URL: https://www.xqbhlpay.xfutures.ru/
Submission: On February 13 via automatic, source certstream-suspicious

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 47 HTTP transactions. The main IP is 45.147.197.110, located in Ukraine and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is www.xqbhlpay.xfutures.ru.
TLS certificate: Issued by R3 on February 13th 2021. Valid for: 3 months.
This is the only time www.xqbhlpay.xfutures.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 45.147.197.110 204601 (ON-LINE-D...)
10 2a02:6b8:20::215 13238 (YANDEX)
1 8 2a02:6b8::1:119 13238 (YANDEX)
1 2a02:6b8::1ed 13238 (YANDEX)
4 2a02:6b8:a::a 13238 (YANDEX)
47 6
Apex Domain
Subdomains
Transfer
24 xfutures.ru
www.xqbhlpay.xfutures.ru
2 MB
13 yandex.ru
mc.yandex.ru
forms.yandex.ru
yandex.ru
117 KB
10 yastatic.net
yastatic.net
441 KB
0 googleapis.com Failed
fonts.googleapis.com Failed
47 4
Domain Requested by
24 www.xqbhlpay.xfutures.ru www.xqbhlpay.xfutures.ru
10 yastatic.net www.xqbhlpay.xfutures.ru
forms.yandex.ru
yastatic.net
8 mc.yandex.ru 1 redirects www.xqbhlpay.xfutures.ru
yastatic.net
mc.yandex.ru
4 yandex.ru forms.yandex.ru
1 forms.yandex.ru www.xqbhlpay.xfutures.ru
0 fonts.googleapis.com Failed www.xqbhlpay.xfutures.ru
47 6

This site contains links to these domains. Also see Links.

Domain
www.binance.com
twitter.com
www.facebook.com
instagram.com
xfutures.ru
Subject Issuer Validity Valid
xqbhlpay.xfutures.ru
R3
2021-02-13 -
2021-05-14
3 months crt.sh
*.yastatic.net
Yandex CA
2020-09-29 -
2021-03-30
6 months crt.sh
mc.yandex.ru
Yandex CA
2020-09-29 -
2021-03-11
5 months crt.sh
forms.yandex.ru
Yandex CA
2020-09-30 -
2021-03-29
6 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
Yandex CA
2020-10-01 -
2021-04-01
6 months crt.sh

This page contains 2 frames:

Primary Page: https://www.xqbhlpay.xfutures.ru/
Frame ID: B41FD544E122BDE4C9DFE11E3617E9ED
Requests: 29 HTTP requests in this frame

Frame: https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
Frame ID: 0E526169DC1A755042295BFA02E0A7D7
Requests: 18 HTTP requests in this frame

Screenshot


Page Statistics

47
Requests

98 %
HTTPS

80 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

2484 kB
Transfer

3416 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://mc.yandex.ru/watch/55027444?wmode=7&page-url=https%3A%2F%2Fwww.xqbhlpay.xfutures.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A830%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A280728955054%3Ahid%3A362098929%3Az%3A60%3Ai%3A20210213095622%3Aet%3A1613206582%3Ac%3A1%3Arn%3A673867117%3Au%3A1613206582305934943%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613206581275%3Awv%3A2%3Ads%3A1%2C91%2C326%2C1%2C0%2C0%2C%2C455%2C5%2C%2C%2C%2C876%3Adsn%3A1%2C91%2C326%2C1%2C0%2C0%2C%2C455%2C5%2C%2C%2C%2C875%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613206582%3At%3A%D0%9E%D0%B1%D1%83%D1%87%D0%B5%D0%BD%D0%B8%D0%B5%20%D1%82%D1%80%D0%B5%D0%B9%D0%B4%D0%B8%D0%BD%D0%B3%D1%83%20%D0%BD%D0%B0%20%D1%84%D1%8C%D1%8E%D1%87%D0%B5%D1%80%D1%81%D0%B0%D1%85%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20-%20xfutures.ru HTTP 302
  • https://mc.yandex.ru/watch/55027444/1?wmode=7&page-url=https%3A%2F%2Fwww.xqbhlpay.xfutures.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A830%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A280728955054%3Ahid%3A362098929%3Az%3A60%3Ai%3A20210213095622%3Aet%3A1613206582%3Ac%3A1%3Arn%3A673867117%3Au%3A1613206582305934943%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613206581275%3Awv%3A2%3Ads%3A1%2C91%2C326%2C1%2C0%2C0%2C%2C455%2C5%2C%2C%2C%2C876%3Adsn%3A1%2C91%2C326%2C1%2C0%2C0%2C%2C455%2C5%2C%2C%2C%2C875%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613206582%3At%3A%D0%9E%D0%B1%D1%83%D1%87%D0%B5%D0%BD%D0%B8%D0%B5%20%D1%82%D1%80%D0%B5%D0%B9%D0%B4%D0%B8%D0%BD%D0%B3%D1%83%20%D0%BD%D0%B0%20%D1%84%D1%8C%D1%8E%D1%87%D0%B5%D1%80%D1%81%D0%B0%D1%85%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20-%20xfutures.ru

