urlscan.io logo urlscan.io
SecurityTrails logo

branding.safe4work.org Open in urlscan Pro
173.249.41.48  Public Scan

Go To Rescan Add Verdict Report
URL: https://branding.safe4work.org/
Submission: On February 03 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 6 countries across 14 domains to perform 27 HTTP transactions. The main IP is 173.249.41.48, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is branding.safe4work.org.
TLS certificate: Issued by R3 on February 3rd 2021. Valid for: 3 months.
This is the only time branding.safe4work.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 173.249.41.48 51167 (CONTABO)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 192.243.59.12 39572 (ADVANCEDH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.111.232.197 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3 2.16.107.33 20940 (AKAMAI-ASN1)
1 143.204.93.83 16509 (AMAZON-02)
1 151.101.114.38 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 47.246.43.208 24429 (TAOBAO Zh...)
1 2.16.107.75 20940 (AKAMAI-ASN1)
1 46.105.201.240 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 192.99.8.28 16276 (OVH)
27 15
9    173.249.41.48 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi319973.contaboserver.net
branding.safe4work.org
2    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
sorryfearknockout.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.111.232.197 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-232-197.deploy.static.akamaitechnologies.com
asia.playstation.com
1    2606:4700:10::ac43:bfe (United States)

ASN13335 (CLOUDFLARENET, US)
img-z.okeinfo.net
3    2.16.107.33 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-33.deploy.static.akamaitechnologies.com
cdn0-production-images-kly.akamaized.net
cdn1-production-images-kly.akamaized.net
1    143.204.93.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-83.fra50.r.cloudfront.net
asset-a.grid.id
1    151.101.114.38 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
media-cdn.tripadvisor.com
1    2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    47.246.43.208 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
media.suara.com
1    2.16.107.75 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-75.deploy.static.akamaitechnologies.com
cdns.klimg.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
2    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    192.99.8.28 (Richmond Hill, Canada)

ASN16276 (OVH, FR)
PTR: ns523448.ip-192-99-8.net
s4.histats.com
Domain Requested by
9 branding.safe4work.org branding.safe4work.org
2 www.youtube.com branding.safe4work.org
www.youtube.com
2 cdn0-production-images-kly.akamaized.net 1 redirects branding.safe4work.org
2 fonts.gstatic.com branding.safe4work.org
2 maxcdn.bootstrapcdn.com branding.safe4work.org
maxcdn.bootstrapcdn.com
1 s4.histats.com s10.histats.com
1 s10.histats.com branding.safe4work.org
1 cdns.klimg.com branding.safe4work.org
1 media.suara.com branding.safe4work.org
1 cdn1-production-images-kly.akamaized.net branding.safe4work.org
1 i.ytimg.com branding.safe4work.org
1 media-cdn.tripadvisor.com branding.safe4work.org
1 asset-a.grid.id branding.safe4work.org
1 img-z.okeinfo.net branding.safe4work.org
1 asia.playstation.com branding.safe4work.org
1 sorryfearknockout.com branding.safe4work.org
27 16

This site contains links to these domains. Also see Links.

Domain
safe4work.org
Subject Issuer Validity Valid
branding.safe4work.org
R3		 2021-02-03 -
2021-05-04		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
sorryfearknockout.com
R3		 2021-01-26 -
2021-04-26		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
asia.playstation.com
R3		 2020-12-22 -
2021-03-22		 3 months crt.sh
*.okeinfo.net
Sectigo RSA Domain Validation Secure Server CA		 2020-05-20 -
2022-05-20		 2 years crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
*.grid.id
Sectigo RSA Domain Validation Secure Server CA		 2020-12-31 -
2021-12-31		 a year crt.sh
media.tacdn.com
DigiCert SHA2 Secure Server CA		 2020-03-23 -
2021-04-19		 a year crt.sh
edgestatic.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.suara.com
Go Daddy Secure Certificate Authority - G2		 2020-11-19 -
2021-11-22		 a year crt.sh
cdns.klimg.com
R3		 2020-12-31 -
2021-03-31		 3 months crt.sh
histats.com
R3		 2020-12-03 -
2021-03-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://branding.safe4work.org/
Frame ID: 2A6FF17435D04FA99237EC120F096409
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Unix/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

