urlscan.io logo urlscan.io
SecurityTrails logo

ru1.safe-honk.online
185.112.102.229  Public Scan Open in urlscan Pro

Go To Rescan Add Verdict Report
URL: https://ru1.safe-honk.online/ 1mo old
Submission: On April 14 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 185.112.102.229, located in Moscow, Russian Federation and belongs to FIRST-SERVER-EUROPE FIRST SERVER LIMITED, GB. The main domain is ru1.safe-honk.online. 1mo old
TLS certificate: Issued by R13 on April 14th 2026. Valid for: 3mo.
This is the only time ru1.safe-honk.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 185.112.102.229 205090 (FIRST-SER...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2001:67c:4e8:... 62041 (Telegram ...)
6 12 2a02:6b8::1:119 13238 (YANDEX YA...)
14 4
Apex Domain
Subdomains		 Transfer
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 7166 12yr old
6 KB
6 safe-honk.online
ru1.safe-honk.online 1mo old
2 MB
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 1992 13yr old
86 KB
1 telegram.org
telegram.org — Cisco Umbrella Rank: 4444 13yr old
23 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79 56yr old
1009 B
14 5
Domain Requested by
8 mc.yandex.com 4 redirects ru1.safe-honk.online
mc.yandex.ru
6 ru1.safe-honk.online ru1.safe-honk.online
4 mc.yandex.ru 2 redirects ru1.safe-honk.online
1 telegram.org ru1.safe-honk.online
1 fonts.googleapis.com ru1.safe-honk.online
14 5

This site contains no links.

Subject Issuer Validity Valid
ru1.safe-honk.online
R13		 2026-04-14 -
2026-07-13		 3mo crt.sh
upload.video.google.com
WR2		 2026-03-23 -
2026-06-15		 3mo crt.sh
*.telegram.org
Go Daddy Secure Certificate Authority - G2		 2025-08-11 -
2026-09-12		 1yr crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2026-01-13 -
2026-06-25		 5mo crt.sh

This page contains 1 frames:

Primary Page: https://ru1.safe-honk.online/
Frame ID: 3D4D09265AE89171F02E8387E4EA1060
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

