urlscan.io logo urlscan.io
SecurityTrails logo

www.safeactivities.top Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rivertownway.com/1764ddf427560b03800/eno1504__6661d3493jd8a19244e32/ye14j%7Cl2svoth=%7C3ejft%7C17dpca%7C3a57ae6%7...
Effective URL: https://www.safeactivities.top/1hrkkipni/l?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en...
Submission: On April 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 12 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.safeactivities.top.
TLS certificate: Issued by E1 on February 18th 2024. Valid for: 3 months.
This is the only time www.safeactivities.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 193.29.12.30 49468 (MAGHOST_)
1 1 34.120.18.211 396982 (GOOGLE-CL...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
10 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
12 3
1    193.29.12.30 (Romania)

ASN49468 (MAGHOST_, RO)
rivertownway.com
1    34.120.18.211 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.18.120.34.bc.googleusercontent.com
www.trkio.com
1    2606:4700:3037::ac43:c162 (United States)

ASN13335 (CLOUDFLARENET, US)
trk.disease-where-dear-develop.run
10    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.safeactivities.top
cdn.safeactivities.top
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
Domain Requested by
8 cdn.safeactivities.top www.safeactivities.top
2 www.safeactivities.top rivertownway.com
www.safeactivities.top
1 cdn.jsdelivr.net www.safeactivities.top
1 trk.disease-where-dear-develop.run 1 redirects
1 www.trkio.com 1 redirects
1 rivertownway.com
12 6

This site contains no links.

Subject Issuer Validity Valid
rivertownway.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-14 -
2024-12-14		 a year crt.sh
safeactivities.top
E1		 2024-02-18 -
2024-05-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.safeactivities.top/1hrkkipni/l?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg
Frame ID: 87330BAAAD27F87E0E28069C732D8FB6
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Norton

Page URL History Show full URLs

  1. http://rivertownway.com/1764ddf427560b03800/eno1504__6661d3493jd8a19244e32/ye14j%7Cl2svoth=%7C3ejft%... HTTP 307
    https://rivertownway.com/1764ddf427560b03800/eno1504__6661d3493jd8a19244e32/ye14j%7Cl2svoth=%7C3ejft%... Page URL
  2. https://www.trkio.com/MZC1FM/7MTKQ4P/?sub1=1418218353&source_id=690469&sub2=eno1504__6661d3493jd8a... HTTP 302
    https://trk.disease-where-dear-develop.run/campaign?id=800f2474-45ac-49f8-af62-7b03ab269a20&var2=690469&var1=418&extcid... HTTP 302
    https://www.safeactivities.top/c?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%... Page URL
  3. https://www.safeactivities.top/1hrkkipni/l?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

