x-xf.ru Open in urlscan Pro
5.181.255.59 Public Scan

URL:
http://x-xf.ru/www.adp.com
Submission: On April 05 via manual (April 5th 2020, 10:01:47 pm UTC) from US

Summary HTTP 25 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 16 domains to perform 25 HTTP transactions. The main IP is 5.181.255.59, located in Russian Federation and belongs to INTERNET-PRO-AS, RU. The main domain is x-xf.ru.

This is the only time x-xf.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	5.181.255.59 5.181.255.59	44128 (INTERNET-...) (INTERNET-PRO-AS)
1	2a02:6b8::36 2a02:6b8::36	13238 (YANDEX) (YANDEX)
2	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
1 2	88.99.218.62 88.99.218.62	24940 (HETZNER-AS) (HETZNER-AS)
1	104.20.229.52 104.20.229.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	149.202.17.208 149.202.17.208	16276 (OVH) (OVH)
1 2	2606:4700:20:... 2606:4700:20::681a:dae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	195.201.188.46 195.201.188.46	24940 (HETZNER-AS) (HETZNER-AS)
1 2	46.4.123.226 46.4.123.226	24940 (HETZNER-AS) (HETZNER-AS)
2 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 3	149.5.244.13 149.5.244.13	174 (COGENT-174) (COGENT-174)
25	14

4 5.181.255.59 (Russian Federation)

ASN44128 (INTERNET-PRO-AS, RU)
PTR: vm-baeab325.netangels.ru

x-xf.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::36 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.218.62 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: vs02.qcomment.ru

qcomment.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.229.52 (United States)

ASN13335 (CLOUDFLARENET, US)

warthunder.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.202.17.208 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: node-9.1-208.17.202.149.vistnet.net

payeer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:dae (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

socpublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 195.201.188.46 (Germany) 6 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.46.188.201.195.clients.your-server.de

www.instaforex.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.instaforex.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.instaforex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.4.123.226 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.226.123.4.46.clients.your-server.de

vktarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 149.5.244.13 (Helsinki, Finland) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	yandex.ru 2 redirects mc.yandex.ru	44 KB
3	webvisor.org 1 redirects mc.webvisor.org	1 KB
3	instaforex.com 2 redirects www.instaforex.com	1013 B
3	instaforex.org 2 redirects www.instaforex.org	1013 B
3	instaforex.eu 2 redirects www.instaforex.eu	1 KB
3	x-xf.ru x-xf.ru	9 KB
2	vktarget.ru 1 redirects vktarget.ru	532 B
2	socpublic.com 1 redirects socpublic.com	767 B
2	payeer.com 1 redirects payeer.com	692 B
2	qcomment.ru 1 redirects qcomment.ru	297 B
2	yadro.ru 1 redirects counter.yadro.ru	909 B
2	yastatic.net yastatic.net	28 KB
1	1counter.ru 1counter.ru
1	warthunder.ru warthunder.ru
1	jsdelivr.net cdn.jsdelivr.net	104 KB
1	yandex.net favicon.yandex.net	700 B
25	16

	Domain	Requested by
8	mc.yandex.ru	2 redirects yastatic.net x-xf.ru mc.yandex.ru cdn.jsdelivr.net
3	mc.webvisor.org	1 redirects x-xf.ru
3	www.instaforex.com	2 redirects x-xf.ru
3	www.instaforex.org	2 redirects x-xf.ru
3	www.instaforex.eu	2 redirects x-xf.ru
3	x-xf.ru	x-xf.ru
2	vktarget.ru	1 redirects x-xf.ru
2	socpublic.com	1 redirects x-xf.ru
2	payeer.com	1 redirects x-xf.ru
2	qcomment.ru	1 redirects x-xf.ru
2	counter.yadro.ru	1 redirects x-xf.ru
2	yastatic.net	x-xf.ru
1	1counter.ru	x-xf.ru
1	warthunder.ru	x-xf.ru
1	cdn.jsdelivr.net	x-xf.ru
1	favicon.yandex.net	x-xf.ru
25	16

This site contains links to these domains. Also see Links.

