.com
:scheme
https
:path
/?ouI1f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
openresty
date
Mon, 11 Jan 2021 21:50:23 GMT
content-type
text/html; charset=UTF-8
content-length
8416
x-rid
d3f19fa90cd244c68897249a4bff3e97
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=15552001
content-security-policy
upgrade-insecure-requests; default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: blob: 'unsafe-inline';
content-security-policy-report-only
upgrade-insecure-requests; default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: blob: 'unsafe-inline'; report-uri https://www.tumblr.com/svc/cspreports;
x-tumblr-user
goskassa-rub45s
x-tumblr-pixel-0
https://px.srvcs.tumblr.com/impixu?T=1610401823&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDovL2dvc2thc3NhLXJ1YjQ1cy50dW1ibHIuY29tLz9vdUkxZiIsInJlcXR5cGUiOjAsInJvdXRlIjoiLyJ9&U=PDFFDCJKBL&K=b0ec5aa9b3a4dd8d726d2b6fa2dc5b73d82b4a96fdb7cb009a9b3273da2b80e7
x-tumblr-pixel
1
link
<https://assets.tumblr.com/images/default_avatar/cube_open_128.png>; rel=icon
set-cookie
pfg=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.tumblr.com; secure; HttpOnly tmgioct=5ffcc81fdfbd670962980220; expires=Thu, 09-Jan-2031 21:50:23 GMT; Max-Age=315360000; path=/; domain=.tumblr.com; HttpOnly
x-ua-compatible
IE=Edge,chrome=1
content-encoding
br
x-ua-device
desktop
vary
X-UA-Device, Accept, Accept-Encoding
accept-ranges
bytes
pre_tumblelog.js
assets.tumblr.com/assets/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98
Requested by
Host: goskassa-rub45s.tumblr.com
URL: https://goskassa-rub45s.tumblr.com/?ouI1f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
cb9f274aca2fcd18d0ab90868d9e1ff24ea00201b7d2695ce454fc53526cae31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://goskassa-rub45s.tumblr.com/?ouI1f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT cdg 1
date
Mon, 11 Jan 2021 21:50:24 GMT
content-encoding
br
last-modified
Sat, 01 Aug 2020 05:25:08 GMT
server
nginx
etag
W/"5f24fcb4-c3e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.build.css
assets.tumblr.com/client/prod/standalone/blog-network-npf/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/client/prod/standalone/blog-network-npf/index.build.css?_v=a6c4ad40cdc663ad83f8a1bbc8aeedc6
Requested by
Host: goskassa-rub45s.tumblr.com
URL: https://goskassa-rub45s.tumblr.com/?ouI1f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
c8a7d71935396f7d4e73146f7318d1567e1a6657e4df196f1702be190c841141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://goskassa-rub45s.tumblr.com/?ouI1f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT cdg 1
date
Mon, 11 Jan 2021 21:50:24 GMT
content-encoding
br
last-modified
Mon, 04 Jan 2021 22:59:53 GMT
server
nginx
etag
W/"5ff39de9-25fe"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
main-min.css
static.tumblr.com/mftixld/AmMpjzwer/ 		48 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tumblr.com/mftixld/AmMpjzwer/main-min.css
Requested by
Host: goskassa-rub45s.tumblr.com
URL: https://goskassa-rub45s.tumblr.com/?ouI1f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.147 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lha/8CA1) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://goskassa-rub45s.tumblr.com/?ouI1f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 21:50:24 GMT
via
1.1 f63a9bb4aae02f02eec90d4f5c360d61.cloudfront.net (CloudFront)
last-modified
Wed, 19 Dec 2018 17:54:28 GMT
server
ECAcc (lha/8CA1)
age
11514123
etag
"c5455b730f69ceaae25263c29427f017"
strict-transport-security
max-age=31536000; preload
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000,immutable
accept-ranges
bytes
content-length
74879
tumblelog_post_message_queue.js
assets.tumblr.com/assets/scripts/ 		355 B
223 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/assets/scripts/tumblelog_post_message_queue.js?_v=a8fadfa499d8cb7c3f8eefdf0b1adfdd
Requested by
Host: goskassa-rub45s.tumblr.com
URL: https://goskassa-rub45s.tumblr.com/?ouI1f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://goskassa-rub45s.tumblr.com/?ouI1f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT cdg 1
date
Mon, 11 Jan 2021 21:50:24 GMT
content-encoding
br
last-modified
Tue, 21 Jul 2020 05:06:19 GMT
server
nginx
etag
W/"5f1677cb-163"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
stylesheet.css
assets.tumblr.com/fonts/gibson/ 		2 KB
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/fonts/gibson/stylesheet.css?v=3
Requested by
Host: goskassa-rub45s.tumblr.com
URL: https://goskassa-rub45s.tumblr.com/?ouI1f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
0c075ef6d8bd3985f8d49c9fcfeec241bb1a65f636d8cd786ea49f8f6f925ad2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://goskassa-rub45s.tumblr.com/?ouI1f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT cdg 1
date
Mon, 11 Jan 2021 21:50:24 GMT
content-encoding
br
last-modified
Sat, 01 Aug 2020 05:25:09 GMT
server
nginx
etag
W/"5f24fcb5-97e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cube_open_128.png
assets.tumblr.com/images/default_avatar/ 		0
0
main-min.js
static.tumblr.com/27gzhx7/Z5qorjizb/ 		0
0
index.build.js
assets.tumblr.com/client/prod/standalone/tumblelog/ 		0
0
/
finbankru.site/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://finbankru.site/
Requested by
Host: goskassa-rub45s.tumblr.com
URL: https://goskassa-rub45s.tumblr.com/?ouI1f
Protocol
HTTP/1.1
Server
2a00:f940:1:1:2::5a1 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
c089a3a1668c6b7f7423228377ec783ba59193a359aa15244e291ca1b084b02b