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.xqbhlpay.xfutures.ru/
17 KB
17 KB
Document
General
Full URL
https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
43ec6e2ba618d89777601fb010c335e8de78d2362138bbcfbdcd4e7b1468d400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

:method
GET
:authority
www.xqbhlpay.xfutures.ru
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
ddos-guard
set-cookie
__ddg1=5FBHbIyxXOE6Ry33G6DN; Domain=.xfutures.ru; HttpOnly; Path=/; Expires=Sun, 13-Feb-2022 08:56:21 GMT
date
Sat, 13 Feb 2021 08:56:21 GMT
content-type
text/html
strict-transport-security
max-age=31536000;
bootstrap.min.css
www.xqbhlpay.xfutures.ru/css/
99 KB
99 KB
Stylesheet
General
Full URL
https://www.xqbhlpay.xfutures.ru/css/bootstrap.min.css
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
11c74aed50911d54c04455fe1d9c04f42c5f6cf438a94976f890f25f2a59f699
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:21 GMT
last-modified
Thu, 30 Jan 2014 03:45:50 GMT
server
ddos-guard
etag
"18cdb-4f127e4b61780"
strict-transport-security
max-age=31536000;
content-type
text/css
accept-ranges
bytes
content-length
101595
font-awesome.min.css
www.xqbhlpay.xfutures.ru/css/
21 KB
22 KB
Stylesheet
General
Full URL
https://www.xqbhlpay.xfutures.ru/css/font-awesome.min.css
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:21 GMT
last-modified
Tue, 26 Aug 2014 05:46:50 GMT
server
ddos-guard
etag
"55e0-50181d46ee680"
strict-transport-security
max-age=31536000;
content-type
text/css
accept-ranges
bytes
content-length
21984
pe-icon-7-stroke.css
www.xqbhlpay.xfutures.ru/fonts/icon-7-stroke/css/
8 KB
8 KB
Stylesheet
General
Full URL
https://www.xqbhlpay.xfutures.ru/fonts/icon-7-stroke/css/pe-icon-7-stroke.css
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
dc81a269a0dfa8e51f2aefa000e973b13c4df13cbc9000d3da994167b57931b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:21 GMT
last-modified
Mon, 28 Apr 2014 09:30:58 GMT
server
ddos-guard
etag
"208b-4f816f90a1880"
strict-transport-security
max-age=31536000;
content-type
text/css
accept-ranges
bytes
content-length
8331
animate.css
www.xqbhlpay.xfutures.ru/css/
71 KB
71 KB
Stylesheet
General
Full URL
https://www.xqbhlpay.xfutures.ru/css/animate.css
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
88683b0a41b07f465377c8846933bdfb1e57fc9a54accef3e5fd0125bd052cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:21 GMT
last-modified
Wed, 03 Sep 2014 04:54:44 GMT
server
ddos-guard
etag
"11cda-5022208d6ed00"
strict-transport-security
max-age=31536000;
content-type
text/css
accept-ranges
bytes
content-length
72922
owl.theme.css
www.xqbhlpay.xfutures.ru/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://www.xqbhlpay.xfutures.ru/css/owl.theme.css
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
601cf795a47f4cb5207a5e4db9785746d9e0f99a436002a0441d1c14ab4b3444
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:21 GMT
last-modified
Mon, 31 Dec 2001 20:02:10 GMT
server
ddos-guard
etag
"688-3966f1ea81480"
strict-transport-security
max-age=31536000;
content-type
text/css
accept-ranges
bytes
content-length
1672
owl.carousel.css
www.xqbhlpay.xfutures.ru/css/
1 KB
2 KB
Stylesheet
General
Full URL
https://www.xqbhlpay.xfutures.ru/css/owl.carousel.css
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
4dc77ee90dc2225b57b31d28fe06213cd6c491bdc7249a6e70ebd003b72c5702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:21 GMT
last-modified
Mon, 12 May 2014 10:20:38 GMT
server
ddos-guard
etag
"5c4-4f9314c708980"
strict-transport-security
max-age=31536000;
content-type
text/css
accept-ranges
bytes
content-length
1476
css-index.css
www.xqbhlpay.xfutures.ru/css/
18 KB
18 KB
Stylesheet
General
Full URL
https://www.xqbhlpay.xfutures.ru/css/css-index.css
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
f5f6895a4ef5bd7191668524e78b224c2a78c1e94d1cf7586dca0e4d3d7e43c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:21 GMT
last-modified
Wed, 28 Oct 2020 10:50:30 GMT
server
ddos-guard
etag
"4874-5b2b8ee94a980"
strict-transport-security
max-age=31536000;
content-type
text/css
accept-ranges
bytes
content-length
18548
xfutures_logo.png
www.xqbhlpay.xfutures.ru/images/
15 KB
15 KB
Image
General
Full URL
https://www.xqbhlpay.xfutures.ru/images/xfutures_logo.png
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
90aa75c2181bb518210cc2e8b11912139fd96f95e3ba1c5af6c03759704e3e32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Wed, 28 Oct 2020 12:15:52 GMT
server
ddos-guard
etag
"3a92-5b2ba1fe81856"
strict-transport-security
max-age=31536000;
content-type
image/png
accept-ranges
bytes
content-length
14994
coins.jpg
www.xqbhlpay.xfutures.ru/images/
109 KB
109 KB
Image
General
Full URL
https://www.xqbhlpay.xfutures.ru/images/coins.jpg
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
13ba4218c584e140e807d13e271bb85659eeb2e4c12f33b4597342954cbfc801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Wed, 28 Oct 2020 12:15:52 GMT
server
ddos-guard
etag
