urlscan.io logo urlscan.io
SecurityTrails logo

safir.com Open in urlscan Pro
104.26.0.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://safir.kryptochemik.pl/
Effective URL: https://safir.com/backoffice/ref/9yyutpehmy
Submission: On July 17 via api from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 28 HTTP transactions. The main IP is 104.26.0.182, located in and belongs to CLOUDFLARENET, US. The main domain is safir.com.
TLS certificate: Issued by GTS CA 1P5 on May 24th 2023. Valid for: 3 months.
This is the only time safir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 94.152.157.68 29522 (CF-KRK)
2 18 104.26.0.182 13335 (CLOUDFLAR...)
4 172.217.18.4 15169 (GOOGLE)
4 142.250.186.131 15169 (GOOGLE)
3 142.250.186.67 15169 (GOOGLE)
28 5
1    94.152.157.68 (Poland)

ASN29522 (CF-KRK, PL)
PTR: three.hoste.pl
safir.kryptochemik.pl
18    104.26.0.182 (None, )

ASN13335 (CLOUDFLARENET, US)
safir.com
4    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f4.1e100.net
www.google.com
4    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
www.gstatic.com
3    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
18 safir.com
safir.com
4 MB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
417 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 10
47 KB
1 kryptochemik.pl
safir.kryptochemik.pl
101 B
28 4
Domain Requested by
18 safir.com 2 redirects safir.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com safir.com
www.gstatic.com
www.google.com
3 fonts.gstatic.com www.google.com
1 safir.kryptochemik.pl 1 redirects
28 5

This site contains no links.

Subject Issuer Validity Valid
safir.com
GTS CA 1P5		 2023-05-24 -
2023-08-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://safir.com/backoffice/ref/9yyutpehmy
Frame ID: F7AA070D8E05B3CD27369C4AF919AB64
Requests: 18 HTTP requests in this frame

Frame: https://safir.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
Frame ID: BDC1B2CD8947A9E1472F6C97E52FB643
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMtp4cAAAAAJ-wc7qqFHmfPgqzYA0SNQi_Nz4o&co=aHR0cHM6Ly9zYWZpci5jb206NDQz&hl=pl&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=uzgotv5a8fwe
Frame ID: C61D56565BE6D3216734C7422E183C35
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SAFIR

Page URL History Show full URLs

  1. https://safir.kryptochemik.pl/ HTTP 301
    https://safir.com/ref/9yyutpehmy HTTP 302
    https://safir.com/backoffice/ref/9yyutpehmy Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

28
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

4601 kB
Transfer

13787 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://safir.kryptochemik.pl/ HTTP 301
    https://safir.com/ref/9yyutpehmy HTTP 302
    https://safir.com/backoffice/ref/9yyutpehmy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://safir.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://safir.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 9yyutpehmy
safir.com/backoffice/ref/
Redirect Chain
  • https://safir.kryptochemik.pl/
  • https://safir.com/ref/9yyutpehmy
  • https://safir.com/backoffice/ref/9yyutpehmy
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safir.com/backoffice/ref/9yyutpehmy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38be954829a5270123f4a9987747c050fde19d97679f6494824346d175f6b7c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

cache-control
max-age=7200
cf-cache-status
MISS
cf-ray
7e840add0997bf51-WAW
content-encoding
br
content-type
text/html
date
Mon, 17 Jul 2023 17:00:39 GMT
last-modified
Sun, 16 Jul 2023 01:22:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxM%2ByKZoaSjcdeCLtZ9Ov8EnQOncOcvcyKv9f1WwnI30uRHI3nbNIxV4rXo0gaE2SgbP5t3sUwSjCIoi6cyPjIakK9oKdk2PHgz0e7%2BcyceGPtRsrI%2BExTHhVw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
7e840adc5898bf51-WAW
content-type
text/html
date
Mon, 17 Jul 2023 17:00:39 GMT
location
https://safir.com/backoffice/ref/9yyutpehmy
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQmyQJSfLCBY6pIYZCq%2BjnJ5T2sMawkFce%2BBPRuGVLwZCERGPbGxLAplE7Jgr4ojhLZn1%2B8hkqibR79c%2FsMFwP3qJ3KGIXmMEnR8zixY4MzThhstErV8lI%2BzHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
2.d2eb6053.chunk.css
safir.com/backoffice/static/css/ 		624 KB
101 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safir.com/backoffice/static/css/2.d2eb6053.chunk.css
Requested by
Host: safir.com
URL: https://safir.com/backoffice/ref/9yyutpehmy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edaf8c1798685419924172685f0a2eda9ec80759e29141aa398f77e46fd13ae3