Request headers

Host
finbankru.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.16.1
Date
Mon, 11 Jan 2021 21:50:24 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
mbr-additional.css
finbankru.site/assets/mobirise/css/ 		18 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://finbankru.site/assets/mobirise/css/mbr-additional.css
Requested by
Host: finbankru.site
URL: http://finbankru.site/
Protocol
HTTP/1.1
Server
2a00:f940:1:1:2::5a1 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
a261b4ff0c97ff27b18c5c5b82005d1c614409d4c9493d2831a0c1725ad526d3

Request headers

Referer
http://finbankru.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 21:50:24 GMT
Last-Modified
Mon, 31 Aug 2020 17:03:30 GMT
Server
nginx/1.16.1
ETag
"5f4d2d62-4717"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18199
mobirise-icons.css
finbankru.site/assets/web/assets/mobirise-icons/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://finbankru.site/assets/web/assets/mobirise-icons/mobirise-icons.css
Requested by
Host: finbankru.site
URL: http://finbankru.site/
Protocol
HTTP/1.1
Server
2a00:f940:1:1:2::5a1 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
b0cf918213747e59ed554a87d5e821487bc728f2cbb3460d4a2f08735391c44d

Request headers

Referer
http://finbankru.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 21:50:24 GMT
Last-Modified
Tue, 04 Aug 2020 11:31:42 GMT
Server
nginx/1.16.1
ETag
"5f29471e-1dbd"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7613
bootstrap.min.css
finbankru.site/assets/bootstrap/css/ 		150 KB
150 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://finbankru.site/assets/bootstrap/css/bootstrap.min.css
Requested by
Host: finbankru.site
URL: http://finbankru.site/
Protocol
HTTP/1.1
Server
2a00:f940:1:1:2::5a1 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Request headers

Referer
http://finbankru.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 21:50:24 GMT
Last-Modified
Tue, 04 Aug 2020 11:31:42 GMT
Server
nginx/1.16.1
ETag
"5f29471e-2565e"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
153182
bootstrap-grid.min.css
finbankru.site/assets/bootstrap/css/ 		47 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://finbankru.site/assets/bootstrap/css/bootstrap-grid.min.css
Requested by
Host: finbankru.site
URL: http://finbankru.site/
Protocol
HTTP/1.1
Server
2a00:f940:1:1:2::5a1 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e6d573b7daafdee530dc4204ffb40f9bd192b3f65ed11a0bf02b18b909bca8a8

Request headers

Referer
http://finbankru.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 21:50:24 GMT
Last-Modified
Tue, 04 Aug 2020 11:31:42 GMT
Server
nginx/1.16.1
ETag
"5f29471e-bd68"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48488
bootstrap-reboot.min.css
finbankru.site/assets/bootstrap/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://finbankru.site/assets/bootstrap/css/bootstrap-reboot.min.css
Requested by
Host: finbankru.site
URL: http://finbankru.site/
Protocol
HTTP/1.1
Server
2a00:f940:1:1:2::5a1 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e9493663951399b6e85a64aae34b39277c0d0ede93cc852fb1ee540179160a32

Request headers

Referer
http://finbankru.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 21:50:24 GMT
Last-Modified
Tue, 04 Aug 2020 11:31:42 GMT
Server
nginx/1.16.1
ETag
"5f29471e-efc"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3836
tether.min.css
finbankru.site/assets/tether/ 		237 B
473 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://finbankru.site/assets/tether/tether.min.css
Requested by
Host: finbankru.site
URL: http://finbankru.site/
Protocol
HTTP/1.1
Server
2a00:f940:1:1:2::5a1 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
cb84c37000f8fe3e68e24799be081febdf02afd39cec967e80631ac76dea9950

Request headers

Referer
http://finbankru.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 21:50:24 GMT
Last-Modified
Tue, 04 Aug 2020 11:31:42 GMT
Server
nginx/1.16.1
ETag
"5f29471e-ed"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
237
style.css
finbankru.site/assets/theme/css/ 		23 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://finbankru.site/assets/theme/css/style.css
Requested by
Host: finbankru.site
URL: http://finbankru.site/
Protocol
HTTP/1.1
Server
2a00:f940:1:1:2::5a1 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
c85ed882b96aeda4e35852af334388ac4845daf0c0f5fd9142b0fe564ff37c76

Request headers

Referer
http://finbankru.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 21:50:24 GMT
Last-Modified
Tue, 04 Aug 2020 11:31:42 GMT
Server
nginx/1.16.1
ETag
"5f29471e-5b39"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23353
7-1046x230.png
finbankru.site/assets/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://finbankru.site/assets/images/7-1046x230.png
Requested by
Host: finbankru.site
URL: http://finbankru.site/
Protocol
HTTP/1.1
Server
2a00:f940:1:1:2::5a1 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
c030c9655ff6d807d4e0b2484ff994debdafbfa87fcd4d091f6c26e8b9500630