12
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

3
IPs

2
Countries

49 kB
Transfer

70 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rivertownway.com/1764ddf427560b03800/eno1504__6661d3493jd8a19244e32/ye14j%7Cl2svoth=%7C3ejft%7C17dpca%7C3a57ae6%7C96054%7C0000r1ecs1%7Cc%7Clzy6pts0ns91p18k%7Cpc%7C1dj1td5/p3yyawlkmqaxlzsumtv3ly92os9wo252mkw0nj9hqzkszgednj== HTTP 307
    https://rivertownway.com/1764ddf427560b03800/eno1504__6661d3493jd8a19244e32/ye14j%7Cl2svoth=%7C3ejft%7C17dpca%7C3a57ae6%7C96054%7C0000r1ecs1%7Cc%7Clzy6pts0ns91p18k%7Cpc%7C1dj1td5/p3yyawlkmqaxlzsumtv3ly92os9wo252mkw0nj9hqzkszgednj== Page URL
  2. https://www.trkio.com/MZC1FM/7MTKQ4P/?sub1=1418218353&source_id=690469&sub2=eno1504__6661d3493jd8a19244e32 HTTP 302
    https://trk.disease-where-dear-develop.run/campaign?id=800f2474-45ac-49f8-af62-7b03ab269a20&var2=690469&var1=418&extcid=90f9bc6475664c9abc11a8d6587e2845 HTTP 302
    https://www.safeactivities.top/c?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg Page URL
  3. https://www.safeactivities.top/1hrkkipni/l?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://rivertownway.com/1764ddf427560b03800/eno1504__6661d3493jd8a19244e32/ye14j%7Cl2svoth=%7C3ejft%7C17dpca%7C3a57ae6%7C96054%7C0000r1ecs1%7Cc%7Clzy6pts0ns91p18k%7Cpc%7C1dj1td5/p3yyawlkmqaxlzsumtv3ly92os9wo252mkw0nj9hqzkszgednj== HTTP 307
  • https://rivertownway.com/1764ddf427560b03800/eno1504__6661d3493jd8a19244e32/ye14j%7Cl2svoth=%7C3ejft%7C17dpca%7C3a57ae6%7C96054%7C0000r1ecs1%7Cc%7Clzy6pts0ns91p18k%7Cpc%7C1dj1td5/p3yyawlkmqaxlzsumtv3ly92os9wo252mkw0nj9hqzkszgednj==
Request Chain 1
  • https://www.trkio.com/MZC1FM/7MTKQ4P/?sub1=1418218353&source_id=690469&sub2=eno1504__6661d3493jd8a19244e32 HTTP 302
  • https://trk.disease-where-dear-develop.run/campaign?id=800f2474-45ac-49f8-af62-7b03ab269a20&var2=690469&var1=418&extcid=90f9bc6475664c9abc11a8d6587e2845 HTTP 302
  • https://www.safeactivities.top/c?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
p3yyawlkmqaxlzsumtv3ly92os9wo252mkw0nj9hqzkszgednj==
rivertownway.com/1764ddf427560b03800/eno1504__6661d3493jd8a19244e32/ye14j%7Cl2svoth=%7C3ejft%7C17dpca%7C3a57ae6%7C96054%7C0000r1ecs1%7Cc%7Clzy6pts0ns91p18k%7Cpc%7C1dj1td5/
Redirect Chain
  • http://rivertownway.com/1764ddf427560b03800/eno1504__6661d3493jd8a19244e32/ye14j%7Cl2svoth=%7C3ejft%7C17dpca%7C3a57ae6%7C96054%7C0000r1ecs1%7Cc%7Clzy6pts0ns91p18k%7Cpc%7C1dj1td5/p3yyawlkmqaxlzsumtv...
  • https://rivertownway.com/1764ddf427560b03800/eno1504__6661d3493jd8a19244e32/ye14j%7Cl2svoth=%7C3ejft%7C17dpca%7C3a57ae6%7C96054%7C0000r1ecs1%7Cc%7Clzy6pts0ns91p18k%7Cpc%7C1dj1td5/p3yyawlkmqaxlzsumt...
169 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rivertownway.com/1764ddf427560b03800/eno1504__6661d3493jd8a19244e32/ye14j%7Cl2svoth=%7C3ejft%7C17dpca%7C3a57ae6%7C96054%7C0000r1ecs1%7Cc%7Clzy6pts0ns91p18k%7Cpc%7C1dj1td5/p3yyawlkmqaxlzsumtv3ly92os9wo252mkw0nj9hqzkszgednj==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.12.30 , Romania, ASN49468 (MAGHOST_, RO),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Connection
close
Content-Length
169
Content-Type
text/html; charset=UTF-8
Date
Tue, 16 Apr 2024 23:41:24 GMT
Server
Apache

Redirect headers

Location
https://rivertownway.com/1764ddf427560b03800/eno1504__6661d3493jd8a19244e32/ye14j%7Cl2svoth=%7C3ejft%7C17dpca%7C3a57ae6%7C96054%7C0000r1ecs1%7Cc%7Clzy6pts0ns91p18k%7Cpc%7C1dj1td5/p3yyawlkmqaxlzsumtv3ly92os9wo252mkw0nj9hqzkszgednj==
Non-Authoritative-Reason
HttpsUpgrades
c
www.safeactivities.top/
Redirect Chain
  • https://www.trkio.com/MZC1FM/7MTKQ4P/?sub1=1418218353&source_id=690469&sub2=eno1504__6661d3493jd8a19244e32
  • https://trk.disease-where-dear-develop.run/campaign?id=800f2474-45ac-49f8-af62-7b03ab269a20&var2=690469&var1=418&extcid=90f9bc6475664c9abc11a8d6587e2845
  • https://www.safeactivities.top/c?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.safeactivities.top/c?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg
Requested by
Host: rivertownway.com
URL: https://rivertownway.com/1764ddf427560b03800/eno1504__6661d3493jd8a19244e32/ye14j%7Cl2svoth=%7C3ejft%7C17dpca%7C3a57ae6%7C96054%7C0000r1ecs1%7Cc%7Clzy6pts0ns91p18k%7Cpc%7C1dj1td5/p3yyawlkmqaxlzsumtv3ly92os9wo252mkw0nj9hqzkszgednj==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ae1d6c26767f2eec07500431470e76157aa46af93e4ee49373e943ba7ea875