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://safir.com/backoffice/ref/9yyutpehmy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:00:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 16 Jul 2023 01:22:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46202
etag
W/"64b3466e-9be59"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vL0xh%2BYy6bnmioQTKHAAo2w%2BT3i0M3Y1sMDw2NWTz532WshUvOZMtdk2tUhdCQrnGVyTidakWa3nczHbbeiEnsCqbSaIqXch008wi9db7P3hA41HdencLZrgKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=7200
cf-ray
7e840addba83bf51-WAW
main.731f9147.chunk.css
safir.com/backoffice/static/css/ 		152 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safir.com/backoffice/static/css/main.731f9147.chunk.css
Requested by
Host: safir.com
URL: https://safir.com/backoffice/ref/9yyutpehmy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c862618551da151d16da4da7d035cab6e50baa64e4e94f4dfe37f93e7ca0b5fb

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://safir.com/backoffice/ref/9yyutpehmy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:00:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 16 Jul 2023 01:22:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46202
etag
W/"64b3466e-25eba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJ3ct%2FbxEirh%2FZ6nN7RG7qlArXV9MuF6CVT98vfXcPL7L6e4x5o69KvDpwhoyop0WAPu%2BnYS5x7cwiiuc7OoI3pZIqtcUg8Zs3W10vIj6nWBOky1YTzAJlqblQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=7200
cf-ray
7e840addba84bf51-WAW
2.75151cd8.chunk.js
safir.com/backoffice/static/js/ 		7 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://safir.com/backoffice/static/js/2.75151cd8.chunk.js
Requested by
Host: safir.com
URL: https://safir.com/backoffice/ref/9yyutpehmy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98a471de9c0b438e5d547b4b043802c5ce3eb8624721541dcc46d81a3d153946

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://safir.com/backoffice/ref/9yyutpehmy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:00:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 16 Jul 2023 01:22:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46202
etag
W/"64b3466e-6a6d13"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kHnzevtCp6UHeBBJPTxlpm%2FutfbUfB5%2FcIAOagr7SUMfBJDHVSnDq2qoOqq2n8SlyDPc34LMZ9NYYVKj6mBwmaydWbDzCv5RDLHgUBdUTjhUe1yezlWZ1ux5sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=7200
cf-ray
7e840addba85bf51-WAW
main.67f1281f.chunk.js
safir.com/backoffice/static/js/ 		4 MB
879 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safir.com/backoffice/static/js/main.67f1281f.chunk.js
Requested by
Host: safir.com
URL: https://safir.com/backoffice/ref/9yyutpehmy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45c18c358c987e53171d097ca53fdab0054578a2eba95a5bad976ff80243c867

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://safir.com/backoffice/ref/9yyutpehmy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:00:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 16 Jul 2023 01:22:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46202
etag
W/"64b3466e-3f29bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZ%2B6I6mIWKb81PTo6Fl74nC6olYeEJwSGOqsEgZLcBPvNdUKeMWLPOjveSUxgCQ72ngtgXWCVbrPSlo0%2FotN08HDgjTLk4QgIsXCgeKZE3W1qzwmMvRL%2BAOYDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=7200
cf-ray
7e840addba87bf51-WAW
3.b222fe58.chunk.css
safir.com/backoffice/static/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safir.com/backoffice/static/css/3.b222fe58.chunk.css
Requested by
Host: safir.com
URL: https://safir.com/backoffice/ref/9yyutpehmy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b7be8467787af396a4a1acd5165299ad956762ac70f3f7d4ab48d6dc817cf69

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://safir.com/backoffice/ref/9yyutpehmy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:00:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 16 Jul 2023 01:22:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46202
etag
W/"64b3466e-2de0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xR7Cis3S8XU1Z38po%2FIkEVCUFJKup9pkHwphK6DtL1McjORBG0swFSFX5vogzNwnW0IIckrrRv41XFmQ0T4UIGu%2BDHgqjNC4nG2PtBaPZH2HA0kiaBOw%2Fza90A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=7200
cf-ray
7e840ae349b6bf51-WAW
3.d351c065.chunk.js
safir.com/backoffice/static/js/ 		97 B
378 B 		Script
General
Check archive.org
Download Go to
Full URL
https://safir.com/backoffice/static/js/3.d351c065.chunk.js
Requested by
Host: safir.com
URL: https://safir.com/backoffice/ref/9yyutpehmy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58d8d0ccd5150431da4a9ef4f4f2ba8ffd3482e9f83239b7f445d53713c1c8e9