Request headers

Referer
http://finbankru.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 21:50:24 GMT
Last-Modified
Mon, 31 Aug 2020 17:01:34 GMT
Server
nginx/1.16.1
ETag
"5f4d2cee-547c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21628
jquery.min.js
finbankru.site/assets/web/assets/jquery/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://finbankru.site/assets/web/assets/jquery/jquery.min.js
Requested by
Host: finbankru.site
URL: http://finbankru.site/
Protocol
HTTP/1.1
Server
2a00:f940:1:1:2::5a1 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Referer
http://finbankru.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 21:50:24 GMT
Last-Modified
Tue, 04 Aug 2020 11:31:42 GMT
Server
nginx/1.16.1
ETag
"5f29471e-176bb"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95931
popper.min.js
finbankru.site/assets/popper/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://finbankru.site/assets/popper/popper.min.js
Requested by
Host: finbankru.site
URL: http://finbankru.site/
Protocol
HTTP/1.1
Server
2a00:f940:1:1:2::5a1 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7

Request headers

Referer
http://finbankru.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 21:50:24 GMT
Last-Modified
Tue, 04 Aug 2020 11:31:42 GMT
Server
nginx/1.16.1
ETag
"5f29471e-4a32"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18994
bootstrap.min.js
finbankru.site/assets/bootstrap/js/ 		54 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://finbankru.site/assets/bootstrap/js/bootstrap.min.js
Requested by
Host: finbankru.site
URL: http://finbankru.site/
Protocol
HTTP/1.1
Server
2a00:f940:1:1:2::5a1 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267

Request headers

Referer
http://finbankru.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 21:50:24 GMT
Last-Modified
Tue, 04 Aug 2020 11:31:42 GMT
Server
nginx/1.16.1
ETag
"5f29471e-d9df"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
55775
tether.min.js
finbankru.site/assets/tether/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://finbankru.site/assets/tether/tether.min.js
Requested by
Host: finbankru.site
URL: http://finbankru.site/
Protocol
HTTP/1.1
Server
2a00:f940:1:1:2::5a1 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0a0416e386e436583f5f49242104677e6b16b1aa693d86f32d76845e26081f96

Request headers

Referer
http://finbankru.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 21:50:24 GMT
Last-Modified
Tue, 04 Aug 2020 11:31:42 GMT
Server
nginx/1.16.1
ETag
"5f29471e-5ab1"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23217
smooth-scroll.js
finbankru.site/assets/smoothscroll/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://finbankru.site/assets/smoothscroll/smooth-scroll.js
Requested by
Host: finbankru.site
URL: http://finbankru.site/
Protocol
HTTP/1.1
Server
2a00:f940:1:1:2::5a1 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
c91f338f6adfb67bcf0ef83e714b8ab54799f47111d589e380590d063b8bf273

Request headers

Referer
http://finbankru.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 21:50:24 GMT
Last-Modified
Tue, 04 Aug 2020 11:31:42 GMT
Server
nginx/1.16.1
ETag
"5f29471e-63e1"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25569
script.js
finbankru.site/assets/theme/js/ 		48 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://finbankru.site/assets/theme/js/script.js
Requested by
Host: finbankru.site
URL: http://finbankru.site/
Protocol
HTTP/1.1
Server
2a00:f940:1:1:2::5a1 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
fcce483a5a5a1f47d3ac9293a9ce468414fb8bb1223761b9823eb06e3fc04444

Request headers

Referer
http://finbankru.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 21:50:24 GMT
Last-Modified
Mon, 31 Aug 2020 17:03:30 GMT
Server
nginx/1.16.1
ETag
"5f4d2d62-c125"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49445
css
fonts.googleapis.com/ 		16 KB
881 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Requested by
Host: finbankru.site
URL: http://finbankru.site/assets/mobirise/css/mbr-additional.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c850e11c17316ea9f811e36961983755be15d5bc3061bc0676d841d01497c8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://finbankru.site/assets/mobirise/css/mbr-additional.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Jan 2021 21:35:35 GMT
server
ESF
date
Mon, 11 Jan 2021 21:50:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Jan 2021 21:50:24 GMT
iJWKBXyIfDnIV7nFrXyw023e1Ik.woff2
fonts.gstatic.com/s/rubik/v11/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v11/iJWKBXyIfDnIV7nFrXyw023e1Ik.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59aaae41dacb0ef51582fe6149b5f0c950167347f5be66f09372a0cd0546dabe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://finbankru.site
Referer
https://fonts.googleapis.com/css?family=Rubik:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 01:39:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 2020 22:19:07 GMT
server
sffe
age
331830
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14224
x-xss-protection
0
expires
Sat, 08 Jan 2022 01:39:54 GMT
iJWKBXyIfDnIV7nBrXyw023e.woff2
fonts.gstatic.com/s/rubik/v11/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v11/iJWKBXyIfDnIV7nBrXyw023e.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c90b7af2ba867dc9291d978e41c1573ca710536b064541c75f539208e794b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://finbankru.site
Referer
https://fonts.googleapis.com/css?family=Rubik:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 00:04:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 2020 22:16:56 GMT
server
sffe
age
337583
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35668
x-xss-protection
0
expires
Sat, 08 Jan 2022 00:04:01 GMT
mobirise-icons.ttf
finbankru.site/assets/web/assets/mobirise-icons/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://finbankru.site/assets/web/assets/mobirise-icons/mobirise-icons.ttf?spat4u
Requested by
Host: finbankru.site
URL: http://finbankru.site/assets/web/assets/mobirise-icons/mobirise-icons.css
Protocol
HTTP/1.1
Server
2a00:f940:1:1:2::5a1 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
4b09eb555b72f74acd30018f8aaa4ef19787301819801dff7f6bcde9d3754cd7

