www1.offshore4you.info Open in urlscan Pro
75.2.81.212 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.banki4you.ru/
Effective URL:
http://www1.offshore4you.info/?tm=1&subid4=1722560541.0219170000
Submission: On August 02 via automatic, source certstream-suspicious (August 2nd 2024, 1:02:35 am UTC) — Scanned from CA

Summary HTTP 28 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 28 HTTP transactions. The main IP is 75.2.81.212, located in United States and belongs to AMAZON-02, US. The main domain is www1.offshore4you.info.

This is the only time www1.offshore4you.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	193.47.33.109 193.47.33.109	208626 (SERV-TECH) (SERV-TECH)
1	2607:f8b0:400... 2607:f8b0:400d:c02::5f	15169 (GOOGLE) (GOOGLE)
4 14	46.229.162.174 46.229.162.174	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	2607:f8b0:400... 2607:f8b0:400d:c1d::5e	15169 (GOOGLE) (GOOGLE)
4	2600:9000:230... 2600:9000:2305:f200:18:ee85:a00:21	16509 (AMAZON-02) (AMAZON-02)
1 1	45.33.2.79 45.33.2.79	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	75.2.81.212 75.2.81.212	16509 (AMAZON-02) (AMAZON-02)
1	208.91.196.46 208.91.196.46	40034 (CONFLUENC...) (CONFLUENCE-NETWORK-INC)
28	8

2 193.47.33.109 (Moscow, Russian Federation) 1 redirects

ASN208626 (SERV-TECH, RU)
PTR: offshore4you.info

www.banki4you.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
banki4you.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c02::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 46.229.162.174 (Ashburn, United States) 4 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

vvkq495jac.a.trbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c1d::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2305:f200:18:ee85:a00:21 (United States)

ASN16509 (AMAZON-02, US)

d39f23jfph0ylk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.33.2.79 (Richardson, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li956-79.members.linode.com

offshore4you.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.81.212 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad97f17ac43043829.awsglobalaccelerator.com

www1.offshore4you.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.91.196.46 (Virgin Islands (British))

ASN40034 (CONFLUENCE-NETWORK-INC, VG)

ifdnzact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	trbcdn.net 4 redirects vvkq495jac.a.trbcdn.net	57 KB
4	cloudfront.net d39f23jfph0ylk.cloudfront.net Failed	4 KB
4	gstatic.com fonts.gstatic.com	45 KB
2	offshore4you.info 1 redirects offshore4you.info www1.offshore4you.info	3 KB
2	banki4you.ru 1 redirects www.banki4you.ru banki4you.ru	37 KB
1	ifdnzact.com ifdnzact.com — Cisco Umbrella Rank: 618770
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
0	sav.com Failed www.sav.com Failed
28	8

	Domain	Requested by
14	vvkq495jac.a.trbcdn.net	4 redirects banki4you.ru vvkq495jac.a.trbcdn.net
4	d39f23jfph0ylk.cloudfront.net
4	fonts.gstatic.com	fonts.googleapis.com
1	ifdnzact.com	www1.offshore4you.info
1	www1.offshore4you.info	vvkq495jac.a.trbcdn.net
1	offshore4you.info	1 redirects
1	fonts.googleapis.com	banki4you.ru
1	banki4you.ru
1	www.banki4you.ru	1 redirects
0	www.sav.com Failed	www1.offshore4you.info
28	10

This site contains links to these domains. Also see Links.