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://rivertownway.com/1764ddf427560b03800/eno1504__6661d3493jd8a19244e32/ye14j%7Cl2svoth=%7C3ejft%7C17dpca%7C3a57ae6%7C96054%7C0000r1ecs1%7Cc%7Clzy6pts0ns91p18k%7Cpc%7C1dj1td5/p3yyawlkmqaxlzsumtv3ly92os9wo252mkw0nj9hqzkszgednj==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
875806a8e82718cd-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 16 Apr 2024 23:41:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NyaifSikGFTm19iZuxF7jZo%2BLtLodoy4h59aS23O5wBdGyACYeTNrT64j3GbSST8h0ZypXc2brcL8W%2Bo4poTtswDYLF7N14ICT3Hct5%2FsIcbG22IHMGmB1bROMZyVpujKsuylcdXVAq856%2FL3oCIJvjUvqVB"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
875806a72c2265aa-FRA
content-length
0
date
Tue, 16 Apr 2024 23:41:25 GMT
location
https://www.safeactivities.top/c?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uaAopX1kbq3VZryQG%2FaIntwYXD1mtz43HvGHOzRqbXBws0Y6d3qtnuwIGX3rS5kgTdb%2F6zksgsLG%2FaphfcPP%2BAzY%2BepP8QcSqVVIRYiCjjkZyIYcYP9R3RmKUxQuZL3MoGITKVR3lYn2WFijLGfQj0GRYDxwTX%2F9R4NAcgbsVHN1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
ua-parser.min.js
cdn.jsdelivr.net/npm/ua-parser-js@0/dist/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/ua-parser-js@0/dist/ua-parser.min.js
Requested by
Host: www.safeactivities.top
URL: https://www.safeactivities.top/c?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.safeactivities.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:41:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
28502
x-jsd-version
0.8.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230047-FRA, cache-lga21959-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"4bb3-xn81YAue+z8diTHUycCuwBYtzpE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XZ9Ssmgj5kan3YK6AYj6L9R8CfT%2FA%2F59xX%2FQx5jtUJpKGrb5NW89AzMMxVni5%2F8koPC0l9eRU4FXUW7tYQPMMgUmPMbd0wahRZ4H6dAsbL8PdadJahDp5NTvfcn56msE9fbKuKizysTxMM5mYc4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
875806aaf944190b-FRA
Primary Request l
www.safeactivities.top/1hrkkipni/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.safeactivities.top/1hrkkipni/l?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg
Requested by
Host: www.safeactivities.top
URL: https://www.safeactivities.top/c?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3de66d66ec55183bd49b06447d3ae099427825486c54c23ade65ea51380634e7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.safeactivities.top/c?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
875806ab299818cd-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 16 Apr 2024 23:41:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AC9gX0x8WgfeDsWgeqUgpqAJ6w1ssscgfXwThocLjwoOJhFKxqYVkUcoKMMOnWthFW1D09jP7VMmbLi6hayplNBuFnjMhhx3Gv8fu1lIq8nqROEOnJTmvUic4W7PckhyS2W1frrOZcJglWvSCM4J0sirE7m4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
_style11.css
cdn.safeactivities.top/bundles/86a9dbe6-2011-455b-bb73-c5f6be4f8ccb/static/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.safeactivities.top/bundles/86a9dbe6-2011-455b-bb73-c5f6be4f8ccb/static/_style11.css
Requested by
Host: www.safeactivities.top
URL: https://www.safeactivities.top/1hrkkipni/l?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f794f926c53e3f2ba5721041e5b629b0be4161c842ac0703cc1460c67a5a9140