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://safir.com/backoffice/ref/9yyutpehmy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:00:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 16 Jul 2023 01:22:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46202
etag
W/"64b3466e-61"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=964v%2BLppY6r%2FqT6e2UdYg1Tf6UT6R9e6YkCiMoAGlMY5WYxrAEqzR%2Bk%2BLY3j6Tp%2FwYd8JcmAzJn2bCLPPYmg2WC3ieo3a7mIj9kEQ7t%2BAOFRcCuaGYXi6%2Bfx7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=7200
cf-ray
7e840ae349b8bf51-WAW
1b545de7-3085-4089-aa03-05dfdd947fa4
https://safir.com/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://safir.com/1b545de7-3085-4089-aa03-05dfdd947fa4
Requested by
Host: safir.com
URL: https://safir.com/backoffice/ref/9yyutpehmy
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9908fcf95fcf4ecedd35c188f7ef18b1a0415dcabbfb99d7b0969bbd45ebb8e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
1555
Content-Type
application/javascript
invisible.js
safir.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/ Frame BDC1
Redirect Chain
  • https://safir.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://safir.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safir.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
Protocol
H2
Server
104.26.0.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffe1342d92f7d54eba429b5847e8ed761e8bc1d630bd5207030872188cb09369
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:00:41 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7YK4Lv63bEVHm1cEDf6EOcuO%2BPS%2FMfSnQvWp4ixHP0p8AOGXRkpMhs0ZH51paDKFHrR4QeVOiqNocr5VJNPfPINq1RXD0ASUrVWNBW6uLpWUzrGUkkuMIbfIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7e840ae48b2dbf51-WAW

Redirect headers

date
Mon, 17 Jul 2023 17:00:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDH7yms7URRFwIQmgxvDCotHlionlyXWODvVDtfG1m3pCvZl%2FtTB7xbHKqofk3T7DtgorUzJsi%2F3UBZJI5n8oWVU%2BtLOfcyrI7sYybsJUzx4GpgP3bepRWf2bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7e840ae44ae8bf51-WAW
7e840add0997bf51
safir.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame BDC1 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://safir.com/cdn-cgi/challenge-platform/h/b/cv/result/7e840add0997bf51
Requested by
Host: safir.com
URL: https://safir.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Jul 2023 17:00:41 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7e840ae5acc8bf51-WAW
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wx%2FkwJSEIC7hkH4Q0YUZ1ylt13ulhe6RfBj1PD5DJQXKtmTYAXO26ddClUDkD3Q9t9wqB9B%2BNTbL47sLOpuHNKcC3x59fWsc%2FIKg6zqVmrUd8F9VdCl0WA3TiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
api.js
www.google.com/recaptcha/ 		852 B
874 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: safir.com
URL: https://safir.com/backoffice/static/js/2.75151cd8.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f4.1e100.net
Software
GSE /
Resource Hash
60e85d090d09eb87145315b9ca3c4a8d8657eb276c90ecb27923a8e86d0c6315
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://safir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
554
x-xss-protection
1; mode=block
expires
Mon, 17 Jul 2023 17:00:42 GMT
recaptcha__pl.js
www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ 		432 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__pl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
54120ebfc3ae8177800060caff02d711a304535305655bbb5a91e5f43dcec10a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safir.com/
Origin
https://safir.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 14:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177938
x-xss-protection
0
last-modified
Sun, 09 Jul 2023 08:00:56 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Jul 2024 14:54:49 GMT
anchor
www.google.com/recaptcha/api2/ Frame C61D 		51 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMtp4cAAAAAJ-wc7qqFHmfPgqzYA0SNQi_Nz4o&co=aHR0cHM6Ly9zYWZpci5jb206NDQz&hl=pl&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=uzgotv5a8fwe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__pl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f4.1e100.net
Software
GSE /
Resource Hash
6123d4d08598339b53fd3447ee642f00f4cc7881fda7c3e03a3914edb51ac031
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zwk024_iRZq0kaBhJSZDzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://safir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
28135
content-security-policy
script-src 'report-sample' 'nonce-zwk024_iRZq0kaBhJSZDzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 17:00:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Inter-Regular.9cd7588f.ttf
safir.com/backoffice/static/media/ 		281 KB
282 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://safir.com/backoffice/static/media/Inter-Regular.9cd7588f.ttf
Requested by
Host: safir.com
URL: https://safir.com/backoffice/static/css/main.731f9147.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1041a8cf17dab7579acef0cc46b21f6497ec1ae01918ddc3495416efb81a4780