Domain
www.sav.com

Subject Issuer	Validity	Valid
banki4you.ru R11	`2024-08-01` - `2024-10-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.a.trbcdn.net GlobalSign GCC R3 DV TLS CA 2020	`2024-05-15` - `2025-06-16`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://www1.offshore4you.info/?tm=1&subid4=1722560541.0219170000
Frame ID: 36DC986FB35EE9761994421AC63DCF56
Requests: 29 HTTP requests in this frame

Frame: http://ifdnzact.com/?dn=offshore4you.info&pid=9PO755G95
Frame ID: D7F4C29C7630EE931436ADF4C29F67F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

offshore4you.info

Page URL History Show full URLs

https://www.banki4you.ru/ HTTP 301
https://banki4you.ru/ Page URL
http://vvkq495jac.a.trbcdn.net/ HTTP 307
https://vvkq495jac.a.trbcdn.net/ Page URL
https://offshore4you.info/?gp=1&js=1&uuid=1722488286.0039069625&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjo... HTTP 302
http://www1.offshore4you.info/?tm=1&subid4=1722560541.0219170000 HTTP 307
https://www1.offshore4you.info/?tm=1&subid4=1722560541.0219170000 HTTP 307
http://www1.offshore4you.info/?tm=1&subid4=1722560541.0219170000 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

28
Requests

57 %
HTTPS

38 %
IPv6

8
Domains

10
Subdomains

8
IPs

3
Countries

177 kB
Transfer

385 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sav.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.banki4you.ru/ HTTP 301
https://banki4you.ru/ Page URL
http://vvkq495jac.a.trbcdn.net/ HTTP 307
https://vvkq495jac.a.trbcdn.net/ Page URL
https://offshore4you.info/?gp=1&js=1&uuid=1722488286.0039069625&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLGltYWdlL2FwbmcsKi8qO3E9MC44LGFwcGxpY2F0aW9uL3NpZ25lZC1leGNoYW5nZTt2PWIzO3E9MC43In0= HTTP 302
http://www1.offshore4you.info/?tm=1&subid4=1722560541.0219170000 HTTP 307
https://www1.offshore4you.info/?tm=1&subid4=1722560541.0219170000 HTTP 307
http://www1.offshore4you.info/?tm=1&subid4=1722560541.0219170000 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.banki4you.ru/ HTTP 301
https://banki4you.ru/

Request Chain 19

http://vvkq495jac.a.trbcdn.net/ HTTP 307
https://vvkq495jac.a.trbcdn.net/

Request Chain 20

https://vvkq495jac.a.trbcdn.net/wp-content/uploads/2020/04/kreditnye-kanikuly-banki-shtrafy-e1586266636294-440x250.jpg HTTP 302
https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg

Request Chain 21

https://vvkq495jac.a.trbcdn.net/wp-content/uploads/2020/03/halva-keshbek-2020-e1584202504206-440x250.jpg HTTP 302
https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg

Request Chain 22

https://vvkq495jac.a.trbcdn.net/wp-content/uploads/2020/03/sovkombank-informatsiya-o-banke-vladeltsy-e1584193845935-440x250.jpg HTTP 302
https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg

Request Chain 23

https://vvkq495jac.a.trbcdn.net/wp-content/uploads/2020/03/sovkombank-kredit-s-vozvratom-protsentov-e1584184320735-440x250.jpg HTTP 302
https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg

Request Chain 24

https://vvkq495jac.a.trbcdn.net/wp-content/uploads/2020/03/bonusnaya-karta-halva-plyus-mtbank-kak-zarabotat-440x250.jpg HTTP 302
https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg

Request Chain 25

https://vvkq495jac.a.trbcdn.net/wp-content/uploads/2020/03/kak-uznat-skolko-deneg-na-karte-halva-prilozhenie-e1583694028238-440x250.jpg HTTP 302
https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg

28 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
banki4you.ru/
Redirect Chain

https://www.banki4you.ru/
https://banki4you.ru/

148 KB
37 KB

987ms
309ms

Document
text/html

193.47.33.109
SERV-TECH

General

Check archive.org

Show headers Download Go to

Full URL

https://banki4you.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.47.33.109 Moscow, Russian Federation, ASN208626 (SERV-TECH, RU),

Reverse DNS

offshore4you.info

Software

nginx /

Resource Hash

f9465db7ea29bab32202c5df66565538e170a1e80983bc516eff4605951197f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 02 Aug 2024 01:02:19 GMT
server: nginx
strict-transport-security: max-age=31536000;
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent

Redirect headers

content-type: text/html; charset=UTF-8
date: Fri, 02 Aug 2024 01:02:18 GMT
location: https://banki4you.ru/
server: nginx
strict-transport-security: max-age=31536000;
x-redirect-by: WordPress

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 127ms
46ms Stylesheet
text/css 2607:f8b0:400d:c02::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source%20Sans%20Pro%3A400%2C700&subset=latin%2Ccyrillic&display=swap

Requested by

Host: banki4you.ru
URL: https://banki4you.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20ba73bd31c1174f4bb0ca95fa30d9953bc20f2f5124305b62b1598955324d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://banki4you.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Aug 2024 01:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 02 Aug 2024 01:02:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Aug 2024 01:02:19 GMT

GET
H2 403 genericons.css
vvkq495jac.a.trbcdn.net/wp-content/plugins/bwp-shortcodes/genericons/ 0
0 1122ms
744ms Stylesheet
text/html 46.229.162.174
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vvkq495jac.a.trbcdn.net/wp-content/plugins/bwp-shortcodes/genericons/genericons.css
Requested by: Host: banki4you.ru
URL: https://banki4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.229.162.174 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://banki4you.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 01:02:20 GMT
x-cdn-edge-id: 1174
server: nginx
content-type: text/html
x-fail-reason: Bad Extension
x-cdn-edge-cache: MISS
x-cdn-request-id: 514a514d8e422ffdd12c949fd2dd4735
content-length: 1

GET
H2 200 bwp-shortcodes-style.css
vvkq495jac.a.trbcdn.net/wp-content/plugins/bwp-shortcodes/css/ 13 KB
3 KB 672ms
295ms Stylesheet
text/css 46.229.162.174
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vvkq495jac.a.trbcdn.net/wp-content/plugins/bwp-shortcodes/css/bwp-shortcodes-style.css

Requested by

Host: banki4you.ru
URL: https://banki4you.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.229.162.174 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://banki4you.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 01:02:20 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Tue, 11 Jun 2019 15:41:23 GMT
server: nginx
x-cdn-edge-id: 1174
etag: W/"5cffcba3-35f6"
content-type: text/css
x-rocket-nginx-serving-static: MISS
cache-control: max-age=25920000
x-cdn-edge-cache: MISS
x-cdn-request-id: d1884a62cfec4857f277ea4cba5afc17
expires: Thu, 15 Aug 2024 11:59:25 GMT

GET
H2 200 dashicons.min.css
vvkq495jac.a.trbcdn.net/wp-includes/css/ 58 KB
35 KB 666ms
289ms Stylesheet
text/css 46.229.162.174
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vvkq495jac.a.trbcdn.net/wp-includes/css/dashicons.min.css

Requested by

Host: banki4you.ru
URL: https://banki4you.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.229.162.174 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://banki4you.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 01:02:20 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 12:21:52 GMT
server: nginx
x-cdn-edge-id: 1174
etag: W/"608018e0-e688"
content-type: text/css
x-rocket-nginx-serving-static: MISS
cache-control: max-age=25920000
x-cdn-edge-cache: MISS
x-cdn-request-id: 28a7df055ab05722b14340367fb1f2d9
expires: Thu, 15 Aug 2024 11:59:25 GMT

GET
H2 200 frontend.min.css
vvkq495jac.a.trbcdn.net/wp-content/plugins/post-views-counter/css/ 215 B
483 B 665ms
288ms Stylesheet
text/css 46.229.162.174
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vvkq495jac.a.trbcdn.net/wp-content/plugins/post-views-counter/css/frontend.min.css