"1b235-5b2ba1fe804ce"
strict-transport-security
max-age=31536000;
content-type
image/jpeg
accept-ranges
bytes
content-length
111157
binance.png
www.xqbhlpay.xfutures.ru/images/
56 KB
56 KB
Image
General
Full URL
https://www.xqbhlpay.xfutures.ru/images/binance.png
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
ade89c1b85742bb14d82ec594fa5af1dc6f5ed5c415cbdb7ef6cb5cd1623511e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Wed, 28 Oct 2020 12:15:52 GMT
server
ddos-guard
etag
"e17d-5b2ba1fe804ce"
strict-transport-security
max-age=31536000;
content-type
image/png
accept-ranges
bytes
content-length
57725
tiger.jpg
www.xqbhlpay.xfutures.ru/images/
136 KB
136 KB
Image
General
Full URL
https://www.xqbhlpay.xfutures.ru/images/tiger.jpg
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
6497c25898f643e72e3ded4a41b95d0cbaaa346cf3572e10ab6211696e6dc473
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Wed, 28 Oct 2020 12:15:52 GMT
server
ddos-guard
etag
"2202c-5b2ba1fe81856"
strict-transport-security
max-age=31536000;
content-type
image/jpeg
accept-ranges
bytes
content-length
139308
embed.js
yastatic.net/q/forms-frontend-ext/_/
705 B
1 KB
Script
General
Full URL
https://yastatic.net/q/forms-frontend-ext/_/embed.js
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
56705b63b4affbd512380f8f43a8487f3e164e18a0fc5ba3d1b8801536d79915
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Wed, 10 Feb 2021 09:30:26 GMT
server
nginx/1.17.9
etag
W/"2c1-1778b470f50"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=216013
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
705
expires
Mon, 15 Feb 2021 20:55:24 GMT
jquery.js
www.xqbhlpay.xfutures.ru/js/
91 KB
91 KB
Script
General
Full URL
https://www.xqbhlpay.xfutures.ru/js/jquery.js
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Sun, 28 Jul 2013 11:40:28 GMT
server
ddos-guard
etag
"16bb3-4e290d7a62300"
strict-transport-security
max-age=31536000;
content-type
application/javascript
accept-ranges
bytes
content-length
93107
bootstrap.min.js
www.xqbhlpay.xfutures.ru/js/
28 KB
28 KB
Script
General
Full URL
https://www.xqbhlpay.xfutures.ru/js/bootstrap.min.js
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Thu, 30 Jan 2014 03:45:50 GMT
server
ddos-guard
etag
"71a9-4f127e4b61780"
strict-transport-security
max-age=31536000;
content-type
application/javascript
accept-ranges
bytes
content-length
29097
custom.js
www.xqbhlpay.xfutures.ru/js/
6 KB
6 KB
Script
General
Full URL
https://www.xqbhlpay.xfutures.ru/js/custom.js
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
89f841312069d86c059cb6ad8ec978dcd0cf1424ebfdf898682eeef349af8fb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Sun, 19 Apr 2015 10:20:32 GMT
server
ddos-guard
etag
"168d-5141129cf3c00"
strict-transport-security
max-age=31536000;
content-type
application/javascript
accept-ranges
bytes
content-length
5773
jquery.sticky.js
www.xqbhlpay.xfutures.ru/js/
6 KB
6 KB
Script
General
Full URL
https://www.xqbhlpay.xfutures.ru/js/jquery.sticky.js
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
d4a6a006e6fb1b81be2d15ce5f82771b6c2d68ae06141348e5cde8edb0c00bed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Mon, 12 Jan 2015 01:51:58 GMT
server
ddos-guard
etag
"166b-50c6ac06d2b80"
strict-transport-security
max-age=31536000;
content-type
application/javascript
accept-ranges
bytes
content-length
5739
wow.min.js
www.xqbhlpay.xfutures.ru/js/
6 KB
6 KB
Script
General
Full URL
https://www.xqbhlpay.xfutures.ru/js/wow.min.js
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
dd90fdb6538987fe7975bd43803b1c7d8d62912a371c788caec32d016e09dca8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Fri, 19 Sep 2014 00:17:32 GMT
server
ddos-guard
etag
"189c-5036006f4bf00"
strict-transport-security
max-age=31536000;
content-type
application/javascript
accept-ranges
bytes
content-length
6300
owl.carousel.min.js
www.xqbhlpay.xfutures.ru/js/
23 KB
23 KB
Script
General
Full URL
https://www.xqbhlpay.xfutures.ru/js/owl.carousel.min.js
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Mon, 12 May 2014 10:20:38 GMT
server
ddos-guard
etag
"5d52-4f9314c708980"
strict-transport-security
max-age=31536000;
content-type
application/javascript
accept-ranges
bytes
content-length
23890
css
fonts.googleapis.com/
0
0

tag.js
mc.yandex.ru/metrika/
204 KB
64 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
6a83f8baa9d1ed00994bae27f6a6d2990283f253536e11d46320fef8faaf40dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
content-encoding
br
last-modified
Fri, 12 Feb 2021 20:11:42 GMT
etag
"6026df5a-ffaa"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
65450
expires
Sat, 13 Feb 2021 09:56:22 GMT
loading.gif
www.xqbhlpay.xfutures.ru/images/
96 B
96 B
Image
General
Full URL
https://www.xqbhlpay.xfutures.ru/images/loading.gif
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/css/css-index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
d39e7663ce5f83ff2f26c5f8b83de275faf5bbf50b1578daf36f46c4d07934e7

