safeit.hopto.org Open in urlscan Pro
5.9.69.189  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response safeit.hopto.org/	90 KB 15 KB	99ms 45ms	Document text/html	5.9.69.189 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://safeit.hopto.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.9.69.189 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.189.69.9.5.clients.your-server.de Software nginx/1.14.2 / Resource Hash 98dcefd21c890edfa7bb852fd59dec09df87a0f4246128de4f3b84c750d2f438 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Wed, 08 Feb 2023 08:38:25 GMT Server nginx/1.14.2 Transfer-Encoding chunked
GET H2	200	main.css www.safewise.com/app/themes/coolwhip-child/dist/css/	275 KB 48 KB	986ms 283ms	Stylesheet text/css	2620:12a:8001::4 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.safewise.com/app/themes/coolwhip-child/dist/css/main.css?ver=dda42aba031323d2483618a28f6cb60d Requested by Host: safeit.hopto.org URL: https://safeit.hopto.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:12a:8001::4 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ed1d1cad2dde3640af278a4d784c605c6ba81e4cc86061e766f175a4ab788eb6 Request headers accept-language de-DE,de;q=0.9 Referer https://safeit.hopto.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers expires Wed, 31 Jan 2024 22:20:33 GMT date Wed, 08 Feb 2023 08:38:26 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish x-pantheon-styx-hostname styx-fe4-b-86894bb899-r6hbl age 728273 x-cache HIT, HIT content-length 48335 x-served-by cache-chi-klot8100044-CHI, cache-maa10230-MAA last-modified Mon, 30 Jan 2023 22:19:58 GMT server nginx x-timer S1675845507.851966,VS0,VE10 etag W/"63d8428e-44bfc" vary Accept-Encoding content-type text/css x-styx-req-id 502fa19a-a0ec-11ed-99af-7e7aaddd263f cache-control max-age=31622400 accept-ranges bytes x-cache-hits 46, 1
GET H2	200	jsnext.js Show response cloud.nextagc.com/	3 KB 2 KB	175ms 30ms	Script application/javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cloud.nextagc.com/jsnext.js?uid=74&m=dash&domain=safeit.hopto.org&target=1840 Requested by Host: safeit.hopto.org URL: https://safeit.hopto.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a19023ece3486d3a0ff2a8446c50689bb7d5359d6719c2fb927e1aee311ff0fe Request headers accept-language de-DE,de;q=0.9 Referer https://safeit.hopto.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Wed, 08 Feb 2023 08:38:26 GMT content-encoding br cf-cache-status BYPASS last-modified Wednesday, 08-Feb-2023 08:38:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods POST,GET,OPTIONS content-type application/javascript;charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnwtP%2FPgqbI79rFAmoQVAZ2WgfFDk0rDygy0zPHE3Cpe6r%2Bj78XpAWNdDk%2FKwDagpxhrCIclwfzoKddqEaIcRNrEN4LrGSumsqG8dC4dSbcwBIiC92xRirykTpKMHIeerNKEYU7utlLr3V1VWTmsuw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control no-store, no-cache cf-ray 79630c8d2c869bbe-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	403 Forbidden	invoke.js drawingwheels.com/c041da09be015e7455396bc0a0a258f0/	0 0	493ms 118ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://drawingwheels.com/c041da09be015e7455396bc0a0a258f0/invoke.js Requested by Host: cloud.nextagc.com URL: https://cloud.nextagc.com/jsnext.js?uid=74&m=dash&domain=safeit.hopto.org&target=1840 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://safeit.hopto.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Wed, 08 Feb 2023 08:38:27 GMT Server nginx/1.17.6 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Connection keep-alive Content-Length 0