Request headers

Origin
http://finbankru.site
Referer
http://finbankru.site/assets/web/assets/mobirise-icons/mobirise-icons.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 21:50:24 GMT
Last-Modified
Tue, 04 Aug 2020 11:31:42 GMT
Server
nginx/1.16.1
ETag
"c908-5ac0b99698380"
Content-Type
application/font-sfnt
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51464
98324
clklife.surf/tds/
Redirect Chain
  • https://ad.banksber.xyz/go/2b50513b-46e0-4ba2-85eb-b59144d79ea7
  • https://clklife.surf/tds/98324
1 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clklife.surf/tds/98324
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.24.146 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
ddos-guard / PHP/7.2.34
Resource Hash
44a003b4027e4d638b32822f8619a983c38fc5f87e030eed49609c814d97e36c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:method
GET
:authority
clklife.surf
:scheme
https
:path
/tds/98324
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://finbankru.site/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://finbankru.site/

Response headers

server
ddos-guard
content-security-policy
upgrade-insecure-requests;
set-cookie
__ddg1=JwxA8tgozWU6OmuxrFoM; Domain=.clklife.surf; HttpOnly; Path=/; Expires=Tue, 11-Jan-2022 21:50:28 GMT PHPSESSID=jr3ei8lf9u56kv0siajgdsjhvh; path=/
date
Mon, 11 Jan 2021 21:50:28 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.34
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 11 Jan 2021 21:50:28 GMT
Content-Type
text/html; charset=utf-8
Content-Length
104
Connection
keep-alive
Access-Control-Allow-Origin
*
Set-Cookie
bemob-uniq-visit:2b50513b-46e0-4ba2-85eb-b59144d79ea7=1; Domain=ad.banksber.xyz; Path=/; Expires=Tue, 12 Jan 2021 21:50:28 GMT; HttpOnly; Secure; SameSite=None bemob-click-id=cPbBZmmoFjYGWyk5yGDbzO; Domain=ad.banksber.xyz; Path=/; Expires=Tue, 12 Jan 2021 21:50:28 GMT; HttpOnly; Secure; SameSite=None
Location
https://clklife.surf/tds/98324
Vary
Accept
X-Response-Time
17.099ms
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=0; includeSubDomains
fp3.min.js
clklife.surf/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clklife.surf/js/fp3.min.js
Requested by
Host: clklife.surf
URL: https://clklife.surf/tds/98324
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.24.146 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
3daae9af0456d0bd5a7918984e7564bee35b8461991baa436f84e53e560743d4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Referer
https://clklife.surf/tds/98324
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
last-modified
Sat, 31 Oct 2020 10:28:08 GMT
server
ddos-guard
age
25724
etag
W/"5f9d3c38-2fd8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
date
Mon, 11 Jan 2021 14:41:45 GMT
content-length
5011
Primary Request /
oiqgdihf.simple-site2c.xyz/
Redirect Chain
  • https://clklife.surf/tds/98324?fp=798ea619170d9541d47494b8579ef5f6
  • https://oiqgdihf.simple-site2c.xyz/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oiqgdihf.simple-site2c.xyz/
Requested by
Host: clklife.surf
URL: https://clklife.surf/tds/98324
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f93e0de3e2349e15f88ddde60ff7e8f73e231e4d974a3e843e0d91d7ea0aa8b0

Request headers

:method
GET
:authority
oiqgdihf.simple-site2c.xyz
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://clklife.surf/tds/98324
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://clklife.surf/tds/98324

Response headers

date
Mon, 11 Jan 2021 21:50:29 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dc223a7f699bad5cf7b4983e8d7eb51121610401829; expires=Wed, 10-Feb-21 21:50:29 GMT; path=/; domain=.simple-site2c.xyz; HttpOnly; SameSite=Lax __ddg1=w0iFttfDqjOG6th0yC6b; Domain=.simple-site2c.xyz; HttpOnly; Path=/; Expires=Tue, 11-Jan-2022 21:50:29 GMT
vary
Accept-Encoding
last-modified
Thu, 06 Jun 2019 20:36:28 GMT
cf-cache-status
DYNAMIC
cf-request-id
079506eaaa000005d8bb2bc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sJ9KZQTb9fuJZ2oe%2BCcI%2FH71UCD9VnB%2FwQVXFSVKnxFnh1J4SK%2BcB%2FFkzAQ5wm23JBcL7NwfNW3pF7a1MLSs4Tvzc7wGJgKwLkWsqTHyWW3WjgGuBGkzVv3ziJtzz7Ezxaa41aHWbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6101da8aa96905d8-FRA
content-encoding
br