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/css/css-index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
server
ddos-guard
content-type
text/html
background2.jpg
www.xqbhlpay.xfutures.ru/images/
244 KB
244 KB
Image
General
Full URL
https://www.xqbhlpay.xfutures.ru/images/background2.jpg
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
f86ef0481dc3fb41efbdf7e855a6b3e8596c13ccf9b1e49fb04d688cbb9c46dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Wed, 28 Oct 2020 12:15:52 GMT
server
ddos-guard
etag
"3cf41-5b2ba1fe804ce"
strict-transport-security
max-age=31536000;
content-type
image/jpeg
accept-ranges
bytes
content-length
249665
screenshot_1.png
www.xqbhlpay.xfutures.ru/images/
485 KB
486 KB
Image
General
Full URL
https://www.xqbhlpay.xfutures.ru/images/screenshot_1.png
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
e5fb4c28dd36804762a8b7c712093061459706ac60e6eed1e3c58c204e21b219
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Wed, 28 Oct 2020 12:15:52 GMT
server
ddos-guard
etag
"79558-5b2ba1fe8146e"
strict-transport-security
max-age=31536000;
content-type
image/png
accept-ranges
bytes
content-length
496984
krasnodar.jpeg
www.xqbhlpay.xfutures.ru/images/
385 KB
386 KB
Image
General
Full URL
https://www.xqbhlpay.xfutures.ru/images/krasnodar.jpeg
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
2aad077e4bb9506cf1fad36460ac86a7b9249bb1e7730397e7a68a7c4e14c97a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Wed, 28 Oct 2020 12:15:52 GMT
server
ddos-guard
etag
"605ff-5b2ba1fe80c9e"
strict-transport-security
max-age=31536000;
content-type
image/jpeg
accept-ranges
bytes
content-length
394751
Pe-icon-7-stroke.woff
www.xqbhlpay.xfutures.ru/fonts/icon-7-stroke/fonts/
30 KB
30 KB
Font
General
Full URL
https://www.xqbhlpay.xfutures.ru/fonts/icon-7-stroke/fonts/Pe-icon-7-stroke.woff?-2irksn
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/fonts/icon-7-stroke/css/pe-icon-7-stroke.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
426cc094848d65c819d9c6cbfc8dd7ca506e171b1afc86ecac238519f50c29b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Origin
https://www.xqbhlpay.xfutures.ru
Referer
https://www.xqbhlpay.xfutures.ru/fonts/icon-7-stroke/css/pe-icon-7-stroke.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Mon, 28 Apr 2014 09:51:40 GMT
server
ddos-guard
etag
"795c-4f81743118300"
strict-transport-security
max-age=31536000;
content-type
application/font-woff
accept-ranges
bytes
content-length
31068
Cookie set /
forms.yandex.ru/u/5f993d36f418730a4d46cedc/ Frame 0E52
27 KB
9 KB
Document
General
Full URL
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::1ed Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
bb1a88c893ace153dcc2176f2351c1c3b7b56e696764622141d068d4541af976

Request headers

Host
forms.yandex.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.xqbhlpay.xfutures.ru/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.xqbhlpay.xfutures.ru/