YourVpn

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

14
Requests

79 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

2183 kB
Transfer

2445 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://mc.yandex.com/sync_cookie_image_check?scid=0b1f690a-efce-711f-4f6e-fb90614ff39f&cid=98421081 HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?cid=98421081&redirect_domain=mc.yandex.com&scid=0b1f690a-efce-711f-4f6e-fb90614ff39f&token=11001.l6omQMvFa7zz45yusyUml9fVhs3u21lldB40lSKhmhY62n90W6pA0s1cAvNnxFi4.SpL-gKGmt9mZKmO9MsD45o4ofzc%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?cid=98421081&scid=0b1f690a-efce-711f-4f6e-fb90614ff39f&token=11001.v0skTz2wfJkMxV2SKioS0uHC8AcxTw_mZBXQ_MKbPtDDwpPOBt85ZXEURuD4PZniUyQup_iNNeJsMAAMP0fVs_1nzKGt6ZopUDLiCwtBPV8%2C.qyA7XjX9SSy92dMk8xp6uX5hsXs%2C
Request Chain 9
  • https://mc.yandex.com/watch/98421081?wmode=7&page-url=https%3A%2F%2Fru1.safe-honk.online%2F&nohit=1&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.55%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3A6glgxny3ywmlt088t0nklbpybmq57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2460%3Acn%3A1%3Adp%3A0%3Als%3A1544297971106%3Ahid%3A549928285%3Az%3A-240%3Ai%3A20260414051843%3Aet%3A1776158323%3Ac%3A1%3Arn%3A362841129%3Au%3A1776158323337288295%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1776158320140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1776158324%3At%3AYourVpn&t=clt(1078)gdpr(14)clc(0-0-0)aw(1)rcm(1)cdl(na)eco(46203396)ti(1) HTTP 302
  • https://mc.yandex.com/watch/98421081/1?wmode=7&page-url=https%3A%2F%2Fru1.safe-honk.online%2F&nohit=1&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.55%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3A6glgxny3ywmlt088t0nklbpybmq57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2460%3Acn%3A1%3Adp%3A0%3Als%3A1544297971106%3Ahid%3A549928285%3Az%3A-240%3Ai%3A20260414051843%3Aet%3A1776158323%3Ac%3A1%3Arn%3A362841129%3Au%3A1776158323337288295%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1776158320140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1776158324%3At%3AYourVpn&t=clt%281078%29gdpr%2814%29clc%280-0-0%29aw%281%29rcm%281%29cdl%28na%29eco%2846203396%29ti%281%29&redirnss=1
Request Chain 11
  • https://mc.yandex.com/sync_cookie_image_check?scid=cb5ae829-31e2-5663-4092-7b57d026e9af&cid=98421081 HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?cid=98421081&redirect_domain=mc.yandex.com&scid=cb5ae829-31e2-5663-4092-7b57d026e9af&token=11001.pH9fjN_bIBhBlep374cJY1zlNSVfiMTYrwnFJjx-4ndJL87oA6a6NJYM64rGlx7_.NraapGR1VicJFq1V8iSFIfP9J6A%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?cid=98421081&scid=cb5ae829-31e2-5663-4092-7b57d026e9af&token=11001.XGLC3E2aEZcWeNgyNtHf3trWWAu4vD5fsyyntyHBK46uHQIe6opuOLehR_LdD7Njh_QoFQWIcS39X_588uyez-D6QoKULEbJfHxATNoO9K4%2C.FOS_r1Wc3XmAcueXNS0k7lcltuw%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?cid=98421081&redirect_domain=mc.yandex.com&scid=cb5ae829-31e2-5663-4092-7b57d026e9af&token=11001.lCmXXPoeEtcchoLi_7a2nI1Gqs7Yny_mXAlifOk4MJbB8P6kFK9FvtAO3jzf45ywFvE2I80yDZjyuVk0DznTaNoO3TEEmb8GE5o2wgOnSMyCYYSJXgI1aBLRitBrSo1kfSYutqDRqHeAKTL_JICPQA4PjYosVAo147nTUnXgfxJmYMg92XSatA4tO8zCTVMBSHtUnifpyUjiWUqv7y44zg%2C%2C.jPCjhD_KSN6XkXkYm4gpf8Se8ZA%2C

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ru1.safe-honk.online/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ru1.safe-honk.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.112.102.229 Moscow, Russian Federation, ASN205090 (FIRST-SERVER-EUROPE FIRST SERVER LIMITED, GB),
Reverse DNS
vm3031689.firstbyte.club
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
035311c6cbe6c0594fb6107909e2a568c3eab2de89f54d2b290637447e320e81

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Linux"

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 14 Apr 2026 09:18:41 GMT
ETag
W/"69d2cdf0-682"
Last-Modified
Sun, 05 Apr 2026 21:02:40 GMT
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
css2
fonts.googleapis.com/ 		5 KB
1009 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inria+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Requested by
Host: ru1.safe-honk.online
URL: https://ru1.safe-honk.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f8b0:4004:c1f::5f Washington, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
959305a0c9d3bccf3ab7c76e61e730e0b80a7fe708d28a6897a4a0ec5eff831b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://ru1.safe-honk.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 14 Apr 2026 09:18:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 14 Apr 2026 09:18:41 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 14 Apr 2026 09:07:37 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
telegram-web-app.js
telegram.org/js/ 		114 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/telegram-web-app.js
Requested by
Host: ru1.safe-honk.online
URL: https://ru1.safe-honk.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (Telegram Telegram Messenger Inc, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bcc5e1ca219fbea9498e826e0f5648603582c7988ec8c3ce0b85c86a9eb6299c

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://ru1.safe-honk.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
max-age=345600
content-encoding
gzip
etag
W/"69d2399c-1c675"
expires
Sat, 18 Apr 2026 09:18:41 GMT
access-control-allow-origin
*
date
Tue, 14 Apr 2026 09:18:41 GMT
content-type
application/javascript
last-modified
Sun, 05 Apr 2026 10:29:48 GMT
server
nginx/1.18.0
index-BYQwqbEc.js
ru1.safe-honk.online/assets/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://ru1.safe-honk.online/assets/index-BYQwqbEc.js
Requested by
Host: ru1.safe-honk.online
URL: https://ru1.safe-honk.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.112.102.229 Moscow, Russian Federation, ASN205090 (FIRST-SERVER-EUROPE FIRST SERVER LIMITED, GB),
Reverse DNS
vm3031689.firstbyte.club
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8c1a120896c616a9069507eab8de94f5b424a13d0c9f1fcb5821a7c5587e918a