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:41:26 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABPtcPrWevwykHCgSXAGigXKMyQhWkl-FoSOvE9pfXL3AaSwdu1ZQ01-idybYQBTs-3GrMKxjS1HxUos7A
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 12 Jul 2023 09:25:39 GMT
server
cloudflare
etag
W/"d525091ef618b971c67d2f2ad1a700bb"
vary
Accept-Encoding
x-goog-generation
1689153939603403
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=PMB0yg==, md5=1SUJHvYYuXHGfS8q0acAuw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=koLzR%2Bm9GcZyaLZKSDVlw%2Bq8XIhyG6dNCRXVxfDcja2XrYJuhSkCqmDIIH4rUOXUny0Al8FcOCuVFVpRrQAg4bmm3iiZSx54NR5BYeEdfCABkfMHztdbXMdf6n3GMLogJzfupERcXvrvVhdxUPXIwya2hgj3"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
14153
cf-ray
875806acaa6818cd-FRA
expires
Wed, 17 Apr 2024 00:41:25 GMT
style.css
cdn.safeactivities.top/bundles/86a9dbe6-2011-455b-bb73-c5f6be4f8ccb/static/r_type/cpt_nlg/ 		183 B
908 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.safeactivities.top/bundles/86a9dbe6-2011-455b-bb73-c5f6be4f8ccb/static/r_type/cpt_nlg/style.css
Requested by
Host: www.safeactivities.top
URL: https://www.safeactivities.top/1hrkkipni/l?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cc52dce5f873e7e6642cb8831ba2479285fc2790b84eb14268191f40b33e81e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:41:25 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABPtcPqj_lK5mZGjXOY5ozryGp0f1_X7Idenh6eM5DG4DQV_SJF2TlEhJATwcOSK3G2QyBLrcIk
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 12 Jul 2023 09:25:39 GMT
server
cloudflare
etag
W/"9d43ef69e938af10f919a7ced4003e81"
vary
Accept-Encoding
x-goog-hash
crc32c=WQGkkQ==, md5=nUPvaek4rxD5GafO1AA+gQ==
x-goog-generation
1689153939604809
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cwNjseIOPExix0HcvmU0RwRgUG96iP251AhPXbzTpNiXdzQpGetpyUcdR4muhHDu2VN5xHnCRuzIxU%2F9qbP4FYc8mFti36T8P%2BpGv%2BRyx88EXR%2FkOQO2VNDMQ5nm9vG9Px%2B4fEJMfaP5AWICn4ukANhIH%2FjU"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
183
cf-ray
875806acaa6718cd-FRA
expires
Wed, 17 Apr 2024 00:41:25 GMT
script.js
cdn.safeactivities.top/bundles/86a9dbe6-2011-455b-bb73-c5f6be4f8ccb/static/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.safeactivities.top/bundles/86a9dbe6-2011-455b-bb73-c5f6be4f8ccb/static/script.js
Requested by
Host: www.safeactivities.top
URL: https://www.safeactivities.top/1hrkkipni/l?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
762861b793c529836994eb25a7291ba81c10baee61666aae4fb6e3eaa87c82af