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 4 KB	102ms 9ms	Script text/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: cloud.nextagc.com URL: https://cloud.nextagc.com/jsnext.js?uid=74&m=dash&domain=safeit.hopto.org&target=1840 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers accept-language de-DE,de;q=0.9 Referer https://safeit.hopto.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Wed, 08 Feb 2023 08:30:49 GMT content-encoding br last-modified Thu, 16 Apr 2020 10:44:16 GMT x-cacheable Matched cache x-cdn-pop-ip 137.74.120.0/27 etag "-375139978" content-type text/javascript x-cdn-pop sbg accept-ranges bytes content-length 4364 x-request-id 545947846
POST H2	200	process.php Show response dash.nextagc.com/sync/	0 746 B	262ms 227ms	XHR text/html	2a06:98c1:3121::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dash.nextagc.com/sync/process.php Requested by Host: cloud.nextagc.com URL: https://cloud.nextagc.com/jsnext.js?uid=74&m=dash&domain=safeit.hopto.org&target=1840 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://safeit.hopto.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 08 Feb 2023 08:38:27 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.4.33 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma no-cache server cloudflare access-control-allow-methods POST,GET,OPTIONS, GET,POST,OPTIONS,DELETE,PUT content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tN9K9nIFnkDZt9YsK%2FDs3s0SqJFkLd7HBkX9LvJ6rtqZWxuHbWY6VczDevYrMXCeifWmKWymwAC3yijzuCWTnIAnXsuhDXfwxyishr8mP7rkt4BqecJRkc%2FltiBXSyiUs3ysh6GcYj74IHnMxcx9"}],"group":"cf-nel","max_age":604800} cache-control no-store, no-cache, must-revalidate x-turbo-charged-by LiteSpeed cf-ray 79630c949b0e2bcf-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	attachment-217482--2000x0.png www.safewise.com/app/uploads/cropped/2022/11/07/	581 B 830 B	274ms 274ms	Image image/png	2620:12a:8001::4 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.safewise.com/app/uploads/cropped/2022/11/07/attachment-217482--2000x0.png Requested by Host: safeit.hopto.org URL: https://safeit.hopto.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:12a:8001::4 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e948a10e6104744a8a276e11f8bf69c8bd3d67bb5099a759461ad23756030a51 Request headers accept-language de-DE,de;q=0.9 Referer https://safeit.hopto.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-pantheon-styx-hostname styx-fe4-b-687d4948fc-4m4wx date Wed, 08 Feb 2023 08:38:27 GMT via 1.1 varnish, 1.1 varnish expires Fri, 05 Jan 2024 08:48:32 GMT age 728274 x-cache HIT, HIT content-length 581 x-served-by cache-chi-klot8100138-CHI, cache-maa10230-MAA last-modified Mon, 07 Nov 2022 20:55:13 GMT server nginx x-timer S1675845507.445192,VS0,VE1 etag "636970b1-245" content-type image/png x-styx-req-id 916b1574-8c0c-11ed-9be3-1688674eb025 cache-control max-age=31622400 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	attachment-206219--2000x0.png www.safewise.com/app/uploads/cropped/2022/08/31/	63 KB 63 KB	684ms 683ms	Image image/png	2620:12a:8001::4 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.safewise.com/app/uploads/cropped/2022/08/31/attachment-206219--2000x0.png Requested by Host: safeit.hopto.org URL: https://safeit.hopto.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:12a:8001::4 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e967758f29a0151f88649ad675b2d9b80d8fcd39d6af96bd125738e359082b62 Request headers accept-language de-DE,de;q=0.9 Referer https://safeit.hopto.