Redirect headers

server
ddos-guard
content-security-policy
upgrade-insecure-requests;
date
Mon, 11 Jan 2021 21:50:29 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.34
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
https://oiqgdihf.simple-site2c.xyz
content-encoding
br
vary
Accept-Encoding
114e9b09b9b2ed24c8b3.js
oiqgdihf.simple-site2c.xyz/_nuxt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oiqgdihf.simple-site2c.xyz/_nuxt/114e9b09b9b2ed24c8b3.js
Requested by
Host: oiqgdihf.simple-site2c.xyz
URL: https://oiqgdihf.simple-site2c.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0333fdc6294f9a7f16b763f03e839aaa7dce20521db7cd997207968a2b9c5d97

Request headers

Referer
https://oiqgdihf.simple-site2c.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 21:50:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 06 Jun 2019 20:36:28 GMT
server
cloudflare
etag
W/"5cf9794c-b9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6wyCnbf77r6FQYZtzqEN3%2F%2FvW1whBpl5R4fR3%2BFPx6jGunUt9snFioYCGFj0ys2YQ53LrIql80myDHaglyPtYnS5l6xf8YVLIdu14AtvH9GjZ8RbdDW6RekuhtAIICcef4TkWEOBaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6101da8b0a3b05d8-FRA
cf-request-id
079506eae6000005d8d20b5000000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
82588493e1ce1a8b3007.js
oiqgdihf.simple-site2c.xyz/_nuxt/ 		168 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oiqgdihf.simple-site2c.xyz/_nuxt/82588493e1ce1a8b3007.js
Requested by
Host: oiqgdihf.simple-site2c.xyz
URL: https://oiqgdihf.simple-site2c.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
774e25bec76f53a88c0f9aeff6580ccaff338809bd7b84105f1a25885cc55049

Request headers

Referer
https://oiqgdihf.simple-site2c.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 21:50:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
27058
cf-request-id
079506eae8000005d80ba5f000000001
last-modified
Thu, 06 Jun 2019 20:36:28 GMT
server
cloudflare
etag
W/"5cf9794c-29f33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7oATK80K65ncLwsOYq6kXbEHrtvRAmoXT1kii6O9icrnTmmFa4vhO03OW6XO1d7Cr36I8qXtmKqIEZUy0xVQa7pZtAHSl0O7%2BSV4CKSeMzCtGFLynZd1RQSxk1glYiA4WxgW4B38tA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6101da8b0a4005d8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
c788ab6ca54e45932e47.js
oiqgdihf.simple-site2c.xyz/_nuxt/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oiqgdihf.simple-site2c.xyz/_nuxt/c788ab6ca54e45932e47.js
Requested by
Host: oiqgdihf.simple-site2c.xyz
URL: https://oiqgdihf.simple-site2c.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed85cc4f7a0bf3838b828d478d5e52869e417e86580490a1f6a2433efa5c0622

Request headers

Referer
https://oiqgdihf.simple-site2c.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 21:50:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 06 Jun 2019 20:36:28 GMT
server
cloudflare
etag
W/"5cf9794c-69da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S6vuBfdRrCWbQaBf7GoPnWBhmkM%2B5kKc1zL5B0IXSbqH8Xfh3vB2UlYqlreZJAPE%2F%2Fh%2FlWuWNCtP8dcFob2ExSkVNCBMmldZazJvHM80Ah71HcDFHqbXg5jPLtVbjrSu2yInwZ%2BzlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6101da8b0a4205d8-FRA
cf-request-id
079506eae6000005d8f81ac000000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
5eba617ce7a98ee2cdef.js
oiqgdihf.simple-site2c.xyz/_nuxt/ 		109 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oiqgdihf.simple-site2c.xyz/_nuxt/5eba617ce7a98ee2cdef.js
Requested by
Host: oiqgdihf.simple-site2c.xyz
URL: https://oiqgdihf.simple-site2c.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75940610385f50bf17fd5f17d011cdaf02e06ac60c0ce06abffd683a5219721c

Request headers

Referer
https://oiqgdihf.simple-site2c.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 21:50:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 06 Jun 2019 20:36:28 GMT
server
cloudflare
etag
W/"5cf9794c-1b4ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=niaN5f%2FxBLK7o7EoeZDFxm6uQWWLoWvBpQzhzwZH3WppmJjjdUnAVsI1ZFuJQ92cxdL5SVrDMzwM64quYBqJbMTBSSAIVPoZfQr7%2BWXKp9D4IN8icbROZZ5YK95BU1ccbRg%2Fse2Nvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6101da8b0a4405d8-FRA
cf-request-id
079506eae7000005d8e48bf000000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Material+Icons
Requested by
Host: oiqgdihf.simple-site2c.xyz
URL: https://oiqgdihf.simple-site2c.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bb48d10e3817154c3529dea56e50f3e11ace3af8d6e9a43ebe83f50e43fc7335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oiqgdihf.simple-site2c.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Jan 2021 21:50:29 GMT
server
ESF
date
Mon, 11 Jan 2021 21:50:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Jan 2021 21:50:29 GMT
104a66c46f2c83ddd993.js
oiqgdihf.simple-site2c.xyz/_nuxt/ 		21 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oiqgdihf.simple-site2c.xyz/_nuxt/104a66c46f2c83ddd993.js
Requested by
Host: oiqgdihf.simple-site2c.xyz
URL: https://oiqgdihf.simple-site2c.xyz/_nuxt/114e9b09b9b2ed24c8b3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
222747855b1b9c14248b9cbd63caf31ca3628a26ef321cc0859cd30bc086a373