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:41:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABPtcPpPhz6LgR7H5nXHejbOv74rBSfXPK1sG5MhZcslOfBUpPTVJJaXlFhM-4eNxfJDl1CDiNg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
1088
last-modified
Mon, 10 Jul 2023 13:26:54 GMT
server
cloudflare
etag
"5aaabf129185e9a7f79b3774b98f3fe0"
vary
Accept-Encoding
x-goog-generation
1688995614338262
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=UEiHQQ==, md5=Wqq/EpGF6af3mzd0uY8/4A==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqkYGn0qM3rx41dIPgZc6tJUtYgtkF7J4FtlZYMwrvz6YbxbgThckvLSlLN3deVVKvBK8LTsRcaxuudiOonji7cAFskMZHl6i3isR2yMlnnvFuSLG2xJ%2B8GOAhraqMTaNsBVKbKLNWGQHg9IYRWIfw8MZkS%2F"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
1088
accept-ranges
bytes
cf-ray
875806acaa6918cd-FRA
expires
Wed, 17 Apr 2024 00:41:25 GMT
top.png
cdn.safeactivities.top/bundles/86a9dbe6-2011-455b-bb73-c5f6be4f8ccb/static/r_okeyword/nt3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.safeactivities.top/bundles/86a9dbe6-2011-455b-bb73-c5f6be4f8ccb/static/r_okeyword/nt3/top.png
Requested by
Host: www.safeactivities.top
URL: https://www.safeactivities.top/1hrkkipni/l?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
038fe3050d8f552a094e9310de3b86c6244efd7ef23f41ddb6f2785c8bbf2b4c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:41:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABPtcPonj-Vy7Qj_RrBkFpPF0nzqzNx1biRI1KwKF2UeRgBYys7yVN7TWcRnUTjKgI7Jzf3FB_SFQZpRHw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
1565
last-modified
Fri, 28 Jul 2023 21:52:20 GMT
server
cloudflare
etag
"940673b912ce33d60e02a6dc737a6bd8"
vary
Accept-Encoding
x-goog-generation
1690581140702866
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=mYVhbw==, md5=lAZzuRLOM9YOAqbcc3pr2A==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1rKoy5EmnLFblPK4rML2LKZpkQX6bvIpfPQL%2BOoYmqI9gIuHA3jhr1N2ZJ7oZU7rU9XJKEUvsZyb8Y6JOFSfCMb3FEvtBZbnX47ci93HLI7Ps9wxn5QW6lZjaA0wZ2%2BcdFMmMXOYPMFDcqrcE1Ab8uPZ79Rt"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
1565
accept-ranges
bytes
cf-ray
875806acaa6618cd-FRA
expires
Wed, 17 Apr 2024 00:41:25 GMT
img1.jpeg
cdn.safeactivities.top/bundles/86a9dbe6-2011-455b-bb73-c5f6be4f8ccb/static/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.safeactivities.top/bundles/86a9dbe6-2011-455b-bb73-c5f6be4f8ccb/static/img1.jpeg
Requested by
Host: www.safeactivities.top
URL: https://www.safeactivities.top/1hrkkipni/l?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68bd43afffdd14a7f819839e34914e40358fc737841b254e6e5f341c5eac0fcd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:41:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABPtcPrPnJASskDh9lYEpkKwGSWATCQSOhtxKdISzMV3Qt_ODoLYiA-AZKAmAeoAeEDDjrABK3g2LaFzmg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
11841
last-modified
Mon, 10 Jul 2023 13:26:54 GMT
server
cloudflare
etag
"348f0c2810b1267d8705de53780831f6"
vary
Accept-Encoding
x-goog-generation
1688995614312210
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=zFs7nw==, md5=NI8MKBCxJn2HBd5TeAgx9g==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4h2%2Fpd1JMfi9gFiMzK6fXKmB3fnQ2mRL8jceyqq2J28kjNFxpk4cYga9bWGqY08qKYNgEXJY6td1bFN5xPuhR6cpiv%2F0JOZSh4lDZhu3iXKBifrsdVZt0knDreExHm7HxFdQOxhUtYUoSSVbIB9UwiYwO9Q3"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
11841
accept-ranges
bytes
cf-ray
875806ad9aef18cd-FRA
expires
Wed, 17 Apr 2024 00:41:26 GMT
img2.png
cdn.safeactivities.top/bundles/86a9dbe6-2011-455b-bb73-c5f6be4f8ccb/static/ 		433 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.safeactivities.top/bundles/86a9dbe6-2011-455b-bb73-c5f6be4f8ccb/static/img2.png
Requested by
Host: www.safeactivities.top
URL: https://www.safeactivities.top/1hrkkipni/l?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
453571107413e6277e5d6bd2518e80c22fdb0037316e20404a5f4b5e0f9086df