27
Requests

100 %
HTTPS

33 %
IPv6

14
Domains

16
Subdomains

15
IPs

6
Countries

3799 kB
Transfer

3888 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://cdn0-production-images-kly.akamaized.net/oFnYpwMkML-kUodh5q6LZIj1iV8=/640x480/smart/filters:quality(75):strip_icc():format(jpeg)/kly-media-production/medias/1422723/original/069815400_1480577979-Keisha_Alvaro_Putra_Sigit_syuting_sinetron_antv_Tuyu HTTP 302
  • https://cdn0-production-images-kly.akamaized.net/thumbor-fallback-image.gif

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
branding.safe4work.org/ 		54 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://branding.safe4work.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.41.48 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi319973.contaboserver.net
Software
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips / PHP/7.4.11
Resource Hash
41d44a8c75eb3dfc35cd593b6d7e417837334ea00fe587b7bcaf38826d76aac2

Request headers

Host
branding.safe4work.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 10:30:51 GMT
Server
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By
PHP/7.4.11
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 10:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
invoke.js
sorryfearknockout.com/e107438a51198f891422f87ba86f97df/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://sorryfearknockout.com/e107438a51198f891422f87ba86f97df/invoke.js
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 03 Feb 2021 10:30:56 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
1YwB1sO8YE1Lyjf12WNiUA.woff2
fonts.gstatic.com/s/lato/v13/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v13/1YwB1sO8YE1Lyjf12WNiUA.woff2
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9687ee5934e8a8b125cd0e3f7e21b9eea12c5eba602dfb12941aeafaad44fbe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://branding.safe4work.org
Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 05:55:01 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Feb 2017 19:14:22 GMT
server
sffe
age
102955
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23216
x-xss-protection
0
expires
Wed, 02 Feb 2022 05:55:01 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://branding.safe4work.org
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 10:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
default-silegan-210x140.jpg
branding.safe4work.org/wp-content/uploads/thon/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://branding.safe4work.org/wp-content/uploads/thon/default-silegan-210x140.jpg
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.41.48 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi319973.contaboserver.net
Software
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
94d4036eed1be089b40afbc88a6f0d022224a23f8f10d96dcb8a21f271a708ec

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 10:30:56 GMT
Last-Modified
Thu, 03 Dec 2020 15:57:23 GMT
Server
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
ETag
"915-5b5916a6921bc"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2325
slimsea.png
asia.playstation.com/content/dam/pscom/sea/press-releases/2019/fifa20bundles/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asia.playstation.com/content/dam/pscom/sea/press-releases/2019/fifa20bundles/slimsea.png
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.232.197 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-232-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d359f3aa32f8fcc68d5e5d9c41fa986f418496fba38c9c85ba216eeff67a3957
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 10:30:56 GMT
Last-Modified
Tue, 24 Nov 2020 15:33:49 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
ETag
"2871e0-5b4dc09846fa8"
Strict-Transport-Security
max-age=31536000 ; includeSubDomains ; preload
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2650592
4x7r8fk8jmsv4485g7g9_16384.jpg
img-z.okeinfo.net/okz/500/library/images/2020/11/11/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-z.okeinfo.net/okz/500/library/images/2020/11/11/4x7r8fk8jmsv4485g7g9_16384.jpg
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4be4a5669a2361641df16fe130a8d634c61ac98c974575adda78ea1a13b265a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 10:30:57 GMT
cf-cache-status
MISS
last-modified
Wed, 11 Nov 2020 08:20:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
strict-transport-security
max-age=31536000
accept-ranges
bytes
cf-ray
61bb7abaebb305d0-FRA
content-length
38777
cf-request-id
08090b08cf000005d0f180f000000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
thumbor-fallback-image.gif
cdn0-production-images-kly.akamaized.net/
Redirect Chain
  • https://cdn0-production-images-kly.akamaized.net/oFnYpwMkML-kUodh5q6LZIj1iV8=/640x480/smart/filters:quality(75):strip_icc():format(jpeg)/kly-media-production/medias/1422723/original/069815400_14805...
  • https://cdn0-production-images-kly.akamaized.net/thumbor-fallback-image.gif
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn0-production-images-kly.akamaized.net/thumbor-fallback-image.gif
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.107.33 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-33.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
48e42b3252326287c3fc3ca75ccb39f7ed1b3bd9982b83c32e6e16fb9ded2a83

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache
MISS
date
Wed, 03 Feb 2021 10:30:56 GMT
last-modified
Wed, 24 Oct 2018 03:50:10 GMT
x-ttl
300.000
x-amz-cf-pop
FRA53-C1
x-hail-hydra
Join the Darkside, we have cookies. Visit us at http://www.kmklabs.com/careers
x-varnish
12798427
server-node
ip-10-10-94-220
accept-ranges
bytes
content-type
image/gif
content-length
1102
x-amz-cf-id
RJZAYEQMjtxzRG3woEid06WVv1xFyAEyzLLq8PyrFVp6SfRoFy5tSQ==
server
nginx

