urlscan.io logo urlscan.io
SecurityTrails logo

safety-2study.us Open in urlscan Pro
104.21.57.198  Public Scan

Go To Rescan Add Verdict Report
URL: https://safety-2study.us/
Submission Tags: krdprod
Submission: On October 27 via api from JP — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 104.21.57.198, located in United States and belongs to CLOUDFLARENET, US. The main domain is safety-2study.us.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 27th 2021. Valid for: a year.
This is the only time safety-2study.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 104.21.57.198 13335 (CLOUDFLAR...)
2 157.240.20.19 32934 (FACEBOOK)
7 151.236.71.171 204720 (CDNETWORKS)
2 178.248.234.191 197068 (QRATOR)
15 5
Domain Requested by
7 static.tildacdn.com safety-2study.us
tilda.ws
4 safety-2study.us safety-2study.us
2 tilda.ws safety-2study.us
2 connect.facebook.net safety-2study.us
15 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-27 -
2022-10-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-05 -
2021-11-03		 3 months crt.sh
*.tildacdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-19 -
2022-03-19		 a year crt.sh
*.tilda.ws
Sectigo RSA Domain Validation Secure Server CA		 2020-07-31 -
2022-08-02		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://safety-2study.us/
Frame ID: CDE4B25F04F2A01E01668E7780C45A36
Requests: 2 HTTP requests in this frame

Frame: https://safety-2study.us/lander/procladca-prombanc-object/land/?_token=uuid_3fgfann3rjas_3fgfann3rjas61793ab84cdec5.56864148&
Frame ID: D81A34085109DA5EEA54F5BB12942DEB
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новые возможности

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

207 kB
Transfer

525 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
safety-2study.us/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safety-2study.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.57.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96838cb44b702d907921f0be627f34fe830559cb4d52bcb769be9d5a9bd4f4f0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 27 Oct 2021 11:40:40 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires
0
last-modified
Wed, 27 Oct 2021 11:40:40 GMT
pragma
no-cache
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMnYoPRpFDgEfxkYFwCw39jAT6LYbW75cZmBUBPPKydN14KdNTnx%2BkPrR0%2BlOcXQPvGkGKSawvZq%2BGod36J4qiK9JjDM%2F6lknMxxuY0RMVVIFxMcxzTsanEx3diO%2F97lQgXp"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a4ba69dbf3a2b1e-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: safety-2study.us
URL: https://safety-2study.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://safety-2study.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
9Z34nGId9+ocN5QCzg7Ef7bLfcbKB7E4RQXl16FRnUfOPovH+20AJMyEP6lXLNxYvRqVc6uCbXJmeAWbIYn/IA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 27 Oct 2021 11:40:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
safety-2study.us/lander/procladca-prombanc-object/land/ Frame D81A 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safety-2study.us/lander/procladca-prombanc-object/land/?_token=uuid_3fgfann3rjas_3fgfann3rjas61793ab84cdec5.56864148&
Requested by
Host: safety-2study.us
URL: https://safety-2study.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.57.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
550c4fd3409c464e8299e16f7aebe3c4d46abe644213d92bf475c636a16b1e7f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://safety-2study.us/