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-pantheon-styx-hostname styx-fe4-b-56c7c6b6d7-tgkmx date Wed, 08 Feb 2023 08:38:27 GMT via 1.1 varnish, 1.1 varnish expires Sat, 02 Dec 2023 13:10:16 GMT age 728229 x-cache HIT, HIT content-length 64132 x-served-by cache-chi-kigq8000173-CHI, cache-maa10230-MAA last-modified Wed, 31 Aug 2022 18:21:46 GMT server nginx x-timer S1675845507.445168,VS0,VE6 etag "630fa6ba-fa84" content-type image/png x-styx-req-id 7fa3bcbb-7179-11ed-9e00-eeaf001700b9 cache-control max-age=31622400 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	attachment-216998--2000x0.png www.safewise.com/app/uploads/cropped/2022/11/04/	581 B 794 B	275ms 274ms	Image image/png	2620:12a:8001::4 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.safewise.com/app/uploads/cropped/2022/11/04/attachment-216998--2000x0.png Requested by Host: safeit.hopto.org URL: https://safeit.hopto.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:12a:8001::4 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 59718bc22e77e9839c88d2248cb65ecb7ba3de5acea1cf518e9b556c7ec6b143 Request headers accept-language de-DE,de;q=0.9 Referer https://safeit.hopto.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-pantheon-styx-hostname styx-fe4-a-744d4d6c77-cznkh date Wed, 08 Feb 2023 08:38:27 GMT via 1.1 varnish, 1.1 varnish expires Sat, 20 Jan 2024 23:48:38 GMT age 728229 x-cache HIT, HIT content-length 581 x-served-by cache-chi-klot8100170-CHI, cache-maa10230-MAA last-modified Fri, 04 Nov 2022 15:47:17 GMT server nginx x-timer S1675845507.445636,VS0,VE1 etag "63653405-245" content-type image/png x-styx-req-id cbf1114f-9853-11ed-8a80-a692d940e1f7 cache-control max-age=31622400 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	attachment-206231--2000x0.png www.safewise.com/app/uploads/cropped/2022/08/31/	44 KB 44 KB	276ms 275ms	Image image/png	2620:12a:8001::4 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.safewise.com/app/uploads/cropped/2022/08/31/attachment-206231--2000x0.png Requested by Host: safeit.hopto.org URL: https://safeit.hopto.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:12a:8001::4 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 9957bcaf58f7d3302ee633c6e3a2757e8a7bbd3cb0d79ced8d5655dd84dbcc38 Request headers accept-language de-DE,de;q=0.9 Referer https://safeit.hopto.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-pantheon-styx-hostname styx-fe4-b-687d4948fc-bzm2p date Wed, 08 Feb 2023 08:38:27 GMT via 1.1 varnish, 1.1 varnish expires Fri, 05 Jan 2024 15:36:18 GMT age 728228 x-cache HIT, HIT content-length 44903 x-served-by cache-chi-kigq8000096-CHI, cache-maa10230-MAA last-modified Wed, 31 Aug 2022 19:16:24 GMT server nginx x-timer S1675845507.445778,VS0,VE1 etag "630fb388-af67" content-type image/png x-styx-req-id 88096317-8c45-11ed-8119-82b83d693a8b cache-control max-age=31622400 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	attachment-206227--2000x0.png www.safewise.com/app/uploads/cropped/2022/08/31/	112 KB 112 KB	344ms 344ms	Image image/png	2620:12a:8001::4 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.safewise.com/app/uploads/cropped/2022/08/31/attachment-206227--2000x0.png Requested by Host: safeit.hopto.org URL: https://safeit.hopto.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:12a:8001::4 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 7b3236aee4ff41148cfd38bad30cbf2112e2a5b2a932c628cfde72d5203189e8 Request headers accept-language de-DE,de;q=0.9 Referer https://safeit.hopto.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-pantheon-styx-hostname styx-fe4-a-784d5f49c5-24fbm date Wed, 08 Feb 2023 08:38:27 GMT via 1.1 varnish, 1.1 varnish expires Mon, 15 Jan 2024 03:44:09 GMT age 728228 x-cache HIT, HIT content-length 114572 x-served-by cache-chi-klot8100170-CHI, cache-maa10230-MAA last-modified Wed, 31 Aug 2022 18:42:40 GMT server nginx x-timer S1675845507.446550,VS0,VE2 etag "630faba0-1bf8c" content-type image/png x-styx-req-id b3dc67a5-93bd-11ed-8ea0-0ea05d552fa9 cache-control max-age=31622400 accept-ranges bytes x-cache-hits 2, 1