Domain
vk.com
connect.ok.ru
www.facebook.com
twitter.com
telegram.me
api.whatsapp.com

Subject Issuer	Validity	Valid
favicon.yandex.net Yandex CA	`2019-09-27` - `2020-09-26`	a year	crt.sh
static.yandex.net Yandex CA	`2019-09-06` - `2020-09-05`	a year	crt.sh
ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-22` - `2020-08-30`	6 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
qcomment.ru Let's Encrypt Authority X3	`2020-03-31` - `2020-06-29`	3 months	crt.sh
*.warthunder.ru RapidSSL RSA CA 2018	`2020-02-03` - `2022-02-02`	2 years	crt.sh
payeer.com COMODO RSA Domain Validation Secure Server CA	`2018-10-19` - `2020-11-01`	2 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-21` - `2020-10-09`	7 months	crt.sh
*.instaforex.eu COMODO RSA Domain Validation Secure Server CA	`2018-10-13` - `2020-10-18`	2 years	crt.sh
*.instaforex.org Sectigo RSA Domain Validation Secure Server CA	`2019-04-09` - `2020-04-14`	a year	crt.sh
*.instaforex.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-09` - `2021-10-10`	2 years	crt.sh
*.vktarget.ru AlphaSSL CA - SHA256 - G2	`2019-07-07` - `2020-07-07`	a year	crt.sh
1counter.ru Let's Encrypt Authority X3	`2020-03-26` - `2020-06-24`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
mc.webvisor.org Yandex CA	`2019-05-08` - `2020-05-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://x-xf.ru/www.adp.com
Frame ID: 4A360EACE575C0EEF13C19C86BBDAE1F
Requests: 30 HTTP requests in this frame

Frame: https://1counter.ru/c/
Frame ID: 3EBE0E5DE4BB6F3CC9E54EF7E234C195
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

25
Requests

88 %
HTTPS

38 %
IPv6

16
Domains

16
Subdomains

14
IPs

5
Countries

186 kB
Transfer

614 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://vk.com/share.php?url=http%3A%2F%2Fx-xf.ru%2Fwww.adp.com&title=Adp.com&utm_source=share2
Title: ВКонтакте

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=http%3A%2F%2Fx-xf.ru%2Fwww.adp.com&title=Adp.com&utm_source=share2
Title: Одноклассники

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?src=sp&u=http%3A%2F%2Fx-xf.ru%2Fwww.adp.com&title=Adp.com&utm_source=share2
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Adp.com&url=http%3A%2F%2Fx-xf.ru%2Fwww.adp.com&utm_source=share2
Title: Twitter

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=http%3A%2F%2Fx-xf.ru%2Fwww.adp.com&text=Adp.com&utm_source=share2
Title: Telegram

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Adp.com%20http%3A%2F%2Fx-xf.ru%2Fwww.adp.com&utm_source=share2
Title: WhatsApp

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://counter.yadro.ru/hit?r;uhttp%3A//x-xf.ru/www.adp.com;0.22080283249318433 HTTP 302
https://counter.yadro.ru/hit?q;r;uhttp%3A//x-xf.ru/www.adp.com;0.22080283249318433

Request Chain 7

https://qcomment.ru/ref/1637971 HTTP 302
https://qcomment.ru/

Request Chain 9

https://payeer.com/0739013 HTTP 302
https://payeer.com/en/

Request Chain 10

https://socpublic.com/?i=3349292 HTTP 302
https://socpublic.com/?slide=1

Request Chain 11

https://www.instaforex.eu/?x=HXBN HTTP 301
https://www.instaforex.eu/de/?x=HXBN HTTP 302
https://www.instaforex.eu/de/

Request Chain 12

https://www.instaforex.org/?x=HXBN HTTP 301
https://www.instaforex.org/de/?x=HXBN HTTP 302
https://www.instaforex.org/de/

Request Chain 13

https://www.instaforex.com/?x=HXBN HTTP 301
https://www.instaforex.com/de/?x=HXBN HTTP 302
https://www.instaforex.com/de/

Request Chain 14

https://vktarget.ru/?ref=5706905 HTTP 301
https://vktarget.ru/

Request Chain 23

https://mc.yandex.ru/watch/3?wmode=7&page-ref=http%3A%2F%2Fx-xf.ru%2Fwww.adp.com&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1841%3Awv%3A2%3Ast%3A1586124089%3Au%3A158612408910081578%3Ahi%3A HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=http%3A%2F%2Fx-xf.ru%2Fwww.adp.com&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1841%3Awv%3A2%3Ast%3A1586124089%3Au%3A158612408910081578%3Ahi%3A