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:41:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABPtcPo21iS2gC_psaopIXQa_17Iw0_On1tWxohGWdQQEbsRV4A-w9vCswFft5ZhzGK48U6GULuzDpELsw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
433
last-modified
Mon, 10 Jul 2023 13:26:54 GMT
server
cloudflare
etag
"bd5361ef07fcf8841e372cc10d3b8ece"
vary
Accept-Encoding
x-goog-generation
1688995614324452
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=sGUUuQ==, md5=vVNh7wf8+IQeNyzBDTuOzg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdTFVOMJ8fKXCacHYwDFDh%2FqlRHa5w8uOmXNKAEIFLoOwaewiuDDIpXS9kWT51LfTmJ22qK%2F7duqWxnBc6U2tXzKqvnI0FUnj7KcI5PG5JLbNCYMcPxB37R4dm6Nhxc4Ffz%2BQ94Sjk%2Fi8ceyYE%2BNkN4Khnyg"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
433
accept-ranges
bytes
cf-ray
875806ad9af018cd-FRA
expires
Wed, 17 Apr 2024 00:41:26 GMT
cs4.mp3
cdn.safeactivities.top/bundles/86a9dbe6-2011-455b-bb73-c5f6be4f8ccb/static/ 		10 KB
10 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.safeactivities.top/bundles/86a9dbe6-2011-455b-bb73-c5f6be4f8ccb/static/cs4.mp3
Requested by
Host: www.safeactivities.top
URL: https://www.safeactivities.top/1hrkkipni/l?btd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%3D%3D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%3Aac8%3A20%3A3d00%3A1011%3Af03d%3A6b5c%3Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dbb717513e60e28d05796164577a06f908500f177ad4a0db44b8a93dcb5c8cc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:41:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABPtcPpvDzC-VXoMG09J8eoUdCdclvFinAJxynekc6xiCU2uwqHGQdnZnic80FPEiCe24ZtWh7Q
x-goog-storage-class
REGIONAL
Content-Range
bytes 0-9805/9806
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
Content-Length
9806
last-modified
Mon, 10 Jul 2023 13:26:54 GMT
server
cloudflare
etag
"acf92dcebf392787b62c305a1eaf5717"
vary
Accept-Encoding
x-goog-hash
crc32c=CG7M6g==, md5=rPktzr85J4e2LDBaHq9XFw==
x-goog-generation
1688995614321519
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZfBkOF%2F9eVRZl7qhEe2Slbcpo47YJRJ0Y3aIB6Pv1c2A5PZ1jryR03nwzGU6uGemwPNIA67i37coOYTXYXfZDtWWcDDNB5JGgnG3hxsHdJCgWpHzCi2s3%2FjTUK1JIeTCp%2Fvb2FmOFLfnKPCyUP79mxtKprGf"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
9806
cf-ray
875806adaaf618cd-FRA
expires
Wed, 17 Apr 2024 00:41:26 GMT
st.png
cdn.safeactivities.top/bundles/86a9dbe6-2011-455b-bb73-c5f6be4f8ccb/static/r_okeyword/nt3/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.safeactivities.top/bundles/86a9dbe6-2011-455b-bb73-c5f6be4f8ccb/static/r_okeyword/nt3/st.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f107269cb75a65c3048160f07259d135209995c2be0ee0d447470cc1612fb299

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:41:26 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABPtcPrer0lmU7tsUPDLBvRR63s_Nd-MwQ1zyk-9ILd5ihTU0VLeRMbL7ysujYDb91ECaAXObQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
2484
last-modified
Fri, 28 Jul 2023 21:52:20 GMT
server
cloudflare
etag
"1b4034f3be0c3b3c4354e252a98cc553"
vary
Accept-Encoding
x-goog-generation
1690581140575903
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=xcRGRA==, md5=G0A0874MOzxDVOJSqYzFUw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8nckEJAd2uJfnQXT7DZJWbEVuoxYi8lX%2B34kGFhYEsWTpXgn9NvUbIErEn341LVjRPTuNfi0OAll4s6pG%2FGgYJ8Pnk4tJT4fRFLMoYDEjBMMFIeil8fDBlEZUPflg2So3z4PBUxaBUejK2tjzKJ%2Bt1aspv4O"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
2484
accept-ranges
bytes
cf-ray
875806ae8b7318cd-FRA
expires
Wed, 17 Apr 2024 00:41:26 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| timer function| countdown function| __cta function| fadeIn