Request headers

Referer
https://oiqgdihf.simple-site2c.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 21:50:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 06 Jun 2019 20:36:28 GMT
server
cloudflare
etag
W/"5cf9794c-549a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K%2Bu%2FIbbXI%2Fl3ssnH0yLgnFJ%2Bk8goLA4t7qMBRZx1eMZh1WroxhcHkEwK6uZzFBY0gXA%2F4GwQUA%2FZzYGi4JTEOUXlVFqiJriPZMSHaQ8s0bYioWJ2muNyXL9Ag0bH9bo2zq3QBOr2mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6101da8bcc0a05d8-FRA
cf-request-id
079506eb58000005d8d20bd000000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
5e39794.png
oiqgdihf.simple-site2c.xyz/_nuxt/img/ 		164 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oiqgdihf.simple-site2c.xyz/_nuxt/img/5e39794.png
Requested by
Host: oiqgdihf.simple-site2c.xyz
URL: https://oiqgdihf.simple-site2c.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3489849c071638f8de0b3a5d22410d59d5b851e12a4e4c3a9865279bc8300c6a

Request headers

Referer
https://oiqgdihf.simple-site2c.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 21:50:29 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
167876
cf-request-id
079506eb9a000005d81dbba000000001
last-modified
Thu, 06 Jun 2019 20:36:28 GMT
server
cloudflare
etag
"5cf9794c-28fc4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wk3lGV1VmllyaOrtJVOoYQ%2BMTNgnD5tKlLQB6NrmbnihBJu%2BOJxV%2BzV2UeL%2FCkQxSAoxhJ9bGyaSTU10a77DnZE0rj9RPKAwokrqWkp4UncQGA14acnnJEU%2BKrWEfZogQPWWehEaeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6101da8c2d2b05d8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
a8ed85c.gif
oiqgdihf.simple-site2c.xyz/_nuxt/img/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oiqgdihf.simple-site2c.xyz/_nuxt/img/a8ed85c.gif
Requested by
Host: oiqgdihf.simple-site2c.xyz
URL: https://oiqgdihf.simple-site2c.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b7561fa19b25448d81e5ab0497bf0a86f47e8f41270c19e6f050496f395ac7b

Request headers

Referer
https://oiqgdihf.simple-site2c.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 21:50:29 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
2346340
cf-request-id
079506eb9b000005d806256000000001
last-modified
Thu, 06 Jun 2019 20:36:28 GMT
server
cloudflare
etag
"5cf9794c-23cd64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KePYgZqNf5ltyE%2Ftir4DScpP6%2BlqVdpOVJQP%2BJNm2Ar7fE5z59lv7S3WkAYMtY8jeyqXQ1b1E5P6vLZ7fTWjiWGn9salEzg9tyK5xb3tK6hum9YeEfKELszgcnJqZxRB%2FcibejCEPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6101da8c2d3105d8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
info-pay.json
oiqgdihf.simple-site2c.xyz/ 		11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://oiqgdihf.simple-site2c.xyz/info-pay.json
Requested by
Host: oiqgdihf.simple-site2c.xyz
URL: https://oiqgdihf.simple-site2c.xyz/_nuxt/82588493e1ce1a8b3007.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a24ce65bcc97ea5c2fd838c6d392b298ff608cb3180d15fc6821faac32ba914

Request headers

Accept
application/json, text/plain, */*
Referer
https://oiqgdihf.simple-site2c.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 21:50:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 07 Jan 2021 17:01:49 GMT
server
cloudflare
etag
W/"2ab6-5b852653ed940"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vQpNl6iieCbTXaLGj8qV5%2FlQwCN20x7iuPPWRTQxUCSc8%2FJ0qe7hoEeZt0ZkHWwl7Y9oiUSKFJHDoWjjiNu4janx%2B4ggxN%2BY%2BQ7ZiMKRzraoq6v6qeKk14LVuaGVevqLqh5wrMgKvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6101da8c2d3b05d8-FRA
cf-request-id
079506eb9e000005d8d20c4000000001
/
clickpay24.tv/apiRequest/domainsGet/ 		85 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clickpay24.tv/apiRequest/domainsGet/
Requested by
Host: oiqgdihf.simple-site2c.xyz
URL: https://oiqgdihf.simple-site2c.xyz/_nuxt/82588493e1ce1a8b3007.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.24.62 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
ddos-guard / PHP/7.2.34
Resource Hash
109e1b37fd46e4aaef8bd21b3fc0b34a250c3c5b9a910d151c38792924ca24e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept
application/json, text/plain, */*
Referer
https://oiqgdihf.simple-site2c.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
server
ddos-guard
x-powered-by
PHP/7.2.34
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://oiqgdihf.simple-site2c.xyz
cache-control
no-store, no-cache, must-revalidate
date
Mon, 11 Jan 2021 21:50:30 GMT
access-control-allow-credentials
true
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
ip-api.com/json/ 		0
0
info-pay.json
oiqgdihf.simple-site2c.xyz/ 		11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://oiqgdihf.simple-site2c.xyz/info-pay.json
Requested by
Host: oiqgdihf.simple-site2c.xyz
URL: https://oiqgdihf.simple-site2c.xyz/_nuxt/82588493e1ce1a8b3007.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a24ce65bcc97ea5c2fd838c6d392b298ff608cb3180d15fc6821faac32ba914