Request Chain 26

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=8869.wwXAmFJviGIrLUvsIOYANKy2MKh7-VzldjGMAhdDmjm9rdSsQnctUswGm8qy7u85.kzD5yInc4SjVp44opw3y0zmO8Cg%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=8869.iSfBKZli1IsvZnsWVuvhAoqRPd4jH--h0rpddM_nSPtSR-jH-mkA-VG7pUAczKDxdQeR_zBaXVcI5sJfQZp6XHepjRPCFiVzOGw5a6DLvfs%2C.fvKq657UYa-XaaXpODzUBrJq5yg%2C

25 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request Cookie set www.adp.com Show response
x-xf.ru/ 23 KB
7 KB 4455ms
4385ms Document
text/html 5.181.255.59
INTERNET-PRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://x-xf.ru/www.adp.com
Protocol: HTTP/1.1
Server: 5.181.255.59 , Russian Federation, ASN44128 (INTERNET-PRO-AS, RU),
Reverse DNS: vm-baeab325.netangels.ru
Software: nginx /
Resource Hash: 583910991b4dd7dcc81ab8ad9bc9ba5c4186f12fa1e0392f43c36fe452169aca

Request headers

Host: x-xf.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Sun, 05 Apr 2020 22:01:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6332
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sun, 05 Apr 2020 22:01:24 GMT
Referrer-Policy: no-referrer
Content-Encoding: gzip
Set-Cookie: PHPSESSID=18b675850079a5769c85b116ccf8813e; expires=Mon, 06-Apr-2020 22:01:28 GMT; Max-Age=86400; path=/; domain=.x-xf.ru

GET
H/1.1 200
OK style.css
x-xf.ru/ 1 KB
1 KB 101ms
101ms Stylesheet
text/css 5.181.255.59
INTERNET-PRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://x-xf.ru/style.css
Requested by: Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com
Protocol: HTTP/1.1
Server: 5.181.255.59 , Russian Federation, ASN44128 (INTERNET-PRO-AS, RU),
Reverse DNS: vm-baeab325.netangels.ru
Software: nginx /
Resource Hash: 26f4c9bcf209773a5c88ea76eb0e947673eb6e236305412becf67e5fbbd51351

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 05 Apr 2020 22:01:28 GMT
Last-Modified: Wed, 13 Nov 2019 07:25:15 GMT
Server: nginx
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1252
Expires: Tue, 05 May 2020 22:01:28 GMT

GET
H/1.1 200
OK favicon.ico
x-xf.ru/ 318 B
602 B 187ms
166ms Image
image/x-icon 5.181.255.59
INTERNET-PRO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://x-xf.ru/favicon.ico
Requested by: Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com
Protocol: HTTP/1.1
Server: 5.181.255.59 , Russian Federation, ASN44128 (INTERNET-PRO-AS, RU),
Reverse DNS: vm-baeab325.netangels.ru
Software: nginx /
Resource Hash: ed6fee9ae39e038779e4eaa75850551f4c9074fb7faf4e71db0ed376d6275425

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 05 Apr 2020 22:01:28 GMT
Last-Modified: Sat, 27 Dec 2014 09:02:55 GMT
Server: nginx
Content-Type: image/x-icon
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 318
Expires: Tue, 05 May 2020 22:01:28 GMT

GET
H/1.1 200
Ok adp.com
favicon.yandex.net/favicon/ 487 B
700 B 143ms
47ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/adp.com

Requested by

Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c5f8e4a10232486f2012772882e86999f29c7c50b3fd7b6efb6196e780b600d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

access-control-allow-origin: *
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 es5-shims.min.js Show response
yastatic.net/es5-shims/0.0.2/ 3 KB
2 KB 99ms
32ms Script
application/x-javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/es5-shims/0.0.2/es5-shims.min.js

Requested by

Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.8 /

Resource Hash

40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 22:01:28 GMT
content-encoding: br
last-modified: Thu, 25 Oct 2018 11:27:00 GMT
server: nginx/1.17.8
access-control-allow-origin: *
etag: W/"32e3b4f3a8f6048da9934fec1ca08cea"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
x-nginx-request-id: 9b32e04eb61e3e69
cache-control: public, max-age=216013
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
expires: Wed, 08 Apr 2020 10:00:46 GMT

GET
H2 200 share.js Show response
yastatic.net/share2/ 79 KB
27 KB 136ms
69ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/share2/share.js