Response headers

Server
nginx
Date
Sat, 13 Feb 2021 08:56:22 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=120
Set-Cookie
yandexuid=8452323741613206582; Domain=.yandex.ru; Path=/; Expires=Thu, 13 Feb 2031 08:56:22 GMT; Secure; SameSite=None forms:sid=37Gm4C4282iK1WAT; Max-Age=2592000; Path=/; Expires=Mon, 15 Mar 2021 08:56:22 GMT; HttpOnly
P3P
CP="This is not a P3P policy!"
ETag
W/"6b45-VJE1IGknlNV0Dc7d5287rrzopUY"
Vary
Accept-Encoding
Content-Encoding
gzip
X-qloud-router
vla2-9b1b6481e160.qloud-c.yandex.net
fontawesome-webfont.woff
www.xqbhlpay.xfutures.ru/fonts/
64 KB
64 KB
Font
General
Full URL
https://www.xqbhlpay.xfutures.ru/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.147.197.110 , Ukraine, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
s22.server-panel.net
Software
ddos-guard /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Origin
https://www.xqbhlpay.xfutures.ru
Referer
https://www.xqbhlpay.xfutures.ru/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Tue, 26 Aug 2014 05:46:50 GMT
server
ddos-guard
etag
"ffac-50181d46ee680"
strict-transport-security
max-age=31536000;
content-type
application/font-woff
accept-ranges
bytes
content-length
65452
1
mc.yandex.ru/watch/55027444/
Redirect Chain
  • https://mc.yandex.ru/watch/55027444?wmode=7&page-url=https%3A%2F%2Fwww.xqbhlpay.xfutures.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A830%3Afu%3A0%3Aen%3Autf-8%...
  • https://mc.yandex.ru/watch/55027444/1?wmode=7&page-url=https%3A%2F%2Fwww.xqbhlpay.xfutures.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A830%3Afu%3A0%3Aen%3Autf-...
186 B
217 B
XHR
General
Full URL
https://mc.yandex.ru/watch/55027444/1?wmode=7&page-url=https%3A%2F%2Fwww.xqbhlpay.xfutures.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A830%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A280728955054%3Ahid%3A362098929%3Az%3A60%3Ai%3A20210213095622%3Aet%3A1613206582%3Ac%3A1%3Arn%3A673867117%3Au%3A1613206582305934943%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613206581275%3Awv%3A2%3Ads%3A1%2C91%2C326%2C1%2C0%2C0%2C%2C455%2C5%2C%2C%2C%2C876%3Adsn%3A1%2C91%2C326%2C1%2C0%2C0%2C%2C455%2C5%2C%2C%2C%2C875%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613206582%3At%3A%D0%9E%D0%B1%D1%83%D1%87%D0%B5%D0%BD%D0%B8%D0%B5%20%D1%82%D1%80%D0%B5%D0%B9%D0%B4%D0%B8%D0%BD%D0%B3%D1%83%20%D0%BD%D0%B0%20%D1%84%D1%8C%D1%8E%D1%87%D0%B5%D1%80%D1%81%D0%B0%D1%85%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20-%20xfutures.ru
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
a22b75f4d35c7a281b4c9edcc25270cf940d8c5d08de9aea433eadba7c061a87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Feb 2021 08:56:22 GMT
x-content-type-options
nosniff
last-modified
Sat, 13-Feb-2021 08:56:22 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.xqbhlpay.xfutures.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
186
x-xss-protection
1; mode=block
expires
Sat, 13-Feb-2021 08:56:22 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Sat, 13-Feb-2021 08:56:22 GMT
location
/watch/55027444/1?wmode=7&page-url=https%3A%2F%2Fwww.xqbhlpay.xfutures.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A830%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A280728955054%3Ahid%3A362098929%3Az%3A60%3Ai%3A20210213095622%3Aet%3A1613206582%3Ac%3A1%3Arn%3A673867117%3Au%3A1613206582305934943%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613206581275%3Awv%3A2%3Ads%3A1%2C91%2C326%2C1%2C0%2C0%2C%2C455%2C5%2C%2C%2C%2C876%3Adsn%3A1%2C91%2C326%2C1%2C0%2C0%2C%2C455%2C5%2C%2C%2C%2C875%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613206582%3At%3A%D0%9E%D0%B1%D1%83%D1%87%D0%B5%D0%BD%D0%B8%D0%B5%20%D1%82%D1%80%D0%B5%D0%B9%D0%B4%D0%B8%D0%BD%D0%B3%D1%83%20%D0%BD%D0%B0%20%D1%84%D1%8C%D1%8E%D1%87%D0%B5%D1%80%D1%81%D0%B0%D1%85%20%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%BE%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20-%20xfutures.ru
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.xqbhlpay.xfutures.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Sat, 13-Feb-2021 08:56:22 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
110 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: www.xqbhlpay.xfutures.ru
URL: https://www.xqbhlpay.xfutures.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.xqbhlpay.xfutures.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Fri, 12 Feb 2021 20:11:42 GMT
etag
"6026df5a-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 13 Feb 2021 09:56:22 GMT