Request headers

Accept
application/json, text/plain, */*
Referer
https://oiqgdihf.simple-site2c.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 21:50:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 07 Jan 2021 17:01:49 GMT
server
cloudflare
etag
W/"2ab6-5b852653ed940"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eHu%2BldYjTCF2ICoSs%2FuyabVJ3yfIPvwBN8TdD%2BS7TXNz6OOdtAGi%2Fk5DlnvEJ5zMRUMwyqY5LkpCDel%2B8%2BdSTEbHVZOvXeRzCCc6bIEZgJUdtAX9FC0cATbXa2FJqkundTvlDjDVtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6101da8c2d3e05d8-FRA
cf-request-id
079506eb9e000005d8cb0f3000000001
bb08af6.woff
oiqgdihf.simple-site2c.xyz/_nuxt/fonts/ 		79 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oiqgdihf.simple-site2c.xyz/_nuxt/fonts/bb08af6.woff
Requested by
Host: oiqgdihf.simple-site2c.xyz
URL: https://oiqgdihf.simple-site2c.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c441c2f7945cd676b3f6acf088a4bc9faddf0160b8e434ad1b9da005167628c

Request headers

Origin
https://oiqgdihf.simple-site2c.xyz
Referer
https://oiqgdihf.simple-site2c.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 21:50:29 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
80716
cf-request-id
079506eba2000005d82ba02000000001
last-modified
Thu, 06 Jun 2019 20:36:28 GMT
server
cloudflare
etag
"5cf9794c-13b4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nrFUrRSXf0p4Ouz5GVoRyOjRylws1JVHvFXLn8IxGh9aC9vrLdzG9gJi6dXBnGIsMUOeroB7uE37HSeQT6y54LAJz50%2BTKMZGO9Ici1H2PltbnMeap5wJfUescktEBhkOVdDKIrlGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6101da8c3d4805d8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
53d97ca.woff
oiqgdihf.simple-site2c.xyz/_nuxt/fonts/ 		71 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oiqgdihf.simple-site2c.xyz/_nuxt/fonts/53d97ca.woff
Requested by
Host: oiqgdihf.simple-site2c.xyz
URL: https://oiqgdihf.simple-site2c.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
542772868e28df6d786b6f00f9dec929cba214d928cb013b32588485b46f8715

Request headers

Origin
https://oiqgdihf.simple-site2c.xyz
Referer
https://oiqgdihf.simple-site2c.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 21:50:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
27057
content-length
72696
cf-request-id
079506eba2000005d8c5082000000001
last-modified
Thu, 06 Jun 2019 20:36:28 GMT
server
cloudflare
etag
"5cf9794c-11bf8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sP9X3YLFSC8roJJK6%2F94Ul8cV2QOY0x9RoiDmKcNPRB0z9hpOa%2Bblrjo4qN7MXrAZ6kAXRiLioOYH%2BN4beZZdnHLR2Rga7MbRQDNniMH5%2BXeg%2BcphUjcOWoZYobQcQsHymszXw%2FEjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6101da8c3d4a05d8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
cd0e440.woff
oiqgdihf.simple-site2c.xyz/_nuxt/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oiqgdihf.simple-site2c.xyz/_nuxt/fonts/cd0e440.woff
Requested by
Host: oiqgdihf.simple-site2c.xyz
URL: https://oiqgdihf.simple-site2c.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee3e7fdee9949590b4928c30c719e322efbf8aa49e53ca222d44ede181f60c17

Request headers

Origin
https://oiqgdihf.simple-site2c.xyz
Referer
https://oiqgdihf.simple-site2c.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 21:50:29 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
44548
cf-request-id
079506eba3000005d8e0bea000000001
last-modified
Thu, 06 Jun 2019 20:36:28 GMT
server
cloudflare
etag
"5cf9794c-ae04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qUFsO%2BXKCVYuC6s6nHJm1JF9z4B13aRs2XC5Gy4USfcW2U2pEurC%2BHRSQUNVSnjQ3Jsoi%2B3rLOK3GZ3UWr6Unnwi3rceVf%2BPLNNyTd4q9sGm%2Bhz5gDh3Pj9uQAV0upi4p1gFoShJcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6101da8c3d4c05d8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
396e556.woff
oiqgdihf.simple-site2c.xyz/_nuxt/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oiqgdihf.simple-site2c.xyz/_nuxt/fonts/396e556.woff
Requested by
Host: oiqgdihf.simple-site2c.xyz
URL: https://oiqgdihf.simple-site2c.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:8d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01a57777682d950fe59e0218b987410c044d5d96a72769565902d4ca91f52ba9

Request headers

Origin
https://oiqgdihf.simple-site2c.xyz
Referer
https://oiqgdihf.simple-site2c.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 21:50:29 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
44524
cf-request-id
079506eba3000005d80ba73000000001
last-modified
Thu, 06 Jun 2019 20:36:28 GMT
server
cloudflare
etag
"5cf9794c-adec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XAzLSG08XCVzPo38zC5wtV6s6p%2BEKP74wY6DeOYwPIeMKM4m%2B%2BuwY%2FOQVv8XplVgrBwK5oIf1vCykmTuPm4XxIUJU4vWWVGXNxO4x%2BLn4PrnuPjzHHGp53tPAGXChtN0hkTpz47msw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6101da8c3d4e05d8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
assets.tumblr.com
URL
https://assets.tumblr.com/images/default_avatar/cube_open_128.png
Domain
static.tumblr.com
URL
https://static.tumblr.com/27gzhx7/Z5qorjizb/main-min.js
Domain
assets.tumblr.com
URL
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=6be13416468978ab5fb9e5691b0323f3
Domain
ip-api.com
URL
http://ip-api.com/json/