Requested by

Host: banki4you.ru
URL: https://banki4you.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.229.162.174 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

ed70c2cf61d0f24d03299ffc5896c7abd86bb858501987dc10e3afec086c01df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://banki4you.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 01:02:20 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Tue, 18 Apr 2023 07:39:49 GMT
server: nginx
x-cdn-edge-id: 1174
etag: W/"643e4945-d7"
content-type: text/css
x-rocket-nginx-serving-static: MISS
cache-control: max-age=25920000
x-cdn-edge-cache: MISS
x-cdn-request-id: 3eb1977d7e4d4fb8f862846362d0bcca
expires: Wed, 07 Aug 2024 10:03:44 GMT

GET font-awesome.min.css
vvkq495jac.a.trbcdn.net/wp-content/plugins/wp-external-links/public/css/ 0
0

GET
H2 403 wpel.css
vvkq495jac.a.trbcdn.net/wp-content/plugins/wp-external-links/public/css/ 0
0 1135ms
758ms Stylesheet
text/html 46.229.162.174
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vvkq495jac.a.trbcdn.net/wp-content/plugins/wp-external-links/public/css/wpel.css
Requested by: Host: banki4you.ru
URL: https://banki4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.229.162.174 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://banki4you.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 01:02:20 GMT
x-cdn-edge-id: 1174
server: nginx
content-type: text/html
x-fail-reason: Bad Extension
x-cdn-edge-cache: MISS
x-cdn-request-id: 007921c99773355037954fb99e899749
content-length: 1

GET pagenavi-css.css
vvkq495jac.a.trbcdn.net/wp-content/plugins/wp-pagenavi/ 0
0

GET
H2 200 style.css
vvkq495jac.a.trbcdn.net/wp-content/themes/simpatika/ 59 KB
13 KB 666ms
290ms Stylesheet
text/css 46.229.162.174
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vvkq495jac.a.trbcdn.net/wp-content/themes/simpatika/style.css

Requested by

Host: banki4you.ru
URL: https://banki4you.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.229.162.174 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

84ee01067f1eb2961803898867de0c0f0466f7359d0a41c1b526a336da6f3231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://banki4you.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 01:02:20 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Tue, 11 Jun 2019 15:41:24 GMT
server: nginx
x-cdn-edge-id: 1174
etag: W/"5cffcba4-eb4c"
content-type: text/css
x-rocket-nginx-serving-static: MISS
cache-control: max-age=25920000
x-cdn-edge-cache: MISS
x-cdn-request-id: 20e671fbc6e808bc1197905f261b3464
expires: Thu, 15 Aug 2024 11:59:25 GMT

GET
H2 200 jquery.min.js
vvkq495jac.a.trbcdn.net/wp-includes/js/jquery/ 157 B
359 B 378ms
375ms Script
application/javascript 46.229.162.174
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vvkq495jac.a.trbcdn.net/wp-includes/js/jquery/jquery.min.js
Requested by: Host: banki4you.ru
URL: https://banki4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.229.162.174 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://banki4you.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 01:02:20 GMT
content-encoding: gzip
last-modified: Tue, 10 Jan 2023 21:36:12 GMT
server: nginx
x-cdn-edge-id: 1174
etag: W/"63bdda4c-9d"
content-type: application/javascript
x-cdn-edge-cache: MISS
x-cdn-request-id: af5f53e338bf2897c236bd22f0bf48a1

GET
H2 200 jquery-migrate.min.js Show response
vvkq495jac.a.trbcdn.net/wp-includes/js/jquery/ 157 B
359 B 284ms
281ms Script
application/javascript 46.229.162.174
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vvkq495jac.a.trbcdn.net/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: banki4you.ru
URL: https://banki4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.229.162.174 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7

Request headers

Referer: https://banki4you.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 01:02:20 GMT
content-encoding: gzip
last-modified: Tue, 10 Jan 2023 21:36:11 GMT
server: nginx
x-cdn-edge-id: 1174
etag: W/"63bdda4b-9d"
content-type: application/javascript
x-cdn-edge-cache: MISS
x-cdn-request-id: 741662271ca44a5bd9966e9cc068e8e2