Request headers

Referer
https://safir.com/backoffice/static/css/main.731f9147.chunk.css
Origin
https://safir.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:00:42 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Jul 2023 01:22:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46203
etag
"64b3466e-464b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjeqLURMptYIW3qUYz6H9GIOgeSUpX%2FszODe%2FGZpQauSNtdeUSFBPVV75OgLm6GYgf4y7N7a6Asdn4y39EVFFy%2BPNoQzpi0ps9xkMJIrOYPJzeIWLqt36WTqxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
7e840aedf81abf51-WAW
content-length
287928
styles__ltr.css
www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ Frame C61D 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMtp4cAAAAAJ-wc7qqFHmfPgqzYA0SNQi_Nz4o&co=aHR0cHM6Ly9zYWZpci5jb206NDQz&hl=pl&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=uzgotv5a8fwe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 13:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sun, 09 Jul 2023 08:00:56 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Jul 2024 13:26:56 GMT
recaptcha__pl.js
www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ Frame C61D 		432 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__pl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMtp4cAAAAAJ-wc7qqFHmfPgqzYA0SNQi_Nz4o&co=aHR0cHM6Ly9zYWZpci5jb206NDQz&hl=pl&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=uzgotv5a8fwe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
54120ebfc3ae8177800060caff02d711a304535305655bbb5a91e5f43dcec10a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 14:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177938
x-xss-protection
0
last-modified
Sun, 09 Jul 2023 08:00:56 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Jul 2024 14:54:49 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C61D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 00:33:37 GMT
x-content-type-options
nosniff
age
491225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 19 Jul 2023 00:33:37 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C61D 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMtp4cAAAAAJ-wc7qqFHmfPgqzYA0SNQi_Nz4o&co=aHR0cHM6Ly9zYWZpci5jb206NDQz&hl=pl&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=uzgotv5a8fwe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 00:54:58 GMT
x-content-type-options
nosniff
age
230745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 00:54:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C61D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMtp4cAAAAAJ-wc7qqFHmfPgqzYA0SNQi_Nz4o&co=aHR0cHM6Ly9zYWZpci5jb206NDQz&hl=pl&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=uzgotv5a8fwe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 20:23:37 GMT
x-content-type-options
nosniff
age
506226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 20:23:37 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C61D 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMtp4cAAAAAJ-wc7qqFHmfPgqzYA0SNQi_Nz4o&co=aHR0cHM6Ly9zYWZpci5jb206NDQz&hl=pl&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=uzgotv5a8fwe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 17:37:24 GMT
x-content-type-options
nosniff
age
170599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11936
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 17:37:24 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame C61D 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=pl&v=iZWPJyR27lB0cR4hL_xOX0GC
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMtp4cAAAAAJ-wc7qqFHmfPgqzYA0SNQi_Nz4o&co=aHR0cHM6Ly9zYWZpci5jb206NDQz&hl=pl&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=uzgotv5a8fwe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f4.1e100.net
Software
GSE /
Resource Hash
0af438caec9d0491fface47e971b0af2d6f8d81f8e0dd2fa30f4693dd65ef2a8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMtp4cAAAAAJ-wc7qqFHmfPgqzYA0SNQi_Nz4o&co=aHR0cHM6Ly9zYWZpci5jb206NDQz&hl=pl&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=uzgotv5a8fwe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 17 Jul 2023 17:00:42 GMT
reload
www.google.com/recaptcha/api2/ Frame C61D 		33 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LeMtp4cAAAAAJ-wc7qqFHmfPgqzYA0SNQi_Nz4o
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__pl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f4.1e100.net
Software
GSE /
Resource Hash
a575c4ebb6ef83c9345a0b961551a228e70f869f52852e83561ad25335a51f9a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeMtp4cAAAAAJ-wc7qqFHmfPgqzYA0SNQi_Nz4o&co=aHR0cHM6Ly9zYWZpci5jb206NDQz&hl=pl&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=uzgotv5a8fwe
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 17 Jul 2023 17:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18964
x-xss-protection
1; mode=block
expires
Mon, 17 Jul 2023 17:00:43 GMT
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f1a589796ede7169e2b90518f908c8cfc715e30b9c6ec0e633b3f4f76f15502