GET H2	200	bg-circles.svg www.safewise.com/app/uploads/2021/12/	2 KB 828 B	596ms 596ms	Image image/svg+xml	2620:12a:8001::4 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.safewise.com/app/uploads/2021/12/bg-circles.svg Requested by Host: safeit.hopto.org URL: https://safeit.hopto.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:12a:8001::4 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 606dee1f9b48c699622329e412212e07bfaeaea02a1267613b6e75ca3f76ae0c Request headers accept-language de-DE,de;q=0.9 Referer https://safeit.hopto.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers expires Wed, 07 Feb 2024 15:22:01 GMT date Wed, 08 Feb 2023 08:38:27 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish x-pantheon-styx-hostname styx-fe4-a-79ccbf5989-b2mtm age 148586 x-cache HIT, HIT content-length 554 x-served-by cache-chi-kigq8000042-CHI, cache-maa10230-MAA last-modified Mon, 13 Dec 2021 19:36:30 GMT server nginx x-timer S1675845507.447013,VS0,VE1 etag W/"61b7a0be-89b" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-styx-req-id 01164fbe-a632-11ed-b21b-6266f3803800 cache-control max-age=31622400 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	attachment-206283--2000x0.png www.safewise.com/app/uploads/cropped/2022/08/31/	43 KB 43 KB	629ms 629ms	Image image/png	2620:12a:8001::4 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.safewise.com/app/uploads/cropped/2022/08/31/attachment-206283--2000x0.png Requested by Host: safeit.hopto.org URL: https://safeit.hopto.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:12a:8001::4 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 5d33fd369bfef1ec1f1715bac5ac546756a4624273f5afded3c3f51471471974 Request headers accept-language de-DE,de;q=0.9 Referer https://safeit.hopto.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-pantheon-styx-hostname styx-fe4-b-687d4948fc-bzm2p date Wed, 08 Feb 2023 08:38:27 GMT via 1.1 varnish, 1.1 varnish expires Sat, 06 Jan 2024 11:10:48 GMT age 728228 x-cache HIT, HIT content-length 43692 x-served-by cache-chi-kigq8000142-CHI, cache-maa10230-MAA last-modified Wed, 31 Aug 2022 22:28:10 GMT server nginx x-timer S1675845507.448239,VS0,VE1 etag "630fe07a-aaac" content-type image/png x-styx-req-id 9bf1701a-8ce9-11ed-9232-82b83d693a8b cache-control max-age=31622400 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	attachment-193346--2000x0.png www.safewise.com/app/uploads/cropped/2022/06/23/	9 KB 9 KB	643ms 643ms	Image image/png	2620:12a:8001::4 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.safewise.com/app/uploads/cropped/2022/06/23/attachment-193346--2000x0.png Requested by Host: safeit.hopto.org URL: https://safeit.hopto.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:12a:8001::4 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 3aa3a4de78581b6c45bc3987c20150071a4e6fff637cffe2a91b2ba5b98ee80c Request headers accept-language de-DE,de;q=0.9 Referer https://safeit.hopto.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-pantheon-styx-hostname styx-fe4-a-6bbcd4dbd9-bk8tz date Wed, 08 Feb 2023 08:38:27 GMT via 1.1 varnish, 1.1 varnish expires Thu, 07 Dec 2023 14:32:01 GMT age 728228 x-cache HIT, HIT content-length 9394 x-served-by cache-chi-kigq8000143-CHI, cache-maa10230-MAA last-modified Thu, 23 Jun 2022 20:12:57 GMT server nginx x-timer S1675845507.448586,VS0,VE1 etag "62b4c949-24b2" content-type image/png x-styx-req-id bf3655f4-7572-11ed-b3ea-b2ac1b015f15 cache-control max-age=31622400 accept-ranges bytes x-cache-hits 2, 1