Requested by

Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.8 /

Resource Hash

97a6c819b850b610dbf983cab5f5ae7e4e14cdfbf24801f7ad912db3ab416204

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 22:01:28 GMT
content-encoding: br
last-modified: Fri, 10 Jan 2020 11:19:39 GMT
server: nginx/1.17.8
access-control-allow-origin: *
etag: W/"b80b4fcc1d52aa20936d1312222209d6"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-nginx-request-id: de1cbf46f21f89c2
cache-control: public, max-age=216009
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
expires: Wed, 08 Apr 2020 09:59:58 GMT

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 368 KB
104 KB 16ms
15ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51733d09b3bfb13f0bb767ccba1428ab12ed56460f47e0227375a0b2e6b6986c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 22:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11566
cf-ray: 57f68c433fa11f51-FRA
x-cache: HIT
status: 200
vary: Accept-Encoding
x-served-by: cache-fra19164-FRA
server: cloudflare
etag: W/"5bec1-rZpa6t2BQSdEnlGvBvDaev8H5us"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;uhttp%3A//x-xf.ru/www.adp.com;0.22080283249318433
https://counter.yadro.ru/hit?q;r;uhttp%3A//x-xf.ru/www.adp.com;0.22080283249318433

43 B
421 B

64ms
64ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.yadro.ru/hit?q;r;uhttp%3A//x-xf.ru/www.adp.com;0.22080283249318433
Requested by: Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host210.rax.ru
Software: nginx/1.17.9 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 22:01:29 GMT
Server: nginx/1.17.9
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 06 Apr 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 22:01:28 GMT
Server: nginx/1.17.9
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;uhttp%3A//x-xf.ru/www.adp.com;0.22080283249318433
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 06 Apr 2019 21:00:00 GMT

GET
H2

200

/
qcomment.ru/
Redirect Chain

https://qcomment.ru/ref/1637971
https://qcomment.ru/

0
0

62ms
61ms

Image
text/html

88.99.218.62
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qcomment.ru/
Requested by: Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.218.62 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: vs02.qcomment.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sun, 05 Apr 2020 22:01:28 GMT
server: nginx
location: https://qcomment.ru/
content-type: text/html; charset=utf-8
status: 302
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-server: new
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 registration
warthunder.ru/ru/ 0
0 528ms
474ms Image
text/html 104.20.229.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warthunder.ru/ru/registration?r=userinvite_35534805
Requested by: Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

access-control-allow-origin: //static.warthunder.ru

GET
H/1.1

200
OK

/
payeer.com/en/
Redirect Chain

https://payeer.com/0739013
https://payeer.com/en/

0
0

120ms
120ms

Image
text/html

149.202.17.208
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payeer.com/en/
Requested by: Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 149.202.17.208 , France, ASN16276 (OVH, FR),
Reverse DNS: node-9.1-208.17.202.149.vistnet.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Date: Sun, 05 Apr 2020 22:01:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: iCore Proxy Module
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: /en/
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

/
socpublic.com/
Redirect Chain

https://socpublic.com/?i=3349292
https://socpublic.com/?slide=1

0
0

139ms
137ms

Image
text/html

2606:4700:20::681a:dae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://socpublic.com/?slide=1
Requested by: Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Sun, 05 Apr 2020 22:01:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: /?slide=1
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-store, no-cache, must-revalidate
cf-ray: 57f68c43ca6fd729-FRA

GET
H2

200

/
www.instaforex.eu/de/
Redirect Chain

https://www.instaforex.eu/?x=HXBN
https://www.instaforex.eu/de/?x=HXBN
https://www.instaforex.eu/de/

0
0

725ms
724ms

Image
text/html

195.201.188.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.instaforex.eu/de/
Requested by: Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.188.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.188.201.195.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Sun, 05 Apr 2020 22:01:30 GMT
x-content-type-options: nosniff
server: nginx
location: https://www.instaforex.eu/de/
x-powered-by: PHP/7.3.16
x-frame-options: DENY
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache
strict-transport-security: max-age=31536000;
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 05 Apr 2020 22:01:29 GMT

GET
H2

200

/
www.instaforex.org/de/
Redirect Chain

https://www.instaforex.org/?x=HXBN
https://www.instaforex.org/de/?x=HXBN
https://www.instaforex.org/de/