Request headers

Origin
https://ru1.safe-honk.online
sec-ch-ua-platform
"Linux"
Referer
https://ru1.safe-honk.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

Cache-Control
no-store, no-cache, must-revalidate
ETag
"69d2cdf1-1eb47c"
Pragma
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2012284
Date
Tue, 14 Apr 2026 09:18:41 GMT
Content-Type
application/javascript
Last-Modified
Sun, 05 Apr 2026 21:02:41 GMT
Server
nginx/1.18.0 (Ubuntu)
index-D67cDb4g.css
ru1.safe-honk.online/assets/ 		50 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ru1.safe-honk.online/assets/index-D67cDb4g.css
Requested by
Host: ru1.safe-honk.online
URL: https://ru1.safe-honk.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.112.102.229 Moscow, Russian Federation, ASN205090 (FIRST-SERVER-EUROPE FIRST SERVER LIMITED, GB),
Reverse DNS
vm3031689.firstbyte.club
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
de88b111fab55c29a70c353e68238124bbd7e4bbc253892d860c15e4810543c9

Request headers

Origin
https://ru1.safe-honk.online
sec-ch-ua-platform
"Linux"
Referer
https://ru1.safe-honk.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

Cache-Control
no-store, no-cache, must-revalidate
ETag
"69d2cdf1-c67a"
Pragma
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50810
Date
Tue, 14 Apr 2026 09:18:41 GMT
Content-Type
text/css
Last-Modified
Sun, 05 Apr 2026 21:02:41 GMT
Server
nginx/1.18.0 (Ubuntu)
tag.js
mc.yandex.ru/metrika/ 		256 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ru1.safe-honk.online
URL: https://ru1.safe-honk.online/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
79cb25de872d114b6b91f214bf0dba9f7639580c4435116854490edf0c8ed8b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://ru1.safe-honk.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"69dca511-151e1"
expires
Tue, 14 Apr 2026 10:18:42 GMT
access-control-allow-origin
*
content-length
86497
date
Tue, 14 Apr 2026 09:18:42 GMT
last-modified
Mon, 13 Apr 2026 08:10:57 GMT
content-type
application/javascript
goose-Byo04aly.zip
ru1.safe-honk.online/assets/ 		42 KB
42 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ru1.safe-honk.online/assets/goose-Byo04aly.zip
Requested by
Host: ru1.safe-honk.online
URL: https://ru1.safe-honk.online/assets/index-BYQwqbEc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.112.102.229 Moscow, Russian Federation, ASN205090 (FIRST-SERVER-EUROPE FIRST SERVER LIMITED, GB),
Reverse DNS
vm3031689.firstbyte.club
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e759066f3562e246650eab5f1081efe5bfb14ca1b771e8c36758e63708362a49

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://ru1.safe-honk.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

Cache-Control
no-store, no-cache, must-revalidate
ETag
"69d2cdf1-a871"
Pragma
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43121
Date
Tue, 14 Apr 2026 09:18:43 GMT
Content-Type
application/zip
Last-Modified
Sun, 05 Apr 2026 21:02:41 GMT
Server
nginx/1.18.0 (Ubuntu)
alert-CaI4dmUY.zip
ru1.safe-honk.online/assets/ 		7 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ru1.safe-honk.online/assets/alert-CaI4dmUY.zip
Requested by
Host: ru1.safe-honk.online
URL: https://ru1.safe-honk.online/assets/index-BYQwqbEc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.112.102.229 Moscow, Russian Federation, ASN205090 (FIRST-SERVER-EUROPE FIRST SERVER LIMITED, GB),
Reverse DNS
vm3031689.firstbyte.club
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8227cf42e554bf47e3a3ec25b8d294a9c4fe1ea8e8f414cd1e2e92429cbf6772

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://ru1.safe-honk.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