GET H2	200	attachment-193329--2000x0.png www.safewise.com/app/uploads/cropped/2022/06/23/	7 KB 7 KB	679ms 679ms	Image image/png	2620:12a:8001::4 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.safewise.com/app/uploads/cropped/2022/06/23/attachment-193329--2000x0.png Requested by Host: safeit.hopto.org URL: https://safeit.hopto.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:12a:8001::4 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 3cef54b5337b4366fa0822d417d02e48131defa929b9c4a0c4a9634b3a43e508 Request headers accept-language de-DE,de;q=0.9 Referer https://safeit.hopto.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers x-pantheon-styx-hostname styx-fe4-a-744d4d6c77-l678f date Wed, 08 Feb 2023 08:38:27 GMT via 1.1 varnish, 1.1 varnish expires Thu, 18 Jan 2024 05:34:34 GMT age 728228 x-cache HIT, HIT content-length 6784 x-served-by cache-chi-klot8100064-CHI, cache-maa10230-MAA last-modified Thu, 23 Jun 2022 20:07:27 GMT server nginx x-timer S1675845507.448745,VS0,VE1 etag "62b4c7ff-1a80" content-type image/png x-styx-req-id 9ff8408c-9628-11ed-8a5c-7a42f5600d43 cache-control max-age=31622400 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	open-sans-v34-latin-regular.woff2 www.safewise.com/app/themes/coolwhip-child/assets/fonts/	16 KB 17 KB	884ms 330ms	Font font/woff2	2620:12a:8001::4 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.safewise.com/app/themes/coolwhip-child/assets/fonts/open-sans-v34-latin-regular.woff2 Requested by Host: safeit.hopto.org URL: https://safeit.hopto.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:12a:8001::4 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681 Request headers Referer https://safeit.hopto.org/ Origin https://safeit.hopto.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers expires Wed, 31 Jan 2024 22:20:33 GMT date Wed, 08 Feb 2023 08:38:28 GMT via 1.1 varnish, 1.1 varnish x-pantheon-styx-hostname styx-fe4-b-86894bb899-r6hbl age 728274 x-cache HIT, HIT content-length 16740 x-served-by cache-chi-klot8100048-CHI, cache-maa10229-MAA last-modified Mon, 30 Jan 2023 22:19:58 GMT server nginx x-timer S1675845508.016139,VS0,VE1 etag "63d8428e-4164" content-type font/woff2 access-control-allow-origin * x-styx-req-id 5048e61d-a0ec-11ed-99af-7e7aaddd263f cache-control max-age=31622400 accept-ranges bytes x-cache-hits 45, 1
GET H2	200	open-sans-v34-latin-700.woff2 www.safewise.com/app/themes/coolwhip-child/assets/fonts/	16 KB 16 KB	837ms 283ms	Font font/woff2	2620:12a:8001::4 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.safewise.com/app/themes/coolwhip-child/assets/fonts/open-sans-v34-latin-700.woff2 Requested by Host: safeit.hopto.org URL: https://safeit.hopto.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:12a:8001::4 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72 Request headers Referer https://safeit.hopto.org/ Origin https://safeit.hopto.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers expires Wed, 31 Jan 2024 22:20:33 GMT date Wed, 08 Feb 2023 08:38:28 GMT via 1.1 varnish, 1.1 varnish x-pantheon-styx-hostname styx-fe4-b-86894bb899-r6hbl age 728274 x-cache HIT, HIT content-length 16372 x-served-by cache-chi-kigq8000023-CHI, cache-maa10229-MAA last-modified Mon, 30 Jan 2023 22:20:00 GMT server nginx x-timer S1675845508.016308,VS0,VE1 etag "63d84290-3ff4" content-type font/woff2 access-control-allow-origin * x-styx-req-id 5048dbcd-a0ec-11ed-99af-7e7aaddd263f cache-control max-age=31622400 accept-ranges bytes x-cache-hits 45, 1