Response headers

date
Wed, 27 Oct 2021 11:40:40 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nChl4SxB2UQIZWkqfQyfwR2zD%2FKSVvVU5v72%2FNx2bhYI%2FCOKDLbbNxm7Ezx5T0xjW%2BtKIT5fA3syy0HkAL%2Bfi9i41%2FAAQb8yMum%2FWWFq%2B8kknKe2zpEks2fTKN%2BpbanfKLKi"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a4ba6a0ecbe2b1e-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
tilda-grid-3.0.min.css
static.tildacdn.com/css/ Frame D81A 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.com/css/tilda-grid-3.0.min.css
Requested by
Host: safety-2study.us
URL: https://safety-2study.us/lander/procladca-prombanc-object/land/?_token=uuid_3fgfann3rjas_3fgfann3rjas61793ab84cdec5.56864148&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.171 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
f5c301b8769579afae9deb4eda7659df32661229039c6b7a37cfabd1827317ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://safety-2study.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:40:40 GMT
content-encoding
gzip
tserver
11
last-modified
Thu, 18 Mar 2021 12:08:37 GMT
server
nginx
etag
W/"605342c5-1010"
content-type
text/css
cache-control
max-age=86400
tilda-blocks-2.12.css
tilda.ws/project752440/ Frame D81A 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tilda.ws/project752440/tilda-blocks-2.12.css?t=1531775369
Requested by
Host: safety-2study.us
URL: https://safety-2study.us/lander/procladca-prombanc-object/land/?_token=uuid_3fgfann3rjas_3fgfann3rjas61793ab84cdec5.56864148&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.234.191 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
26518e4078795128d1285d9fb1bb9b8b699169174fcf68ec2911c3a296061bd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://safety-2study.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 11:40:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Jul 2018 21:09:29 GMT
Server
QRATOR
Transfer-Encoding
chunked
Content-Type
text/css
X-Host
tilda.ws
Connection
keep-alive
Keep-Alive
timeout=15
tilda-animation-1.0.min.css
static.tildacdn.com/css/ Frame D81A 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.com/css/tilda-animation-1.0.min.css
Requested by
Host: safety-2study.us
URL: https://safety-2study.us/lander/procladca-prombanc-object/land/?_token=uuid_3fgfann3rjas_3fgfann3rjas61793ab84cdec5.56864148&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.171 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
d845ac461a77e54af0e48ca2e3dcac959f793205c2eefbf1d698bc0f73998f34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://safety-2study.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:40:40 GMT
content-encoding
gzip
tserver
9
last-modified
Sun, 04 Jul 2021 13:39:45 GMT
server
nginx
etag
W/"60e1ba21-28a4"
content-type
text/css
cache-control
max-age=86400
jquery-1.10.2.min.js
static.tildacdn.com/js/ Frame D81A 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.com/js/jquery-1.10.2.min.js
Requested by
Host: safety-2study.us
URL: https://safety-2study.us/lander/procladca-prombanc-object/land/?_token=uuid_3fgfann3rjas_3fgfann3rjas61793ab84cdec5.56864148&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.171 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://safety-2study.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:40:40 GMT
content-encoding
gzip
tserver
13
last-modified
Sun, 25 Apr 2021 08:11:36 GMT
server
nginx
etag
W/"60852438-16b88"
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
tilda-scripts-2.8.min.js
static.tildacdn.com/js/ Frame D81A 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.com/js/tilda-scripts-2.8.min.js
Requested by
Host: safety-2study.us
URL: https://safety-2study.us/lander/procladca-prombanc-object/land/?_token=uuid_3fgfann3rjas_3fgfann3rjas61793ab84cdec5.56864148&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.171 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
f6470dc62a176c496d4754710effd20362288260e9d15c1b390b7391406e8564