_survey-iframe.css
yastatic.net/s3/frontend/forms/v25.30.0/bundles/desktop.bundles/survey-iframe/ Frame 0E52
92 KB
15 KB
Stylesheet
General
Full URL
https://yastatic.net/s3/frontend/forms/v25.30.0/bundles/desktop.bundles/survey-iframe/_survey-iframe.css
Requested by
Host: forms.yandex.ru
URL: https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0d42b2f557384ad1f59d6b665dec9b6540554fc5a313d697f5f52c9c3afe912c
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
14733
x-nginx-request-id
402c57232114f4f2
last-modified
Wed, 10 Feb 2021 09:38:50 GMT
server
nginx/1.17.9
etag
"2bfad2f9b80dbb3abcb6f397f6247c25"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, immutable, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Feb 2021 20:51:46 GMT
less.min.js
yastatic.net/s3/frontend/forms/v25.30.0/public/less/ Frame 0E52
161 KB
43 KB
Script
General
Full URL
https://yastatic.net/s3/frontend/forms/v25.30.0/public/less/less.min.js
Requested by
Host: forms.yandex.ru
URL: https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4be08bd8f1575b7125cda750255dcde50487b6664b3f3d992cd767d492c7b532
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
43167
x-nginx-request-id
c621af09ac952847
last-modified
Wed, 10 Feb 2021 09:38:48 GMT
server
nginx/1.17.9
etag
"112be378c66b9bbf4e7d457ed0273921"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Feb 2021 20:53:40 GMT
jquery.min.js
yastatic.net/jquery/2.1.4/ Frame 0E52
82 KB
27 KB
Script
General
Full URL
https://yastatic.net/jquery/2.1.4/jquery.min.js
Requested by
Host: forms.yandex.ru
URL: https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26621
x-nginx-request-id
2f7103452425abd5
last-modified
Mon, 12 Nov 2018 13:13:44 GMT
server
nginx/1.17.9
etag
"a277816fda8a0e0e1e1f60108f585a3f"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Oct 2021 20:04:48 GMT
polyfill.min.js
yastatic.net/s3/frontend/forms/v25.30.0/public/polyfill/ Frame 0E52
102 KB
29 KB
Script
General
Full URL
https://yastatic.net/s3/frontend/forms/v25.30.0/public/polyfill/polyfill.min.js
Requested by
Host: forms.yandex.ru
URL: https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
29561
x-nginx-request-id
b8c7ae4849673d90
last-modified
Wed, 10 Feb 2021 09:38:48 GMT
server
nginx/1.17.9
etag
"ba59a08643c70e28fb9634172424404c"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Feb 2021 20:55:03 GMT
_survey-iframe.client.ru.js
yastatic.net/s3/frontend/forms/v25.30.0/bundles/desktop.bundles/survey-iframe/ Frame 0E52
490 KB
109 KB
Script
General
Full URL
https://yastatic.net/s3/frontend/forms/v25.30.0/bundles/desktop.bundles/survey-iframe/_survey-iframe.client.ru.js
Requested by
Host: forms.yandex.ru
URL: https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
b146005f4db23ecf659467289e65f1ef86c370181e858eaedd17b9a6a833dad9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
111223
x-nginx-request-id
75a498e59f1e7ac3
last-modified
Wed, 10 Feb 2021 09:38:50 GMT
server
nginx/1.17.9
etag
"5f487f783b55850a7da0d729fea83b04"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, immutable, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Feb 2021 20:53:28 GMT
eS-nxtWWJ1LfBWLfd096swuFjH4.svg
yastatic.net/s3/frontend/forms/_/ Frame 0E52
169 B
671 B
Image
General
Full URL
https://yastatic.net/s3/frontend/forms/_/eS-nxtWWJ1LfBWLfd096swuFjH4.svg
Requested by
Host: yastatic.net
URL: https://yastatic.net/s3/frontend/forms/v25.30.0/bundles/desktop.bundles/survey-iframe/_survey-iframe.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
5a69d1eea4ef1b15ce789bfac801196f5a3890336a564e8706c0997f935a43e5
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://yastatic.net/s3/frontend/forms/v25.30.0/bundles/desktop.bundles/survey-iframe/_survey-iframe.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
122
x-nginx-request-id
4d27ab4fb7a87d90
last-modified
Wed, 12 Feb 2020 22:13:40 GMT
server
nginx/1.17.9
etag
"ac7597a5c589492a910f82cebab4881a"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, immutable, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Feb 2021 20:52:33 GMT
%D0%AF%D0%BD%D0%B4%D0%B5%D0%BA%D1%81.svg
yastatic.net/q/logoaas/v1/ Frame 0E52
2 KB
1 KB
Image
General
Full URL
https://yastatic.net/q/logoaas/v1/%D0%AF%D0%BD%D0%B4%D0%B5%D0%BA%D1%81.svg?viewBox=1&color=000000
Requested by
Host: forms.yandex.ru
URL: https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 / Express
Resource Hash
594fca44eda9c1a780fe2ece088248256c5343396ef78baf371d3a7e7900a527