Cache-Control
no-store, no-cache, must-revalidate
ETag
"69d2cdf1-1be9"
Pragma
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7145
Date
Tue, 14 Apr 2026 09:18:43 GMT
Content-Type
application/zip
Last-Modified
Sun, 05 Apr 2026 21:02:41 GMT
Server
nginx/1.18.0 (Ubuntu)
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check?scid=0b1f690a-efce-711f-4f6e-fb90614ff39f&cid=98421081
  • https://mc.yandex.ru/sync_cookie_image_start?cid=98421081&redirect_domain=mc.yandex.com&scid=0b1f690a-efce-711f-4f6e-fb90614ff39f&token=11001.l6omQMvFa7zz45yusyUml9fVhs3u21lldB40lSKhmhY62n90W6pA0s1...
  • https://mc.yandex.com/sync_cookie_image_decide?cid=98421081&scid=0b1f690a-efce-711f-4f6e-fb90614ff39f&token=11001.v0skTz2wfJkMxV2SKioS0uHC8AcxTw_mZBXQ_MKbPtDDwpPOBt85ZXEURuD4PZniUyQup_iNNeJsMAAMP0f...
43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?cid=98421081&scid=0b1f690a-efce-711f-4f6e-fb90614ff39f&token=11001.v0skTz2wfJkMxV2SKioS0uHC8AcxTw_mZBXQ_MKbPtDDwpPOBt85ZXEURuD4PZniUyQup_iNNeJsMAAMP0fVs_1nzKGt6ZopUDLiCwtBPV8%2C.qyA7XjX9SSy92dMk8xp6uX5hsXs%2C
Requested by
Host: ru1.safe-honk.online
URL: https://ru1.safe-honk.online/
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer
https://ru1.safe-honk.online/

Response headers

strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
location
https://mc.yandex.com/sync_cookie_image_decide?cid=98421081&scid=0b1f690a-efce-711f-4f6e-fb90614ff39f&token=11001.v0skTz2wfJkMxV2SKioS0uHC8AcxTw_mZBXQ_MKbPtDDwpPOBt85ZXEURuD4PZniUyQup_iNNeJsMAAMP0fVs_1nzKGt6ZopUDLiCwtBPV8%2C.qyA7XjX9SSy92dMk8xp6uX5hsXs%2C
advert.gif
mc.yandex.com/metrika/ 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif?t=gdpr(14)ti(4)
Requested by
Host: ru1.safe-honk.online
URL: https://ru1.safe-honk.online/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://ru1.safe-honk.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"69ca768e-2b"
expires
Tue, 14 Apr 2026 10:18:43 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Tue, 14 Apr 2026 09:18:43 GMT
content-type
image/gif
last-modified
Mon, 30 Mar 2026 13:11:42 GMT
1
mc.yandex.com/watch/98421081/
Redirect Chain
  • https://mc.yandex.com/watch/98421081?wmode=7&page-url=https%3A%2F%2Fru1.safe-honk.online%2F&nohit=1&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C...
  • https://mc.yandex.com/watch/98421081/1?wmode=7&page-url=https%3A%2F%2Fru1.safe-honk.online%2F&nohit=1&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%...
689 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/98421081/1?wmode=7&page-url=https%3A%2F%2Fru1.safe-honk.online%2F&nohit=1&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.55%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3A6glgxny3ywmlt088t0nklbpybmq57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2460%3Acn%3A1%3Adp%3A0%3Als%3A1544297971106%3Ahid%3A549928285%3Az%3A-240%3Ai%3A20260414051843%3Aet%3A1776158323%3Ac%3A1%3Arn%3A362841129%3Au%3A1776158323337288295%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1776158320140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1776158324%3At%3AYourVpn&t=clt%281078%29gdpr%2814%29clc%280-0-0%29aw%281%29rcm%281%29cdl%28na%29eco%2846203396%29ti%281%29&redirnss=1
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
1269c729a26b52f7a446e57b194936d92cbadb9ba975e58cda2dfeef99b2421a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer
https://ru1.safe-honk.online/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Tue, 14-Apr-2026 09:18:44 GMT
access-control-allow-origin
https://ru1.safe-honk.online
content-length
689
x-xss-protection
1; mode=block
last-modified
Tue, 14-Apr-2026 09:18:44 GMT
content-type
application/json; charset=utf-8