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://safety-2study.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:40:40 GMT
content-encoding
gzip
tserver
8
last-modified
Thu, 02 Sep 2021 09:57:46 GMT
server
nginx
etag
W/"6130a01a-e3bc"
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
tilda-blocks-2.7.js
tilda.ws/project752440/ Frame D81A 		0
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tilda.ws/project752440/tilda-blocks-2.7.js?t=1531775369
Requested by
Host: safety-2study.us
URL: https://safety-2study.us/lander/procladca-prombanc-object/land/?_token=uuid_3fgfann3rjas_3fgfann3rjas61793ab84cdec5.56864148&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.234.191 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://safety-2study.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 11:40:41 GMT
Last-Modified
Mon, 16 Jul 2018 21:09:29 GMT
Server
QRATOR
Content-Type
application/javascript
X-Host
tilda.ws
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
0
lazyload-1.3.min.js
static.tildacdn.com/js/ Frame D81A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.com/js/lazyload-1.3.min.js
Requested by
Host: safety-2study.us
URL: https://safety-2study.us/lander/procladca-prombanc-object/land/?_token=uuid_3fgfann3rjas_3fgfann3rjas61793ab84cdec5.56864148&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.171 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a4eb1c41366018b711e43dcce520ebd5587ef1c97d06cdf1e7cc9dca4a8285de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://safety-2study.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:40:40 GMT
content-encoding
gzip
tserver
13
last-modified
Tue, 19 Oct 2021 10:16:37 GMT
server
nginx
etag
W/"616e9b05-4374"
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
tilda-animation-1.0.min.js
static.tildacdn.com/js/ Frame D81A 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.com/js/tilda-animation-1.0.min.js
Requested by
Host: safety-2study.us
URL: https://safety-2study.us/lander/procladca-prombanc-object/land/?_token=uuid_3fgfann3rjas_3fgfann3rjas61793ab84cdec5.56864148&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.171 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
9480d469e680c9e6b9750db90c7a7167e6846811a98a13a678d21404cdc63c19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://safety-2study.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:40:40 GMT
content-encoding
gzip
tserver
9
last-modified
Tue, 12 Oct 2021 12:27:05 GMT
server
nginx
etag
W/"61657f19-4773"
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
fonts-roboto.css
static.tildacdn.com/css/ Frame D81A 		5 KB
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.com/css/fonts-roboto.css
Requested by
Host: tilda.ws
URL: https://tilda.ws/project752440/tilda-blocks-2.12.css?t=1531775369
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.171 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
19e5c120662b7b218256fca0bf2ef14b084d3a02bc5effc8bb690ff65f08055d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tilda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:40:41 GMT
content-encoding
gzip
tserver
12
last-modified
Sun, 25 Apr 2021 08:12:16 GMT
server
nginx
etag
W/"60852460-1464"
content-type
text/css
cache-control
max-age=86400
fbevents.js
connect.facebook.net/en_US/ Frame D81A 		98 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: safety-2study.us
URL: https://safety-2study.us/lander/procladca-prombanc-object/land/?_token=uuid_3fgfann3rjas_3fgfann3rjas61793ab84cdec5.56864148&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://safety-2study.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
9Z34nGId9+ocN5QCzg7Ef7bLfcbKB7E4RQXl16FRnUfOPovH+20AJMyEP6lXLNxYvRqVc6uCbXJmeAWbIYn/IA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 27 Oct 2021 11:40:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bg-2.jpg
safety-2study.us/lander/procladca-prombanc-object/land/img/ Frame D81A 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safety-2study.us/lander/procladca-prombanc-object/land/img/bg-2.jpg
Requested by
Host: safety-2study.us
URL: https://safety-2study.us/lander/procladca-prombanc-object/land/?_token=uuid_3fgfann3rjas_3fgfann3rjas61793ab84cdec5.56864148&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.57.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f4517775b72f7923f8704565ffbf4b6eab4ab42acaca1b2b5098e25f92a7e9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://safety-2study.us/lander/procladca-prombanc-object/land/?_token=uuid_3fgfann3rjas_3fgfann3rjas61793ab84cdec5.56864148&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:40:41 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77387
last-modified
Wed, 06 Oct 2021 16:00:09 GMT
server
cloudflare
etag
"615dc809-12e4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2Fs%2BBleAMyeF1PazN0AOOx6XBIbvN2p826lOgWKjo0OKyErAEdZOAn7swgRSDvcIFHPEgzM43Af0zySFUiSf6MmnNlAyRnnMq%2BmdNgW9uiHFzU1lrfvSv9NQ3ZAfKWSS4DOP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
6a4ba6a68cb8535d-FRA
expires
Sat, 06 Nov 2021 11:40:41 GMT
index.php
safety-2study.us/lander/procladca-prombanc-object/land/ Frame D81A 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safety-2study.us/lander/procladca-prombanc-object/land/index.php
Requested by
Host: safety-2study.us
URL: https://safety-2study.us/lander/procladca-prombanc-object/land/?_token=uuid_3fgfann3rjas_3fgfann3rjas61793ab84cdec5.56864148&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.57.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://safety-2study.us/lander/procladca-prombanc-object/land/?_token=uuid_3fgfann3rjas_3fgfann3rjas61793ab84cdec5.56864148&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 11:40:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdJEoSs2f4lp1Qy9XTnJny7YYDGBUzmIl0lQi6opXZD%2Bfzp6ie2ITJazoL8KGLj90aWszIt8P8l7z2VcQq6CMEYj%2Bk3R53udECXq08fdiWPoVGhTyZacUNYPhZ2jWHlbcqQJ"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
6a4ba6a68cbc535d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
truncated
/ Frame D81A 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/webp

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| fbq function| _fbq

3 Cookies

Domain/Path Name / Value
safety-2study.us/ Name: _subid
Value: 3fgfann3rjas
safety-2study.us/ Name: _token
Value: uuid_3fgfann3rjas_3fgfann3rjas61793ab84cdec5.56864148
safety-2study.us/ Name: 57c5e
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjExNFwiOjE2MzUzMzQ4NDB9LFwiY2FtcGFpZ25zXCI6e1wiMjYwXCI6MTYzNTMzNDg0MH0sXCJ0aW1lXCI6MTYzNTMzNDg0MH0ifQ.vrtcznnJuX2z1oaQmqoN6Bc9WMjfAKDqPw9I7hF33Vk