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
united-kingdom.7be3d5a2.png
safir.com/backoffice/static/media/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safir.com/backoffice/static/media/united-kingdom.7be3d5a2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
684f1a79083af99983d475669f17d153d25c3e31a9d7d8eb54831a3194673c50

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://safir.com/backoffice/ref/9yyutpehmy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:00:43 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Jul 2023 01:22:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46198
etag
"64b3466e-4cc9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOsvqCsozk5U3TASGT9ho%2B96uhZbiTuQXsYtJlgdG11FgZnNNwPFCVuvif2FJhZc5cz8darZY1%2F7%2Bx%2FYOLTb%2FwHZuiHd67UbEOxIk5VPRW4H7jjy6fy7n5gyoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
7e840af63ba2bf51-WAW
content-length
19657
safir_logo.6b81c8a0.png
safir.com/backoffice/static/media/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safir.com/backoffice/static/media/safir_logo.6b81c8a0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b070cd51439d7501308154504a4eaa2a47553e045a6cbaf5d175afd402e2a0e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://safir.com/backoffice/ref/9yyutpehmy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:00:44 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Jul 2023 01:22:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
41114
etag
"64b3466e-3e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HU2wVAbP%2BH9xyaQsib%2FiHspdyBv5wiEMzfUCeuksSjsyFkNdzjR4xy2yde5KZMLgyaMG6Ec7A9X1cO9%2F6pCB8EGGmV6KVMfHz09ybu%2BUmNLFNFZmZ2blQDQVQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
7e840af73cc3bf51-WAW
content-length
15924
4509e697abe464a59eb6b9f90cdf46c2fcf62c286dd4a935765d508865eee402
safir.com/backend/file/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safir.com/backend/file/4509e697abe464a59eb6b9f90cdf46c2fcf62c286dd4a935765d508865eee402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5b288c2e54572cb133d7dad690f88bf9ff5f5b9a3a05fba15e60891b4788d7c5

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://safir.com/backoffice/ref/9yyutpehmy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:00:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8787
x-powered-by
Express
etag
W/"1fe56-1802078b783"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HftGMxc7RHjKPHkIMdaQS6wr4yO1BKFygUacamR1Li2DXXvv6R2m41%2FpYPhtP0%2B%2FbBP7B8LXD6Dbk25NAuIrVpJwiQEm5AseixFeTfYHjH9ABWoFlKq13xmLWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=999999, immutable
accept-ranges
bytes
cf-ray
7e840af73cc4bf51-WAW
content-length
130646
cd8e78366e15cb7dcdfc5d583cb138001aa5edc0ddc55f7b571230313e43ebb6
safir.com/backend/file/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safir.com/backend/file/cd8e78366e15cb7dcdfc5d583cb138001aa5edc0ddc55f7b571230313e43ebb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
16a35b5e19261521b0486d38b3ef4a05cdd829597005e7ae98c85e9301aad1b6

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://safir.com/backoffice/ref/9yyutpehmy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:00:44 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"20422-184daaffdc1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mL7OBgbyBRL2nnUuazUtJRjPdOHoy%2BOg362Up2g%2FeZxYX6OK7azBHQ%2FnqjqzWkJ4myBm9GugKQDmXqa0b97syK7eXvQmRBf%2B6vkrdmZ4dOQBXaMBWHMT24wVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=999999, immutable
accept-ranges
bytes
cf-ray
7e840af73cc6bf51-WAW
content-length
132130
db2ffdc456f6b5b74f3345e22e1f4480595415b6fa0501786446e126aed9eaad
safir.com/backend/file/ 		219 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safir.com/backend/file/db2ffdc456f6b5b74f3345e22e1f4480595415b6fa0501786446e126aed9eaad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fb7bf901d6c5b0da3f3b2e4045e22a498649a6b192adc0b2503fbcb65ed77320

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://safir.com/backoffice/ref/9yyutpehmy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:00:44 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"36b65-184e43b85a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAVarQxPY2dSlhareSJ%2FN7aijYmTXBGQ4gGr6lfsoAgkn0YAezWoE0u%2BzPYNxyitEm86tIz%2B46Wn4ztRHjJQkXHfPmDws8%2FOMdGaBqfFN0iWknDb1VRg9qz7Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=999999, immutable
accept-ranges
bytes
cf-ray
7e840af73cc7bf51-WAW
content-length
224101
Inter-Bold.3e3cb905.ttf
safir.com/backoffice/static/media/ 		287 KB
287 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://safir.com/backoffice/static/media/Inter-Bold.3e3cb905.ttf
Requested by
Host: safir.com
URL: https://safir.com/backoffice/static/css/main.731f9147.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d597e753e78d8bf9db34c13343146545fb3be5a1c99a175bc381fe3f6f787f31