Redirect headers

location
https://cdn0-production-images-kly.akamaized.net/thumbor-fallback-image.gif
date
Wed, 03 Feb 2021 10:30:56 GMT
server
AkamaiGHost
content-length
0
518870187.png
asset-a.grid.id/crop/0x0:0x0/700x0/photo/2019/07/18/ 		372 KB
373 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/700x0/photo/2019/07/18/518870187.png
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.93.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-93-83.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
f7bcbf52ede50cbf6cdd39565faf06669d3acc78213b9d2b5413d4b2f01db83f

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 10:30:58 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"d8cff58b8b9cde1a4cb2f3db40e96236684187a5"
x-cache-status
MISS
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
380632
x-amz-cf-id
ffKi3LYXolRnKvnbtZ9fuWfxJxbCF2sqt-ySd46_JCNGCMgPamGQXQ==
expires
Thu, 03 Feb 2022 10:30:58 GMT
escape-leicester-logo.jpg
media-cdn.tripadvisor.com/media/photo-s/12/86/0b/38/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.tripadvisor.com/media/photo-s/12/86/0b/38/escape-leicester-logo.jpg
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.38 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
54b0372afb19782932af4f60cc07c8e3a2b2a80835d6b1420960112ce17821a3

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 10:30:56 GMT
via
1.1 varnish, 1.1 varnish
etag
"4590ae93f6e226d579fa5c728d6a4c01"
x-media-cdn
148522084
age
629113
x-cache
HIT, HIT
content-length
74958
x-served-by
cache-bwi5135-BWI, cache-hhn4025-HHN
timing-allow-origin
https://www.tripadvisor.com
last-modified
Tue, 03 Apr 2018 12:10:28 GMT
x-timer
S1612348257.535426,VS0,VE1
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
x-cache-hits
1, 1
maxresdefault.jpg
i.ytimg.com/vi/RRuUTgrw9n0/ 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/RRuUTgrw9n0/maxresdefault.jpg
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1ea1d5a0149b7df0ffe6ad9ad4ec47af98d1b704079a6e2f88bafca8243576
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 10:30:56 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"1596497647"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164019
x-xss-protection
0
expires
Wed, 03 Feb 2021 12:30:56 GMT
050600400_1596436065-200803_MANCHESTER_CITY_FC_VS_REAL_MADRID_HS3.jpg
cdn1-production-images-kly.akamaized.net/sQWo9Xi3lEA9bpE3z2RRg_YnNh0=/640x360/smart/filters:quality(75):strip_icc():format(jpeg)/kly-media-production/medias/3197276/original/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1-production-images-kly.akamaized.net/sQWo9Xi3lEA9bpE3z2RRg_YnNh0=/640x360/smart/filters:quality(75):strip_icc():format(jpeg)/kly-media-production/medias/3197276/original/050600400_1596436065-200803_MANCHESTER_CITY_FC_VS_REAL_MADRID_HS3.jpg
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.107.33 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-33.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
839b50081ddf754e24d28177b9a7ea2f695389ef039e2651e1500f0e131d045b

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache
MISS
date
Wed, 03 Feb 2021 10:30:56 GMT
x-ttl
300.000
x-amz-cf-pop
FRA56-C1
etag
"5b92a4bd9e95514e2b507bc7184167515ca9d6a7"
x-varnish
23226273
server-node
ip-10-10-250-34
cache-control
public, max-age=29233498
accept-ranges
bytes
content-type
image/jpeg
content-length
43577
x-amz-cf-id
YIfqB7ASsA6lHE_N3G-dZ-nIqYt7hsvhoMFdsMvOAxxdfR82IrufmA==
server
nginx
expires
Fri, 07 Jan 2022 18:55:54 GMT
92607-prilly-latuconsina.jpg
media.suara.com/pictures/653x366/2019/08/04/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.suara.com/pictures/653x366/2019/08/04/92607-prilly-latuconsina.jpg
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.208 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
90833b187ac3f3b531862c691f12db7cc690c11b458eaaf7f9390752f8dc8ff7