6 Cookies

Domain/Path Name / Value
rivertownway.com/ Name: uid35603
Value: 1418218353-20240416194124-d1ac8b5ed6fd05c0373db415adb38cbc-
www.trkio.com/ Name: uniqueClick_7MTKQ4P
Value: 15cff94e-bb0f-4b6e-89ae-151682a203a8:1713310884
www.trkio.com/ Name: transaction_id
Value: 90f9bc6475664c9abc11a8d6587e2845
trk.disease-where-dear-develop.run/ Name: arlc
Value: 1
trk.disease-where-dear-develop.run/ Name: arle
Value: 1713311785
trk.disease-where-dear-develop.run/ Name: trkobix-v1
Value: https:%2F%2Fwww.safeactivities.top%2Fc%3Fbtd=dHJrLmluc3RhbGxzY2xlYW5hZHNtaW5lLnJ1bg&exptoken=MTcxMzMxMDk0NTAwMw%253D%253D&lang=en&lid=37b2246f-8b72-4699-900b-abe13957fc9a&r_ip=2001%253Aac8%253A20%253A3d00%253A1011%253Af03d%253A6b5c%253Ad720&r_isp=M247+Europe&r_lang=en&r_okeyword=nt3&r_os=windows&td=dHJrLmRpc2Vhc2Utd2hlcmUtZGVhci1kZXZlbG9wLnJ1bi9zbndkYXJ0Zg&trkobixdt=ZWlkOjo5MGY5YmM2NDc1NjY0YzlhYmMxMWE4ZDY1ODdlMjg0NSMjY2lkOjpvWGRpOXVya0YwVG8yejdZNXdTdjVtS3cjI2NhaWQ6OjgwMGYyNDc0LTQ1YWMtNDlmOC1hZjYyLTdiMDNhYjI2OWEyMCMjY2F0aWQ6OjgwMGYyNDc0LTQ1YWMtNDlmOC1hZjYyLTdiMDNhYjI2OWEyMCMjcmlkOjo2NjEwMzE5N2YzZWI2YzAwMTI5NzAxOWUjI3BpZDo6NjYxMDMxOTdmM2ViNmMwMDEyOTcwMWEwIyNsaWQ6OjM3YjIyNDZmLThiNzItNDY5OS05MDBiLWFiZTEzOTU3ZmM5YSMjb2lkOjpiZmUwMzJjMC03Y2RjLTQ3NjItODdmMC0yMDE0YjhjZTY3M2IjI3B2aWQ6OjcxYjMxYzUxLWZlYTItNGQ4Yy05MDMwLTgyMGY0ZGNiNTI4OCMjdHNpZDo6ODNhOGUzOWQtOTA2My00NjY2LWEwM2UtNDY1ZGY3YjA0YWRmIyN2YXIxOjo0MTgjI3ZhcjI6OjY5MDQ2OSMjdmFyMzo6IyN2YXI0OjojI3ZhcjU6OiMjdmFyNjo6IyN2YXI3OjojI3Zhcjg6OiMjdmFyOTo6IyN2YXIxMDo6IyN2YXIxMTo6IyN2YXIxMjo6IyN2YXIxMzo6IyN2YXIxNDo6IyN2YXIxNTo6IyN2YXIxNjo6IyN2YXIxNzo6IyN2YXIxODo6IyN2YXIxOTo6IyN2YXIyMDo6IyNmbGlkOjo2ZjQ4OTNhYS01NmE3LTRiMTQtOTc1OS1jYTQ4MDg3MjhmYTEjI2NhdDo6IyNsYW5nOjplbiMjY3JpZDo6IyNvd25lcjo6MWYyZDA3NzUtMWQ1MS00OThmLTliMjYtNWE3ZWUzYTY2MWM0IyNvZmxpZDo6NTE1OWIzNGYtN2YwZi00ZGE4LTkzM2EtY2JlMDhkODQwODMwIyNpYjo6ZmFsc2UjI3RzdGlkOjojI2ZsdGlkOjo%253D