GET H2	200	nunito-sans-v12-latin-800.woff2 www.safewise.com/app/themes/coolwhip-child/assets/fonts/	17 KB 17 KB	885ms 331ms	Font font/woff2	2620:12a:8001::4 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.safewise.com/app/themes/coolwhip-child/assets/fonts/nunito-sans-v12-latin-800.woff2 Requested by Host: safeit.hopto.org URL: https://safeit.hopto.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:12a:8001::4 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3 Request headers Referer https://safeit.hopto.org/ Origin https://safeit.hopto.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers expires Wed, 31 Jan 2024 22:20:33 GMT date Wed, 08 Feb 2023 08:38:28 GMT via 1.1 varnish, 1.1 varnish x-pantheon-styx-hostname styx-fe4-a-6bd6bdf4c9-knk7x age 728274 x-cache HIT, HIT content-length 17324 x-served-by cache-chi-kigq8000041-CHI, cache-maa10229-MAA last-modified Mon, 30 Jan 2023 22:19:59 GMT server nginx x-timer S1675845508.016316,VS0,VE1 etag "63d8428f-43ac" content-type font/woff2 access-control-allow-origin * x-styx-req-id 504ac489-a0ec-11ed-b1d3-8a075554db51 cache-control max-age=31622400 accept-ranges bytes x-cache-hits 49, 1
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	47 B 181 B	319ms 94ms	Script text/html	54.39.128.117 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4711512&@f16&@g1&@h1&@i1&@j1675845507355&@k0&@l1&@mSafeWise%20%7C%20Your%20Guide%20to%20Home%20Security%20and%20Safety&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-89883156&@b3:1675845507&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fsafeit.hopto.org%2F&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ns561935.ip-54-39-128.net Software / Resource Hash a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2 Request headers accept-language de-DE,de;q=0.9 Referer https://safeit.hopto.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Wed, 08 Feb 2023 08:38:27 GMT Connection close Content-Length 47 Content-Type text/html;charset=UTF-8

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| setInnerHTML function| inject object| _Hasync function| checkReferrer string| fullpart object| request string| url string| data object| atOptions function| chfh function| chfh2 string| _HST_cntval object| Histats

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			safeit.hopto.org/	1970-01-20 18:16:21	Name: HstCfa4711512 Value: 1675845507355
			safeit.hopto.org/	1970-01-20 18:16:21	Name: HstCla4711512 Value: 1675845507355
			safeit.hopto.org/	1970-01-20 18:16:21	Name: HstCmu4711512 Value: 1675845507355
			safeit.hopto.org/	1970-01-20 18:16:21	Name: HstPn4711512 Value: 1
			safeit.hopto.org/	1970-01-20 18:16:21	Name: HstPt4711512 Value: 1
			safeit.hopto.org/	1970-01-20 18:16:21	Name: HstCnv4711512 Value: 1
			safeit.hopto.org/	1970-01-20 18:16:21	Name: HstCns4711512 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://drawingwheels.com/c041da09be015e7455396bc0a0a258f0/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud.nextagc.com
dash.nextagc.com
drawingwheels.com
s10.histats.com
s4.histats.com
safeit.hopto.org
www.safewise.com
192.243.59.13
2620:12a:8001::4
2a06:98c1:3120::c
2a06:98c1:3121::c
46.105.201.240
5.9.69.189
54.39.128.117
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3aa3a4de78581b6c45bc3987c20150071a4e6fff637cffe2a91b2ba5b98ee80c
3cef54b5337b4366fa0822d417d02e48131defa929b9c4a0c4a9634b3a43e508
59718bc22e77e9839c88d2248cb65ecb7ba3de5acea1cf518e9b556c7ec6b143
5d33fd369bfef1ec1f1715bac5ac546756a4624273f5afded3c3f51471471974
606dee1f9b48c699622329e412212e07bfaeaea02a1267613b6e75ca3f76ae0c
6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3
7b3236aee4ff41148cfd38bad30cbf2112e2a5b2a932c628cfde72d5203189e8
98dcefd21c890edfa7bb852fd59dec09df87a0f4246128de4f3b84c750d2f438
9957bcaf58f7d3302ee633c6e3a2757e8a7bbd3cb0d79ced8d5655dd84dbcc38
a19023ece3486d3a0ff2a8446c50689bb7d5359d6719c2fb927e1aee311ff0fe
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e948a10e6104744a8a276e11f8bf69c8bd3d67bb5099a759461ad23756030a51
e967758f29a0151f88649ad675b2d9b80d8fcd39d6af96bd125738e359082b62
ed1d1cad2dde3640af278a4d784c605c6ba81e4cc86061e766f175a4ab788eb6