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 01 May 2020 15:53:04 GMT
via
cache10.l2ot7-1[0,200-0,H], cache38.l2ot7-1[1,0], cache10.de2[0,200-0,H], cache10.de2[32,0]
age
23999872
x-cache
HIT TCP_HIT dirn:10:248123808
x-swift-cachetime
93312000
x-swift-savetime
Tue, 02 Feb 2021 01:47:16 GMT
x-amz-request-id
E47ACEBFE240BDD6
x-amz-id-2
to4WnuHCQ2V1YefdYlK3nJP6SHPtpuyDuiQCl8sTRRYod6awE6zNEsF58u5i3r7E9gV2x9GD2fc=
accept-ranges
bytes
last-modified
Fri, 13 Dec 2019 08:19:50 GMT
server
Tengine
etag
"28fd70bfa4450925b235a26509f29fa4"
ali-swift-global-savetime
1588348383
content-type
image/jpeg
content-length
39756
timing-allow-origin
*
eagleid
2ff62b9e16123482565213349e
rumah_prilly-20200610-001-non_fotografer_kly.jpg
cdns.klimg.com/kapanlagi.com/g/1/8/18_detail_rumah_puluhan_miliar_prilly_latuconsina_punya_home_theatre__closet_super_besar/p/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdns.klimg.com/kapanlagi.com/g/1/8/18_detail_rumah_puluhan_miliar_prilly_latuconsina_punya_home_theatre__closet_super_besar/p/rumah_prilly-20200610-001-non_fotografer_kly.jpg
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
jquery.js
branding.safe4work.org/wp-includes/js/jquery/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://branding.safe4work.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.41.48 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi319973.contaboserver.net
Software
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 10:30:56 GMT
Last-Modified
Thu, 03 Dec 2020 07:46:27 GMT
Server
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
ETag
"17a6a-5b58a8eb098f9"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
96874
jquery-migrate.min.js
branding.safe4work.org/wp-includes/js/jquery/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://branding.safe4work.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.41.48 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi319973.contaboserver.net
Software
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 10:30:56 GMT
Last-Modified
Fri, 20 May 2016 06:11:28 GMT
Server
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
ETag
"2748-5333ff613c400"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10056
image.js
branding.safe4work.org/wp-content/plugins/featured-image-from-url/includes/html/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://branding.safe4work.org/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=3.4.4
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.41.48 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi319973.contaboserver.net
Software
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
caacfc6a3602fe9a189a4bd15792c4bed2fce634c04716f515e6c07cda07315a

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 10:30:56 GMT
Last-Modified
Thu, 03 Dec 2020 07:46:17 GMT
Server
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
ETag
"8df-5b58a8e14f54a"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2271
jquery.min.js
branding.safe4work.org/wp-content/themes/silegan-wordpress-theme/assets/js/ 		82 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://branding.safe4work.org/wp-content/themes/silegan-wordpress-theme/assets/js/jquery.min.js
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.41.48 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi319973.contaboserver.net
Software
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
de3d0ff2de0c1096f27b3582d67a951d95ffbb9f99a37f15ffa4b39a33e9292e

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 10:30:56 GMT
Last-Modified
Thu, 03 Dec 2020 07:46:19 GMT
Server
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
ETag
"14860-5b58a8e3058ff"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
84064
html5lightbox.js
branding.safe4work.org/wp-content/themes/silegan-wordpress-theme/assets/js/ 		70 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://branding.safe4work.org/wp-content/themes/silegan-wordpress-theme/assets/js/html5lightbox.js
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.41.48 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi319973.contaboserver.net
Software
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
21a132605fcb063a5383c7e0de40f0301d85d4470967b5dc1ddf686793e3564f

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 10:30:56 GMT
Last-Modified
Thu, 03 Dec 2020 07:46:19 GMT
Server
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
ETag
"119c5-5b58a8e305517"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
72133
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 10:22:56 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
828309672
sWn97sjs9uU0xeuHDScCTA.woff2
fonts.gstatic.com/s/tauri/v4/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tauri/v4/sWn97sjs9uU0xeuHDScCTA.woff2
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59e8ef03bf8c9de0789a33dfff3f0bdbe21f5b473f84a485808c1d4d601a37b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://branding.safe4work.org
Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 09:20:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Aug 2014 14:40:50 GMT
server
sffe
age
522615
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14904
x-xss-protection
0
expires
Fri, 28 Jan 2022 09:20:41 GMT
froogaloop2.min.js
branding.safe4work.org/wp-content/themes/silegan-wordpress-theme/assets/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://branding.safe4work.org/wp-content/themes/silegan-wordpress-theme/assets/js/froogaloop2.min.js
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/wp-content/themes/silegan-wordpress-theme/assets/js/html5lightbox.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.41.48 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi319973.contaboserver.net
Software
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips / PHP/7.4.11
Resource Hash