0
0

886ms
886ms

Image
text/html

195.201.188.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.instaforex.org/de/
Requested by: Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.188.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.188.201.195.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Sun, 05 Apr 2020 22:01:29 GMT
x-content-type-options: nosniff
server: nginx
location: https://www.instaforex.org/de/
x-powered-by: PHP/7.3.16
x-frame-options: DENY
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache
strict-transport-security: max-age=31536000;
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 05 Apr 2020 22:01:28 GMT

GET
H2

200

/
www.instaforex.com/de/
Redirect Chain

https://www.instaforex.com/?x=HXBN
https://www.instaforex.com/de/?x=HXBN
https://www.instaforex.com/de/

0
0

766ms
766ms

Image
text/html

195.201.188.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.instaforex.com/de/
Requested by: Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.188.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.188.201.195.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Sun, 05 Apr 2020 22:01:29 GMT
x-content-type-options: nosniff
server: nginx
location: https://www.instaforex.com/de/
x-powered-by: PHP/7.3.16
x-frame-options: DENY
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache
strict-transport-security: max-age=31536000;
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 05 Apr 2020 22:01:28 GMT

GET
H/1.1

200
OK

/
vktarget.ru/
Redirect Chain

https://vktarget.ru/?ref=5706905
https://vktarget.ru/

0
0

97ms
97ms

Image
text/html

46.4.123.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vktarget.ru/
Requested by: Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.4.123.226 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.226.123.4.46.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 22:01:29 GMT
Vary: User-Agent
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://vktarget.ru/
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 404
Not Found /
1counter.ru/c/ Frame 3EBE 0
0 531ms
97ms Document
text/html 5.181.255.59
INTERNET-PRO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1counter.ru/c/
Requested by: Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.181.255.59 , Russian Federation, ASN44128 (INTERNET-PRO-AS, RU),
Reverse DNS: vm-baeab325.netangels.ru
Software: nginx /
Resource Hash

Request headers

Host: 1counter.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe

Response headers

Server: nginx
Date: Sun, 05 Apr 2020 22:01:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 799
Connection: keep-alive
Referrer-Policy: no-referrer
Cache-Control: max-age=86400, public
Expires: Mon, 06 Apr 2020 22:01:29 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK watch.js Show response
mc.yandex.ru/metrika/ 135 KB
40 KB 230ms
91ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/share2/share.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

a160fd1060c77d86dcf2601dd586bb11d94c02628225a3008347bef00d14fc95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 05 Apr 2020 22:01:29 GMT
Content-Encoding: br
Last-Modified: Tue, 31 Mar 2020 08:20:32 GMT
Server: nginx/1.14.2
ETag: "5e82fd50-9eef"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 40687
Expires: Sun, 05 Apr 2020 23:01:29 GMT

GET
DATA 200
OK truncated
/ 799 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 520 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5307f101ffa74d83e44ccc5cbaa1193577fe0c9c659fb40fedb9d403acbb186a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1

302
Found

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-ref=http%3A%2F%2Fx-xf.ru%2Fwww.adp.com&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1841%3Awv%3A2%3Ast%3A1586124089%3Au%3A1586124089100815...
https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=http%3A%2F%2Fx-xf.ru%2Fwww.adp.com&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1841%3Awv%3A2%3Ast%3A1586124089%3Au%3A15861240891008...

0
-1 B

68ms
46ms

XHR

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=http%3A%2F%2Fx-xf.ru%2Fwww.adp.com&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1841%3Awv%3A2%3Ast%3A1586124089%3Au%3A158612408910081578%3Ahi%3A

Requested by

Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 22:01:29 GMT
Last-Modified: Sun, 05-Apr-2020 22:01:29 GMT
Server: nginx/1.14.2
Location: /watch/3/1?wmode=7&page-ref=http%3A%2F%2Fx-xf.ru%2Fwww.adp.com&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1841%3Awv%3A2%3Ast%3A1586124089%3Au%3A158612408910081578%3Ahi%3A
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: http://x-xf.ru
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Sun, 05-Apr-2020 22:01:29 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 22:01:29 GMT
Last-Modified: Sun, 05-Apr-2020 22:01:29 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: http://x-xf.ru
Strict-Transport-Security: max-age=31536000
Location: /watch/3/1?wmode=7&page-ref=http%3A%2F%2Fx-xf.ru%2Fwww.adp.com&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1841%3Awv%3A2%3Ast%3A1586124089%3Au%3A158612408910081578%3Ahi%3A
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Sun, 05-Apr-2020 22:01:29 GMT