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $nuxt

2 Cookies

Domain/Path Name / Value
.simple-site2c.xyz/ Name: __ddg1
Value: w0iFttfDqjOG6th0yC6b
.simple-site2c.xyz/ Name: __cfduid
Value: dc223a7f699bad5cf7b4983e8d7eb51121610401829

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: blob: 'unsafe-inline';
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.banksber.xyz
assets.tumblr.com
clickpay24.tv
clklife.surf
finbankru.site
fonts.googleapis.com
fonts.gstatic.com
goskassa-rub45s.tumblr.com
ip-api.com
oiqgdihf.simple-site2c.xyz
static.tumblr.com
assets.tumblr.com
ip-api.com
static.tumblr.com
152.199.21.147
190.115.24.146
190.115.24.62
192.0.77.40
2606:4700:3031::681c:8d8
2a00:1450:4001:820::200a
2a00:1450:4001:824::2003
2a00:f940:1:1:2::5a1
2a05:d014:286:3502:280f:5c03:88aa:6d81
74.114.154.18
01a57777682d950fe59e0218b987410c044d5d96a72769565902d4ca91f52ba9
0333fdc6294f9a7f16b763f03e839aaa7dce20521db7cd997207968a2b9c5d97
0a0416e386e436583f5f49242104677e6b16b1aa693d86f32d76845e26081f96
0c075ef6d8bd3985f8d49c9fcfeec241bb1a65f636d8cd786ea49f8f6f925ad2
109e1b37fd46e4aaef8bd21b3fc0b34a250c3c5b9a910d151c38792924ca24e7
222747855b1b9c14248b9cbd63caf31ca3628a26ef321cc0859cd30bc086a373
2c441c2f7945cd676b3f6acf088a4bc9faddf0160b8e434ad1b9da005167628c
2c850e11c17316ea9f811e36961983755be15d5bc3061bc0676d841d01497c8e
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3489849c071638f8de0b3a5d22410d59d5b851e12a4e4c3a9865279bc8300c6a
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7
3daae9af0456d0bd5a7918984e7564bee35b8461991baa436f84e53e560743d4
44a003b4027e4d638b32822f8619a983c38fc5f87e030eed49609c814d97e36c
4b09eb555b72f74acd30018f8aaa4ef19787301819801dff7f6bcde9d3754cd7
542772868e28df6d786b6f00f9dec929cba214d928cb013b32588485b46f8715
59aaae41dacb0ef51582fe6149b5f0c950167347f5be66f09372a0cd0546dabe
5a24ce65bcc97ea5c2fd838c6d392b298ff608cb3180d15fc6821faac32ba914
5c90b7af2ba867dc9291d978e41c1573ca710536b064541c75f539208e794b7a
652651daf0e45305a97baf93f6d8394eda37de11c1729c49ce5a0f78fc52ae8f
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
75940610385f50bf17fd5f17d011cdaf02e06ac60c0ce06abffd683a5219721c
774e25bec76f53a88c0f9aeff6580ccaff338809bd7b84105f1a25885cc55049
8b7561fa19b25448d81e5ab0497bf0a86f47e8f41270c19e6f050496f395ac7b
a261b4ff0c97ff27b18c5c5b82005d1c614409d4c9493d2831a0c1725ad526d3
b0cf918213747e59ed554a87d5e821487bc728f2cbb3460d4a2f08735391c44d
bb48d10e3817154c3529dea56e50f3e11ace3af8d6e9a43ebe83f50e43fc7335
c030c9655ff6d807d4e0b2484ff994debdafbfa87fcd4d091f6c26e8b9500630
c089a3a1668c6b7f7423228377ec783ba59193a359aa15244e291ca1b084b02b
c85ed882b96aeda4e35852af334388ac4845daf0c0f5fd9142b0fe564ff37c76
c8a7d71935396f7d4e73146f7318d1567e1a6657e4df196f1702be190c841141
c91f338f6adfb67bcf0ef83e714b8ab54799f47111d589e380590d063b8bf273
cb84c37000f8fe3e68e24799be081febdf02afd39cec967e80631ac76dea9950
cb9f274aca2fcd18d0ab90868d9e1ff24ea00201b7d2695ce454fc53526cae31
e6d573b7daafdee530dc4204ffb40f9bd192b3f65ed11a0bf02b18b909bca8a8
e9493663951399b6e85a64aae34b39277c0d0ede93cc852fb1ee540179160a32
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
ed85cc4f7a0bf3838b828d478d5e52869e417e86580490a1f6a2433efa5c0622
ee3e7fdee9949590b4928c30c719e322efbf8aa49e53ca222d44ede181f60c17
f93e0de3e2349e15f88ddde60ff7e8f73e231e4d974a3e843e0d91d7ea0aa8b0
fcce483a5a5a1f47d3ac9293a9ce468414fb8bb1223761b9823eb06e3fc04444