Request headers

Referer
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
content-encoding
gzip
etag
W/"678-176fb396e02"
last-modified
Wed, 13 Jan 2021 10:10:13 GMT
server
nginx/1.17.9
x-powered-by
Express
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=1213
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
expires
Sat, 13 Feb 2021 09:14:44 GMT
%D0%A4%D0%BE%D1%80%D0%BC%D1%8B.svg
yastatic.net/q/logoaas/v1/ Frame 0E52
2 KB
1 KB
Image
General
Full URL
https://yastatic.net/q/logoaas/v1/%D0%A4%D0%BE%D1%80%D0%BC%D1%8B.svg?viewBox=1
Requested by
Host: forms.yandex.ru
URL: https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 / Express
Resource Hash
833e51c77d9099007856e64b7e4ae0f8bb36e17eddfccf50dd18d44340d645e9

Request headers

Referer
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
content-encoding
gzip
etag
W/"7a4-176fb3966ee"
last-modified
Wed, 13 Jan 2021 10:10:11 GMT
server
nginx/1.17.9
x-powered-by
Express
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=1213
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
expires
Sat, 13 Feb 2021 09:14:44 GMT
glare.jpg
yastatic.net/s3/frontend/forms/v25.30.0/public/styles_templates_images/ Frame 0E52
213 KB
214 KB
Image
General
Full URL
https://yastatic.net/s3/frontend/forms/v25.30.0/public/styles_templates_images/glare.jpg
Requested by
Host: forms.yandex.ru
URL: https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
47d924d8834297e13adefa7db1e69c0197e097539667c1bd9363f40367a8f1ce
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
218225
x-nginx-request-id
e9ff9fece7a62d0b
last-modified
Wed, 10 Feb 2021 09:38:31 GMT
server
nginx/1.17.9
etag
"0344462179c523bc577377c6fc3cc195"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, immutable, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Feb 2021 20:55:48 GMT
watch.js
mc.yandex.ru/metrika/ Frame 0E52
118 KB
41 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/jquery/2.1.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
f8da8cf51991751a899ade13231b19579025cd9017cdf01b882c4070f7f1719e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
content-encoding
br
last-modified
Fri, 12 Feb 2021 20:11:42 GMT
etag
"6026df5a-a2de"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
41694
expires
Sat, 13 Feb 2021 09:56:22 GMT
click
yandex.ru/clck/ Frame 0E52
43 B
224 B
Other
General
Full URL
https://yandex.ru/clck/click
Requested by
Host: forms.yandex.ru
URL: https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/gif
access-control-allow-origin
https://forms.yandex.ru
cache-control
no-cache
access-control-allow-credentials
true
content-length
43
3
mc.yandex.ru/watch/ Frame 0E52
35 B
551 B
XHR
General
Full URL
https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fforms.yandex.ru%2Fu%2F5f993d36f418730a4d46cedc%2F%3Fiframe%3D1&page-ref=https%3A%2F%2Fwww.xqbhlpay.xfutures.ru%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Adeodhc9w27kzjb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A698439781297%3Ahid%3A989285722%3Az%3A60%3Ai%3A20210213095622%3Aet%3A1613206583%3Ac%3A1%3Arn%3A598090758%3Au%3A161320658386887609%3Aw%3A650x368%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1613206582124%3Ads%3A7%2C86%2C148%2C4%2C0%2C0%2C%2C251%2C1%2C%2C%2C%2C495%3Adsn%3A7%2C86%2C148%2C4%2C0%2C0%2C%2C249%2C1%2C%2C%2C%2C495%3Ati%3A2%3Ast%3A1613206583
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Feb 2021 08:56:22 GMT
x-content-type-options
nosniff
last-modified
Sat, 13-Feb-2021 08:56:22 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forms.yandex.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
35
x-xss-protection
1; mode=block
expires
Sat, 13-Feb-2021 08:56:22 GMT
click
yandex.ru/clck/ Frame 0E52
43 B
542 B
Other
General
Full URL
https://yandex.ru/clck/click
Requested by
Host: forms.yandex.ru
URL: https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/gif
access-control-allow-origin
https://forms.yandex.ru
cache-control
no-cache
access-control-allow-credentials
true
content-length
43
advert.gif
mc.yandex.ru/metrika/ Frame 0E52
43 B
112 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Feb 2021 08:56:22 GMT
last-modified
Fri, 12 Feb 2021 20:11:42 GMT
etag
"6026df5a-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 13 Feb 2021 09:56:22 GMT
49158118
mc.yandex.ru/watch/ Frame 0E52
186 B
244 B
XHR
General
Full URL
https://mc.yandex.ru/watch/49158118?wmode=7&page-url=https%3A%2F%2Fforms.yandex.ru%2Fu%2F5f993d36f418730a4d46cedc%2F%3Fiframe%3D1&page-ref=https%3A%2F%2Fwww.xqbhlpay.xfutures.ru%2F&charset=utf-8&site-info=%7B%22form_id%22%3A%225f993d36f418730a4d46cedc%22%2C%22qnNum%22%3A4%2C%22qnNumBy10%22%3A10%2C%22qnNumBy100%22%3A100%2C%22form_style%22%3A%7B%7D%2C%22page%22%3A%22survey%22%2C%22is_iframe%22%3Atrue%2C%22is_org%22%3Afalse%2C%22login%22%3Afalse%7D&ut=noindex&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Adeodhc9w27kzjb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A2%3Adp%3A1%3Als%3A1448071937011%3Ahid%3A989285722%3Az%3A60%3Ai%3A20210213095622%3Aet%3A1613206583%3Ac%3A1%3Arn%3A1043252515%3Au%3A1613206583799815122%3Aw%3A650x368%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1613206582124%3Ads%3A7%2C86%2C148%2C4%2C0%2C0%2C%2C251%2C1%2C628%2C628%2C1%2C495%3Adsn%3A7%2C86%2C148%2C4%2C0%2C0%2C%2C249%2C1%2C628%2C628%2C1%2C495%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613206583%3At%3AYandex.Forms
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ad0d9c877c374e800c8068078c54dda91fd04196f339d5c190adb3ef58dead9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Feb 2021 08:56:22 GMT
x-content-type-options
nosniff
last-modified
Sat, 13-Feb-2021 08:56:22 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forms.yandex.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
186
x-xss-protection
1; mode=block
expires
Sat, 13-Feb-2021 08:56:22 GMT
click
yandex.ru/clck/ Frame 0E52
43 B
70 B
Other
General
Full URL
https://yandex.ru/clck/click
Requested by
Host: forms.yandex.ru
URL: https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/gif
access-control-allow-origin
https://forms.yandex.ru
cache-control
no-cache
access-control-allow-credentials
true
content-length
43
click
yandex.ru/clck/ Frame 0E52
43 B
70 B
Other
General
Full URL
https://yandex.ru/clck/click
Requested by
Host: forms.yandex.ru
URL: https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.yandex.ru/u/5f993d36f418730a4d46cedc/?iframe=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/gif
access-control-allow-origin
https://forms.yandex.ru
cache-control
no-cache
access-control-allow-credentials
true
content-length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Lato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| ym function| $ function| jQuery object| jQuery110201783387403068768 function| fullscreenFix function| backgroundResize function| parallaxPosition function| WOW object| Ya object| yaCounter55027444