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/98421081/1?wmode=7&page-url=https%3A%2F%2Fru1.safe-honk.online%2F&nohit=1&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.55%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3A6glgxny3ywmlt088t0nklbpybmq57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2460%3Acn%3A1%3Adp%3A0%3Als%3A1544297971106%3Ahid%3A549928285%3Az%3A-240%3Ai%3A20260414051843%3Aet%3A1776158323%3Ac%3A1%3Arn%3A362841129%3Au%3A1776158323337288295%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1776158320140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1776158324%3At%3AYourVpn&t=clt%281078%29gdpr%2814%29clc%280-0-0%29aw%281%29rcm%281%29cdl%28na%29eco%2846203396%29ti%281%29&redirnss=1
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Tue, 14-Apr-2026 09:18:43 GMT
access-control-allow-origin
https://ru1.safe-honk.online
x-xss-protection
1; mode=block
last-modified
Tue, 14-Apr-2026 09:18:43 GMT
favicon-Bv5K0ya_.ico
ru1.safe-honk.online/assets/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ru1.safe-honk.online/assets/favicon-Bv5K0ya_.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.112.102.229 Moscow, Russian Federation, ASN205090 (FIRST-SERVER-EUROPE FIRST SERVER LIMITED, GB),
Reverse DNS
vm3031689.firstbyte.club
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4187a04b553ab933722d8e664e6da8cb2f1f7775562f5cc5060084f470d34588

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://ru1.safe-honk.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

Cache-Control
no-store, no-cache, must-revalidate
ETag
"69d2cdf1-e2a"
Pragma
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3626
Date
Tue, 14 Apr 2026 09:18:43 GMT
Content-Type
image/x-icon
Last-Modified
Sun, 05 Apr 2026 21:02:41 GMT
Server
nginx/1.18.0 (Ubuntu)
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check?scid=cb5ae829-31e2-5663-4092-7b57d026e9af&cid=98421081
  • https://mc.yandex.ru/sync_cookie_image_start?cid=98421081&redirect_domain=mc.yandex.com&scid=cb5ae829-31e2-5663-4092-7b57d026e9af&token=11001.pH9fjN_bIBhBlep374cJY1zlNSVfiMTYrwnFJjx-4ndJL87oA6a6NJY...
  • https://mc.yandex.com/sync_cookie_image_decide?cid=98421081&scid=cb5ae829-31e2-5663-4092-7b57d026e9af&token=11001.XGLC3E2aEZcWeNgyNtHf3trWWAu4vD5fsyyntyHBK46uHQIe6opuOLehR_LdD7Njh_QoFQWIcS39X_588uy...
  • https://mc.yandex.ru/sync_cookie_image_finish?cid=98421081&redirect_domain=mc.yandex.com&scid=cb5ae829-31e2-5663-4092-7b57d026e9af&token=11001.lCmXXPoeEtcchoLi_7a2nI1Gqs7Yny_mXAlifOk4MJbB8P6kFK9Fvt...
43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?cid=98421081&redirect_domain=mc.yandex.com&scid=cb5ae829-31e2-5663-4092-7b57d026e9af&token=11001.lCmXXPoeEtcchoLi_7a2nI1Gqs7Yny_mXAlifOk4MJbB8P6kFK9FvtAO3jzf45ywFvE2I80yDZjyuVk0DznTaNoO3TEEmb8GE5o2wgOnSMyCYYSJXgI1aBLRitBrSo1kfSYutqDRqHeAKTL_JICPQA4PjYosVAo147nTUnXgfxJmYMg92XSatA4tO8zCTVMBSHtUnifpyUjiWUqv7y44zg%2C%2C.jPCjhD_KSN6XkXkYm4gpf8Se8ZA%2C
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer
https://ru1.safe-honk.online/