GET
H/1.1 200
OK advert.gif
mc.webvisor.org/metrika/ 43 B
425 B 241ms
79ms Image
image/gif 149.5.244.13
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/metrika/advert.gif

Requested by

Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

149.5.244.13 Helsinki, Finland, ASN174 (COGENT-174, US),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 05 Apr 2020 22:01:29 GMT
Last-Modified: Fri, 17 Jan 2020 08:05:01 GMT
Server: nginx/1.14.2
ETag: "5e216aad-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 05 Apr 2020 23:01:29 GMT

GET
H/1.1 200
OK 1 Show response
mc.yandex.ru/watch/3/ 35 B
576 B 72ms
47ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: http://x-xf.ru
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 22:01:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 05-Apr-2020 22:01:29 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://x-xf.ru
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35
X-XSS-Protection: 1; mode=block
Expires: Sun, 05-Apr-2020 22:01:29 GMT

GET
H/1.1

200
OK

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=8869.wwXAmFJviGIrLUvsIOYANKy2MKh7-VzldjGMAhdDmjm9rdSsQnctUswGm8qy7u85.kzD5yInc4SjVp44opw3y0zmO8Cg%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=8869.iSfBKZli1IsvZnsWVuvhAoqRPd4jH--h0rpddM_nSPtSR-jH-mkA-VG7pUAczKDxdQeR_zBaXVcI5sJfQZp6XHepjRPCFiVzOGw5a6DLvfs%2C.fvKq657UYa-XaaXpODzUBrJq5y...

43 B
487 B

79ms
79ms

Image
image/gif

149.5.244.13
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=8869.iSfBKZli1IsvZnsWVuvhAoqRPd4jH--h0rpddM_nSPtSR-jH-mkA-VG7pUAczKDxdQeR_zBaXVcI5sJfQZp6XHepjRPCFiVzOGw5a6DLvfs%2C.fvKq657UYa-XaaXpODzUBrJq5yg%2C

Requested by

Host: x-xf.ru
URL: http://x-xf.ru/www.adp.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

149.5.244.13 Helsinki, Finland, ASN174 (COGENT-174, US),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 05 Apr 2020 22:01:29 GMT
Strict-Transport-Security: max-age=31536000
Server: nginx/1.14.2
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Content-Type: image/gif

Redirect headers

Location: https://mc.webvisor.org/sync_cookie_image_decide?token=8869.iSfBKZli1IsvZnsWVuvhAoqRPd4jH--h0rpddM_nSPtSR-jH-mkA-VG7pUAczKDxdQeR_zBaXVcI5sJfQZp6XHepjRPCFiVzOGw5a6DLvfs%2C.fvKq657UYa-XaaXpODzUBrJq5yg%2C
Date: Sun, 05 Apr 2020 22:01:29 GMT
Strict-Transport-Security: max-age=31536000
Server: nginx/1.14.2
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK 26812653 Show response
mc.yandex.ru/watch/ 133 B
675 B 47ms
47ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26812653?wmode=7&page-url=http%3A%2F%2Fx-xf.ru%2Fwww.adp.com&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1586124084262%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20200406000129%3Aet%3A1586124089%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A397205806%3Ahid%3A54342365%3Ads%3A48%2C21%2C4385%2C0%2C0%2C0%2C0%2C188%2C0%2C%2C%2C%2C4644%3Afp%3A4660%3Agdpr%3A14%3Aeu%3A1%3Av%3A1834%3Ast%3A1586124089%3Au%3A158612408910081578%3At%3AAdp.com

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

b1f80aa59926fe853f7f1f7995cedcc68c9381c0544a70092ae171418cd8e71e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: http://x-xf.ru
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 22:01:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 05-Apr-2020 22:01:29 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://x-xf.ru
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 133
X-XSS-Protection: 1; mode=block
Expires: Sun, 05-Apr-2020 22:01:29 GMT

POST
H/1.1 200
OK 1
mc.yandex.ru/watch/26812653/ 43 B
529 B 40ms
40ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26812653/1?page-url=http%3A%2F%2Fx-xf.ru%2Fwww.adp.com&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1586124084262%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A2%3Az%3A120%3Ai%3A20200406000129%3Aet%3A1586124089%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Arn%3A689992106%3Ahid%3A54342365%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1834%3Ast%3A1586124089%3Au%3A158612408910081578