GET
H2 200 lazyload.min.js
vvkq495jac.a.trbcdn.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 303ms
300ms Script
application/javascript 46.229.162.174
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vvkq495jac.a.trbcdn.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js

Requested by

Host: banki4you.ru
URL: https://banki4you.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.229.162.174 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://banki4you.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 01:02:20 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Sat, 14 Oct 2023 15:04:17 GMT
server: nginx
x-cdn-edge-id: 1174
etag: W/"652aadf1-22bc"
content-type: application/javascript
x-rocket-nginx-serving-static: MISS
cache-control: max-age=25920000
x-cdn-edge-cache: MISS
x-cdn-request-id: a267c09670cdbdcd82a968eff3a66a6e
expires: Sat, 17 Aug 2024 12:19:59 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a292ab21ac4f0c3753f9e4383386b36651c7cd115664714e429ebdab1452eefe

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 219ms
82ms Font
font/woff2 2607:f8b0:400d:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source%20Sans%20Pro%3A400%2C700&subset=latin%2Ccyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banki4you.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 00:24:09 GMT
x-content-type-options: nosniff
age: 88690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 00:24:09 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 8 KB
8 KB 215ms
79ms Font
font/woff2 2607:f8b0:400d:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source%20Sans%20Pro%3A400%2C700&subset=latin%2Ccyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73c9d2639ee4ecc555040bb05de136847ae936b885925b56972549ccfe16a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banki4you.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 01:26:24 GMT
x-content-type-options: nosniff
age: 84955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7972
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 01:26:24 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 180ms
44ms Font
font/woff2 2607:f8b0:400d:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source%20Sans%20Pro%3A400%2C700&subset=latin%2Ccyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banki4you.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 10:40:12 GMT
x-content-type-options: nosniff
age: 51727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 10:40:12 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 8 KB
8 KB 175ms
39ms Font
font/woff2 2607:f8b0:400d:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source%20Sans%20Pro%3A400%2C700&subset=latin%2Ccyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a775d512b714a32d68031e6553e4afadfa75617b30c5f98ed08efde1b21e6b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banki4you.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 01:57:48 GMT
x-content-type-options: nosniff
age: 83071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7860
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 01:57:48 GMT

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Origin: https://banki4you.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2

200

/ Show response
vvkq495jac.a.trbcdn.net/
Redirect Chain

http://vvkq495jac.a.trbcdn.net/
https://vvkq495jac.a.trbcdn.net/

999 B
726 B

465ms
403ms

Document
text/html

46.229.162.174
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vvkq495jac.a.trbcdn.net/
Requested by: Host: vvkq495jac.a.trbcdn.net
URL: https://vvkq495jac.a.trbcdn.net/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.229.162.174 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: aaa02260a550bd435a525d8108bc6df78bff8761f78b44389eb9e997a91c4fca

Request headers

Referer: https://banki4you.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 02 Aug 2024 01:02:20 GMT
server: nginx
x-cdn-edge-cache: MISS
x-cdn-edge-id: 1174
x-cdn-request-id: 25d910fb160cd6cd5a2fc0359bf0c39a

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://vvkq495jac.a.trbcdn.net/
Non-Authoritative-Reason: HSTS

GET

offshore4you.info.jpg
d39f23jfph0ylk.cloudfront.net/
Redirect Chain

https://vvkq495jac.a.trbcdn.net/wp-content/uploads/2020/04/kreditnye-kanikuly-banki-shtrafy-e1586266636294-440x250.jpg
https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg

0
0

GET
H2

200

offshore4you.info.jpg
d39f23jfph0ylk.cloudfront.net/
Redirect Chain

https://vvkq495jac.a.trbcdn.net/wp-content/uploads/2020/03/halva-keshbek-2020-e1584202504206-440x250.jpg
https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg

3 KB
4 KB

258ms
108ms

Image
image/jpeg

2600:9000:2305:f200:18:ee85:a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg
Protocol: H2
Server: 2600:9000:2305:f200:18:ee85:a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://banki4you.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 01:02:21 GMT
via: 1.1 6ef654a6fd950af1eb6fc4790b972c72.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jul 2024 02:14:19 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P2
etag: "1e59057e629608fa72396465017eee7f"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 3389
x-amz-cf-id: rNT6hRPQMbuwPWrIgeM7DuJEUYIMaNpJmDoLtUwkcGnRV77FOZHpAw==

Redirect headers

date: Fri, 02 Aug 2024 01:02:20 GMT
x-cdn-edge-id: 1174
server: nginx
vary: Accept-Language
content-language: en-gb
location: https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg
content-type: text/html; charset=utf-8
x-cdn-edge-cache: MISS
x-cdn-request-id: b7977923db5518356b9052491644b020
content-length: 0

GET
H2

200

offshore4you.info.jpg
d39f23jfph0ylk.cloudfront.net/
Redirect Chain

https://vvkq495jac.a.trbcdn.net/wp-content/uploads/2020/03/sovkombank-informatsiya-o-banke-vladeltsy-e1584193845935-440x250.jpg
https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg

3 KB
0

250ms
250ms

Image
image/jpeg

2600:9000:2305:f200:18:ee85:a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg
Protocol: H2
Server: 2600:9000:2305:f200:18:ee85:a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://banki4you.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 01:02:21 GMT
via: 1.1 6ef654a6fd950af1eb6fc4790b972c72.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jul 2024 02:14:19 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P2
etag: "1e59057e629608fa72396465017eee7f"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 3389
x-amz-cf-id: rNT6hRPQMbuwPWrIgeM7DuJEUYIMaNpJmDoLtUwkcGnRV77FOZHpAw==

Redirect headers

date: Fri, 02 Aug 2024 01:02:20 GMT
x-cdn-edge-id: 1174
server: nginx
vary: Accept-Language
content-language: en-gb
location: https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg
content-type: text/html; charset=utf-8
x-cdn-edge-cache: MISS
x-cdn-request-id: 0fec347a74b9031fe624ceba93d2f72a
content-length: 0

GET
H2

200

offshore4you.info.jpg
d39f23jfph0ylk.cloudfront.net/
Redirect Chain

https://vvkq495jac.a.trbcdn.net/wp-content/uploads/2020/03/sovkombank-kredit-s-vozvratom-protsentov-e1584184320735-440x250.jpg
https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg

3 KB
0

247ms
247ms

Image
image/jpeg

2600:9000:2305:f200:18:ee85:a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg
Protocol: H2
Server: 2600:9000:2305:f200:18:ee85:a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://banki4you.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 01:02:21 GMT
via: 1.1 6ef654a6fd950af1eb6fc4790b972c72.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jul 2024 02:14:19 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P2
etag: "1e59057e629608fa72396465017eee7f"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 3389
x-amz-cf-id: rNT6hRPQMbuwPWrIgeM7DuJEUYIMaNpJmDoLtUwkcGnRV77FOZHpAw==

Redirect headers

date: Fri, 02 Aug 2024 01:02:20 GMT
x-cdn-edge-id: 1174
server: nginx
vary: Accept-Language
content-language: en-gb
location: https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg
content-type: text/html; charset=utf-8
x-cdn-edge-cache: MISS
x-cdn-request-id: bdf0c482aec97bb26c6bac6a1e4d7538
content-length: 0

GET

offshore4you.info.jpg
d39f23jfph0ylk.cloudfront.net/
Redirect Chain

https://vvkq495jac.a.trbcdn.net/wp-content/uploads/2020/03/bonusnaya-karta-halva-plyus-mtbank-kak-zarabotat-440x250.jpg
https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg

0
0

GET
H2

200

offshore4you.info.jpg
d39f23jfph0ylk.cloudfront.net/
Redirect Chain

https://vvkq495jac.a.trbcdn.net/wp-content/uploads/2020/03/kak-uznat-skolko-deneg-na-karte-halva-prilozhenie-e1583694028238-440x250.jpg
https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg

3 KB
0

245ms
245ms

Image
image/jpeg

2600:9000:2305:f200:18:ee85:a00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg
Protocol: H2
Server: 2600:9000:2305:f200:18:ee85:a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://banki4you.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 01:02:21 GMT
via: 1.1 6ef654a6fd950af1eb6fc4790b972c72.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jul 2024 02:14:19 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P2
etag: "1e59057e629608fa72396465017eee7f"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 3389
x-amz-cf-id: rNT6hRPQMbuwPWrIgeM7DuJEUYIMaNpJmDoLtUwkcGnRV77FOZHpAw==

Redirect headers

date: Fri, 02 Aug 2024 01:02:20 GMT
x-cdn-edge-id: 1174
server: nginx
vary: Accept-Language
content-language: en-gb
location: https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg
content-type: text/html; charset=utf-8
x-cdn-edge-cache: MISS
x-cdn-request-id: 597c6fee25dbea8556b82b666fdda37b
content-length: 0

GET
H/1.1

200
OK

Primary Request / Show response
www1.offshore4you.info/
Redirect Chain

https://offshore4you.info/?gp=1&js=1&uuid=1722488286.0039069625&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdG...
http://www1.offshore4you.info/?tm=1&subid4=1722560541.0219170000
https://www1.offshore4you.info/?tm=1&subid4=1722560541.0219170000
http://www1.offshore4you.info/?tm=1&subid4=1722560541.0219170000

3 KB
2 KB

257ms
238ms

Document
text/html

75.2.81.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www1.offshore4you.info/?tm=1&subid4=1722560541.0219170000
Requested by: Host: vvkq495jac.a.trbcdn.net
URL: https://vvkq495jac.a.trbcdn.net/
Protocol: HTTP/1.1
Server: 75.2.81.212 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ad97f17ac43043829.awsglobalaccelerator.com
Software: nginx /
Resource Hash: efaa56cfc01313d52faa021a48249f45aac009c471f604308eecabc93af51d09

Request headers

Referer: https://vvkq495jac.a.trbcdn.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-CH: viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime: 30
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Aug 2024 01:02:24 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Y/apEkULlNu7KRfO5J1hT0cwHxXDujP6qtCCIfMB++g7mRluvqNH70iCVX/nwkgVzhSZfFtX8uWMH6KY1dMjEg==
X-Domain: offshore4you.info
X-Redirect: skenzo
X-Subdomain: www1

Redirect headers

Location: http://www1.offshore4you.info/?tm=1&subid4=1722560541.0219170000
Non-Authoritative-Reason: HttpsUpgrades

GET New_Logo_Color.png
www.sav.com/images/logo/2x/ 0
0

GET
H/1.1 403
Forbidden /
ifdnzact.com/ Frame D7F4 0
0 248ms
163ms Document
text/html 208.91.196.46
CONFLUENCE-NETWOR...

General

Check archive.org

Show headers Download Go to

Full URL: http://ifdnzact.com/?dn=offshore4you.info&pid=9PO755G95
Requested by: Host: www1.offshore4you.info
URL: http://www1.offshore4you.info/?tm=1&subid4=1722560541.0219170000
Protocol: HTTP/1.1
Server: 208.91.196.46 , Virgin Islands (British), ASN40034 (CONFLUENCE-NETWORK-INC, VG),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: http://www1.offshore4you.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 303
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Aug 2024 01:02:08 GMT
Keep-Alive: timeout=5, max=128
Server: Apache

GET favicon.ico
www1.offshore4you.info/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vvkq495jac.a.trbcdn.net
URL: https://vvkq495jac.a.trbcdn.net/wp-content/plugins/wp-external-links/public/css/font-awesome.min.css