Response headers

strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
location
https://mc.yandex.ru/sync_cookie_image_finish?cid=98421081&redirect_domain=mc.yandex.com&scid=cb5ae829-31e2-5663-4092-7b57d026e9af&token=11001.lCmXXPoeEtcchoLi_7a2nI1Gqs7Yny_mXAlifOk4MJbB8P6kFK9FvtAO3jzf45ywFvE2I80yDZjyuVk0DznTaNoO3TEEmb8GE5o2wgOnSMyCYYSJXgI1aBLRitBrSo1kfSYutqDRqHeAKTL_JICPQA4PjYosVAo147nTUnXgfxJmYMg92XSatA4tO8zCTVMBSHtUnifpyUjiWUqv7y44zg%2C%2C.jPCjhD_KSN6XkXkYm4gpf8Se8ZA%2C
98421081
mc.yandex.com/watch/ 		681 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/98421081?wmode=7&page-url=https%3A%2F%2Fru1.safe-honk.online%2F&charset=utf-8&site-info=%7B%22isNewClient%22%3Atrue%7D&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.55%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&hittoken=1776158324_6f3d4f69a5ef9d6fd5298221b369a0c55cf6ccc292862f94407252ccdfa55eb2&browser-info=pv%3A1%3Aar%3A1%3Avf%3A6glgxny3ywmlt088t0nklbpybmq57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2460%3Acn%3A1%3Adp%3A1%3Als%3A1544297971106%3Ahid%3A549928285%3Az%3A-240%3Ai%3A20260414051844%3Aet%3A1776158324%3Ac%3A1%3Arn%3A95509173%3Arqn%3A1%3Au%3A1776158323337288295%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2900%3Awv%3A2%3Ads%3A712%2C278%2C255%2C3%2C1%2C0%2C%2C791%2C0%2C3770%2C3771%2C0%2C2665%3Aco%3A0%3Acpf%3A1%3Ans%3A1776158320140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1776158325%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&t=gdpr(14)mc(h-1)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(46203396)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
f4040ca2e14452aedcb9b57ed005b20ee9aba69bac53c827f41613ffca814a47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://ru1.safe-honk.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Tue, 14-Apr-2026 09:18:44 GMT
access-control-allow-origin
https://ru1.safe-honk.online
content-length
681
x-xss-protection
1; mode=block
last-modified
Tue, 14-Apr-2026 09:18:44 GMT
content-type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

8 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| Telegram function| TelegramGameProxy_receiveEvent object| TelegramGameProxy function| ym string| __reactRouterVersion object| __core-js_shared__ object| Ya object| yaCounter98421081

18 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: bh
Value: EkEiQ2hyb21pdW0iO3Y9IjE0NyIsICJHb29nbGUgQ2hyb21lIjt2PSIxNDciLCAiTm90LUEuQnJhbmQiO3Y9IjI0IioCPzA6ByJMaW51eCJg8oz4zgZqGdzK6YgO8qy3pQv7+vDnDev//fYPm4fPhwg=
.safe-honk.online/ Name: _ym_uid
Value: 1776158323337288295
.safe-honk.online/ Name: _ym_d
Value: 1776158323
.safe-honk.online/ Name: _ym_isad
Value: 2
mc.yandex.com/ Name: yabs-sid
Value: 2578640021776158323
.yandex.com/ Name: i
Value: 6DJGfn4F/gb2GDOPtExrcSIl7jKMHWxt/1S26kCRw+zmhMMJZHocrkFKjpLnFfTtoNckVk2D7+lmXBmK/MnI7+jfJ/0=
.yandex.com/ Name: yandexuid
Value: 5521382511776158323
.yandex.com/ Name: yuidss
Value: 5521382511776158323
.yandex.com/ Name: ymex
Value: 1807694323.yrts.1776158323#1807694323.yrtsi.1776158323
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1432877965fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 57433445fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 5521382511776158323
.yandex.ru/ Name: yuidss
Value: 5521382511776158323
.yandex.ru/ Name: i
Value: 6DJGfn4F/gb2GDOPtExrcSIl7jKMHWxt/1S26kCRw+zmhMMJZHocrkFKjpLnFfTtoNckVk2D7+lmXBmK/MnI7+jfJ/0=
.safe-honk.online/ Name: _ym_visorc
Value: w
.yandex.com/ Name: bh
Value: Ej8iQ2hyb21pdW0iO3Y9IjE0NyIsIkdvb2dsZSBDaHJvbWUiO3Y9IjE0NyIsIk5vdC1BLkJyYW5kIjt2PSIyNCIaA3g4NiINMTQ3LjAuNzcyNy41NSoCPzA6BUxpbnV4SgI2NFJRIkNocm9taXVtIjt2PSIxNDcuMC4wLjAiLCJHb29nbGUgQ2hyb21lIjt2PSIxNDcuMC4wLjAiLCJOb3QtQS5CcmFuZCI7dj0iMjQuMC4wLjAiYPSM+M4GahncyumIDvKst6UL+/rw5w3r//32D5uHz4cI