Request headers

Referer
https://safir.com/backoffice/static/css/main.731f9147.chunk.css
Origin
https://safir.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:00:44 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Jul 2023 01:22:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46199
etag
"64b3466e-47a48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2B3Qerrg5I%2BGMQKp7iyS7E7dIF%2BCSA87h4BB4yi1wYF7miIaldkGAIIkrrfyByi%2Bfj%2Fj5s8gbVn6JD8Pvq9fyy1v3VeeNSjXUIunSwz%2FpN3hYp33QAlfPGHcYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
7e840af74cd7bf51-WAW
content-length
293448

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| onbeforetoggle object| onscrollend object| webpackJsonpdashboard function| setImmediate function| clearImmediate object| regeneratorRuntime function| _ object| __SENTRY__ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_55864

4 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AHju0w8mKo1jNaA1Me5iMH5XXsIARszXuUHYBItuJfCL8dksMh3xidau44lrd9zjiRJmEViqYwIbt3lxRj-3BVA
safir.com/ Name: sid
Value: s%3Af01dd0225e3f2b0f36e70b43117fd05fd3ae2d72193c8631eb.kxQRuL2bsQFdbZGj0NZVnG4am7XAg4o7p5lnGuuxafY
safir.com/ Name: lng
Value: en
.safir.com/ Name: __cf_bm
Value: DEwfUA1lPU.KLkhkY0P0LB0uU87pDwschIvmC31lK9E-1689613241-0-Ac1QhjdEOIVWS7aL5z4DwtF/+B+WZjByCY5XCMfkvgSegs49pyGioxTpCLP3r3UWLg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
safir.com
safir.kryptochemik.pl
www.google.com
www.gstatic.com
104.26.0.182
142.250.186.131
142.250.186.67
172.217.18.4
94.152.157.68
0af438caec9d0491fface47e971b0af2d6f8d81f8e0dd2fa30f4693dd65ef2a8
0b070cd51439d7501308154504a4eaa2a47553e045a6cbaf5d175afd402e2a0e
1041a8cf17dab7579acef0cc46b21f6497ec1ae01918ddc3495416efb81a4780
16a35b5e19261521b0486d38b3ef4a05cdd829597005e7ae98c85e9301aad1b6
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2f1a589796ede7169e2b90518f908c8cfc715e30b9c6ec0e633b3f4f76f15502
38be954829a5270123f4a9987747c050fde19d97679f6494824346d175f6b7c4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
45c18c358c987e53171d097ca53fdab0054578a2eba95a5bad976ff80243c867
54120ebfc3ae8177800060caff02d711a304535305655bbb5a91e5f43dcec10a
58d8d0ccd5150431da4a9ef4f4f2ba8ffd3482e9f83239b7f445d53713c1c8e9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b288c2e54572cb133d7dad690f88bf9ff5f5b9a3a05fba15e60891b4788d7c5
60e85d090d09eb87145315b9ca3c4a8d8657eb276c90ecb27923a8e86d0c6315
6123d4d08598339b53fd3447ee642f00f4cc7881fda7c3e03a3914edb51ac031
684f1a79083af99983d475669f17d153d25c3e31a9d7d8eb54831a3194673c50
6b7be8467787af396a4a1acd5165299ad956762ac70f3f7d4ab48d6dc817cf69
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
98a471de9c0b438e5d547b4b043802c5ce3eb8624721541dcc46d81a3d153946
a575c4ebb6ef83c9345a0b961551a228e70f869f52852e83561ad25335a51f9a
c862618551da151d16da4da7d035cab6e50baa64e4e94f4dfe37f93e7ca0b5fb
d597e753e78d8bf9db34c13343146545fb3be5a1c99a175bc381fe3f6f787f31
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9908fcf95fcf4ecedd35c188f7ef18b1a0415dcabbfb99d7b0969bbd45ebb8e
edaf8c1798685419924172685f0a2eda9ec80759e29141aa398f77e46fd13ae3
fb7bf901d6c5b0da3f3b2e4045e22a498649a6b192adc0b2503fbcb65ed77320
ffe1342d92f7d54eba429b5847e8ed761e8bc1d630bd5207030872188cb09369