Domain: vvkq495jac.a.trbcdn.net
URL: https://vvkq495jac.a.trbcdn.net/wp-content/plugins/wp-pagenavi/pagenavi-css.css

Domain: d39f23jfph0ylk.cloudfront.net
URL: https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg

Domain: d39f23jfph0ylk.cloudfront.net
URL: https://d39f23jfph0ylk.cloudfront.net/offshore4you.info.jpg

Domain: www.sav.com
URL: https://www.sav.com/images/logo/2x/New_Logo_Color.png

Domain: www1.offshore4you.info
URL: http://www1.offshore4you.info/favicon.ico

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
banki4you.ru/	1969-12-31 23:59:59	Name: fpm_visit Value: 1
banki4you.ru/	1969-12-31 23:59:59	Name: fpm_referer Value: %2F%2F%2F%3Adirect
offshore4you.info/	1970-01-20 22:29:24	Name: mtm_delivered Value: WyJvZmZzaG9yZTR5b3UuaW5mbyIsImh0dHA6Ly93d3cxLm9mZnNob3JlNHlvdS5pbmZvLz90bT0xJnN1YmlkND0xNzIyNTYwNTQxLjAyMTkxNzAwMDAiLDEsIjIwMjQtMDgtMDIgMDE6MDI6MjEiLDEsIjE3MjI1NjA1NDEuMDIxOTE3MDAwMCIsNTU5LG51bGwsbnVsbF0:1sZggX:mtnxAJqrwSwCYzQlQ4zBAEtQT6U

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://vvkq495jac.a.trbcdn.net/wp-content/plugins/bwp-shortcodes/genericons/genericons.css Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://vvkq495jac.a.trbcdn.net/wp-content/plugins/wp-external-links/public/css/wpel.css Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.sav.com/images/logo/2x/New_Logo_Color.png Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banki4you.ru
d39f23jfph0ylk.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ifdnzact.com
offshore4you.info
vvkq495jac.a.trbcdn.net
www.banki4you.ru
www.sav.com
www1.offshore4you.info
d39f23jfph0ylk.cloudfront.net
vvkq495jac.a.trbcdn.net
www.sav.com
www1.offshore4you.info
193.47.33.109
208.91.196.46
2600:9000:2305:f200:18:ee85:a00:21
2607:f8b0:400d:c02::5f
2607:f8b0:400d:c1d::5e
45.33.2.79
46.229.162.174
75.2.81.212
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
20ba73bd31c1174f4bb0ca95fa30d9953bc20f2f5124305b62b1598955324d12
2a775d512b714a32d68031e6553e4afadfa75617b30c5f98ed08efde1b21e6b5
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
84ee01067f1eb2961803898867de0c0f0466f7359d0a41c1b526a336da6f3231
9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7
a292ab21ac4f0c3753f9e4383386b36651c7cd115664714e429ebdab1452eefe
aaa02260a550bd435a525d8108bc6df78bff8761f78b44389eb9e997a91c4fca
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c73c9d2639ee4ecc555040bb05de136847ae936b885925b56972549ccfe16a97
ed70c2cf61d0f24d03299ffc5896c7abd86bb858501987dc10e3afec086c01df
efaa56cfc01313d52faa021a48249f45aac009c471f604308eecabc93af51d09
f9465db7ea29bab32202c5df66565538e170a1e80983bc516eff4605951197f0

www1.offshore4you.info Open in urlscan Pro 75.2.81.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

57 %HTTPS

38 %IPv6

8 Domains

10 Subdomains

8 IPs

3 Countries

177 kBTransfer

385 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

www1.offshore4you.info Open in urlscan Pro
75.2.81.212 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

57 %
HTTPS

38 %
IPv6

8
Domains

10
Subdomains

8
IPs

3
Countries

177 kB
Transfer

385 kB
Size

3
Cookies

28 HTTP transactions
2 data transactions