8 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: yandexuid
Value: 8452323741613206582
.yandex.ru/ Name: i
Value: 5IuK62wpr08jnE17z7fSQxKKLKHI+Nbh7h6xeleps+oMQ31r0cuy/C/323u4z2gbkXgoF8PTl8rOWVmv1ewd0PYUZuA=
.yandex.ru/ Name: yuidss
Value: 7741031011613206582
.xfutures.ru/ Name: _ym_d
Value: 1613206582
.xfutures.ru/ Name: _ym_uid
Value: 1613206582305934943
.yandex.ru/ Name: ymex
Value: 1644742582.yrts.1613206582#1644742582.yrtsi.1613206582
.xfutures.ru/ Name: _ym_isad
Value: 2
.xfutures.ru/ Name: __ddg1
Value: 5FBHbIyxXOE6Ry33G6DN

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
forms.yandex.ru
mc.yandex.ru
www.xqbhlpay.xfutures.ru
yandex.ru
yastatic.net
fonts.googleapis.com
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::1ed
2a02:6b8:a::a
45.147.197.110
03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0d42b2f557384ad1f59d6b665dec9b6540554fc5a313d697f5f52c9c3afe912c
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
11c74aed50911d54c04455fe1d9c04f42c5f6cf438a94976f890f25f2a59f699
13ba4218c584e140e807d13e271bb85659eeb2e4c12f33b4597342954cbfc801
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
2aad077e4bb9506cf1fad36460ac86a7b9249bb1e7730397e7a68a7c4e14c97a
426cc094848d65c819d9c6cbfc8dd7ca506e171b1afc86ecac238519f50c29b6
43ec6e2ba618d89777601fb010c335e8de78d2362138bbcfbdcd4e7b1468d400
47d924d8834297e13adefa7db1e69c0197e097539667c1bd9363f40367a8f1ce
4be08bd8f1575b7125cda750255dcde50487b6664b3f3d992cd767d492c7b532
4dc77ee90dc2225b57b31d28fe06213cd6c491bdc7249a6e70ebd003b72c5702
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56705b63b4affbd512380f8f43a8487f3e164e18a0fc5ba3d1b8801536d79915
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a
594fca44eda9c1a780fe2ece088248256c5343396ef78baf371d3a7e7900a527
5a69d1eea4ef1b15ce789bfac801196f5a3890336a564e8706c0997f935a43e5
601cf795a47f4cb5207a5e4db9785746d9e0f99a436002a0441d1c14ab4b3444
6497c25898f643e72e3ded4a41b95d0cbaaa346cf3572e10ab6211696e6dc473
6a83f8baa9d1ed00994bae27f6a6d2990283f253536e11d46320fef8faaf40dd
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
833e51c77d9099007856e64b7e4ae0f8bb36e17eddfccf50dd18d44340d645e9
88683b0a41b07f465377c8846933bdfb1e57fc9a54accef3e5fd0125bd052cc7
89f841312069d86c059cb6ad8ec978dcd0cf1424ebfdf898682eeef349af8fb3
90aa75c2181bb518210cc2e8b11912139fd96f95e3ba1c5af6c03759704e3e32
a22b75f4d35c7a281b4c9edcc25270cf940d8c5d08de9aea433eadba7c061a87
ad0d9c877c374e800c8068078c54dda91fd04196f339d5c190adb3ef58dead9a
ade89c1b85742bb14d82ec594fa5af1dc6f5ed5c415cbdb7ef6cb5cd1623511e
b146005f4db23ecf659467289e65f1ef86c370181e858eaedd17b9a6a833dad9
bb1a88c893ace153dcc2176f2351c1c3b7b56e696764622141d068d4541af976
d39e7663ce5f83ff2f26c5f8b83de275faf5bbf50b1578daf36f46c4d07934e7
d4a6a006e6fb1b81be2d15ce5f82771b6c2d68ae06141348e5cde8edb0c00bed
dc81a269a0dfa8e51f2aefa000e973b13c4df13cbc9000d3da994167b57931b4
dd90fdb6538987fe7975bd43803b1c7d8d62912a371c788caec32d016e09dca8
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e5fb4c28dd36804762a8b7c712093061459706ac60e6eed1e3c58c204e21b219
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f5f6895a4ef5bd7191668524e78b224c2a78c1e94d1cf7586dca0e4d3d7e43c4
f86ef0481dc3fb41efbdf7e855a6b3e8596c13ccf9b1e49fb04d688cbb9c46dc
f8da8cf51991751a899ade13231b19579025cd9017cdf01b882c4070f7f1719e