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Origin: http://x-xf.ru
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 22:01:29 GMT
Last-Modified: Sun, 05-Apr-2020 22:01:29 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: http://x-xf.ru
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Sun, 05-Apr-2020 22:01:29 GMT

POST
H/1.1 200
OK 61625470 Show response
mc.yandex.ru/watch/ 152 B
694 B 46ms
46ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/61625470?wmode=7&page-url=http%3A%2F%2Fx-xf.ru%2Fwww.adp.com&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1586124084262%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20200406000128%3Aet%3A1586124090%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A26865667%3Ahid%3A54342365%3Ads%3A48%2C21%2C4385%2C0%2C0%2C0%2C0%2C188%2C0%2C%2C%2C%2C4644%3Afp%3A4660%3Agdpr%3A14%3Aeu%3A1%3Av%3A1841%3Awv%3A2%3Ast%3A1586124090%3Au%3A158612408910081578%3Ahi%3A%3At%3AAdp.com

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

2c3235dac9a201ed1500b94ba19ab7e46a9de2d594a2de544bea45a4d6a18732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: http://x-xf.ru
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 22:01:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 05-Apr-2020 22:01:29 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://x-xf.ru
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 152
X-XSS-Protection: 1; mode=block
Expires: Sun, 05-Apr-2020 22:01:29 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.x-xf.ru/	1970-01-19 08:35:25	Name: _ym_visorc_61625470 Value: w
.x-xf.ru/	1970-01-19 08:36:36	Name: _ym_isad Value: 2
.x-xf.ru/	1970-01-19 17:21:00	Name: _ym_d Value: 1586124089
.x-xf.ru/	1970-01-19 08:36:50	Name: PHPSESSID Value: 18b675850079a5769c85b116ccf8813e
.x-xf.ru/	1970-01-19 08:37:07	Name: _ym_wasSynced Value: %7B%22time%22%3A1586124089137%2C%22params%22%3A%7B%22eu%22%3A1%7D%2C%22bkParams%22%3A%7B%7D%7D
.x-xf.ru/	1970-01-19 17:21:00	Name: _ym_uid Value: 158612408910081578

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1counter.ru
cdn.jsdelivr.net
counter.yadro.ru
favicon.yandex.net
mc.webvisor.org
mc.yandex.ru
payeer.com
qcomment.ru
socpublic.com
vktarget.ru
warthunder.ru
www.instaforex.com
www.instaforex.eu
www.instaforex.org
x-xf.ru
yastatic.net
104.20.229.52
149.202.17.208
149.5.244.13
195.201.188.46
2606:4700:20::681a:dae
2606:4700::6810:5514
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::36
46.4.123.226
5.181.255.59
88.212.201.210
88.99.218.62
20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d
26f4c9bcf209773a5c88ea76eb0e947673eb6e236305412becf67e5fbbd51351
2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5
2c3235dac9a201ed1500b94ba19ab7e46a9de2d594a2de544bea45a4d6a18732
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140
51733d09b3bfb13f0bb767ccba1428ab12ed56460f47e0227375a0b2e6b6986c
5307f101ffa74d83e44ccc5cbaa1193577fe0c9c659fb40fedb9d403acbb186a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
583910991b4dd7dcc81ab8ad9bc9ba5c4186f12fa1e0392f43c36fe452169aca
8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd
97a6c819b850b610dbf983cab5f5ae7e4e14cdfbf24801f7ad912db3ab416204
a160fd1060c77d86dcf2601dd586bb11d94c02628225a3008347bef00d14fc95
b1f80aa59926fe853f7f1f7995cedcc68c9381c0544a70092ae171418cd8e71e
c5f8e4a10232486f2012772882e86999f29c7c50b3fd7b6efb6196e780b600d7
cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6
ed6fee9ae39e038779e4eaa75850551f4c9074fb7faf4e71db0ed376d6275425
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

x-xf.ru Open in urlscan Pro 5.181.255.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

25 Requests

88 %HTTPS

38 %IPv6

16 Domains

16 Subdomains

14 IPs

5 Countries

186 kBTransfer

614 kBSize

6 Cookies

6 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

x-xf.ru Open in urlscan Pro
5.181.255.59 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

88 %
HTTPS

38 %
IPv6

16
Domains

16
Subdomains

14
IPs

5
Countries

186 kB
Transfer

614 kB
Size

6
Cookies

25 HTTP transactions
6 data transactions