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 10:30:56 GMT
Server
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By
PHP/7.4.11
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Expires
Wed, 11 Jan 1984 05:00:00 GMT
iframe_api
www.youtube.com/ 		810 B
816 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/wp-content/themes/silegan-wordpress-theme/assets/js/html5lightbox.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c7bcea9cfec0442ddf4d47a593610c9036fa6619a89ff8450b258f000b8faac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 10:30:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 03 Feb 2021 10:30:56 GMT
fontello.css
branding.safe4work.org/wp-content/themes/silegan-wordpress-theme/assets/js/icons/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://branding.safe4work.org/wp-content/themes/silegan-wordpress-theme/assets/js/icons/css/fontello.css
Requested by
Host: branding.safe4work.org
URL: https://branding.safe4work.org/wp-content/themes/silegan-wordpress-theme/assets/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.41.48 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi319973.contaboserver.net
Software
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips / PHP/7.4.11
Resource Hash

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 10:30:56 GMT
Server
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By
PHP/7.4.11
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=95
Expires
Wed, 11 Jan 1984 05:00:00 GMT
0.php
s4.histats.com/stats/ 		60 B
331 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4311268&@f16&@g1&@h1&@i1&@j1612348256728&@k0&@l1&@mMy%20Blog%20%E2%80%93%20My%20Blog&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:181708152&@b3:1612348257&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fbranding.safe4work.org%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.28 Richmond Hill, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns523448.ip-192-99-8.net
Software
/
Resource Hash
323f224ad6e5e5771599fe044736cdf40bf10b691afc085b768b015c4a3276dc

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 10:30:57 GMT
Connection
close
Content-Length
60
Content-Type
text/html;charset=UTF-8
www-widgetapi.js
www.youtube.com/s/player/4bc55fd6/www-widgetapi.vflset/ 		104 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4bc55fd6/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c182388b82283ea38984d0960bc82d8115834d52c614a74023daccf7a86a7bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://branding.safe4work.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 16:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Feb 2021 01:19:29 GMT
server
sffe
age
63896
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38225
x-xss-protection
0
expires
Wed, 02 Feb 2022 16:46:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _Hasync function| $ function| jQuery object| fifuImageVars function| disableClick function| disableLink function| fifu_fix_gallery_height object| jQuery1124022103828991318042 function| loadHtml5LightBox object| html5Lightbox function| chfh function| chfh2 string| _HST_cntval object| Histats string| scriptUrl object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| _HistatsCounterGraphics_0_setValues

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://branding.safe4work.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asia.playstation.com
asset-a.grid.id
branding.safe4work.org
cdn0-production-images-kly.akamaized.net
cdn1-production-images-kly.akamaized.net
cdns.klimg.com
fonts.gstatic.com
i.ytimg.com
img-z.okeinfo.net
maxcdn.bootstrapcdn.com
media-cdn.tripadvisor.com
media.suara.com
s10.histats.com
s4.histats.com
sorryfearknockout.com
www.youtube.com
104.111.232.197
143.204.93.83
151.101.114.38
173.249.41.48
192.243.59.12
192.99.8.28
2.16.107.33
2.16.107.75
2001:4de0:ac19::1:b:2a
2606:4700:10::ac43:bfe
2a00:1450:4001:809::2016
2a00:1450:4001:817::200e
2a00:1450:4001:829::2003
46.105.201.240
47.246.43.208
1b1ea1d5a0149b7df0ffe6ad9ad4ec47af98d1b704079a6e2f88bafca8243576
21a132605fcb063a5383c7e0de40f0301d85d4470967b5dc1ddf686793e3564f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c7bcea9cfec0442ddf4d47a593610c9036fa6619a89ff8450b258f000b8faac
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
323f224ad6e5e5771599fe044736cdf40bf10b691afc085b768b015c4a3276dc
41d44a8c75eb3dfc35cd593b6d7e417837334ea00fe587b7bcaf38826d76aac2
48e42b3252326287c3fc3ca75ccb39f7ed1b3bd9982b83c32e6e16fb9ded2a83
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4be4a5669a2361641df16fe130a8d634c61ac98c974575adda78ea1a13b265a7
54b0372afb19782932af4f60cc07c8e3a2b2a80835d6b1420960112ce17821a3
59e8ef03bf8c9de0789a33dfff3f0bdbe21f5b473f84a485808c1d4d601a37b8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
839b50081ddf754e24d28177b9a7ea2f695389ef039e2651e1500f0e131d045b
90833b187ac3f3b531862c691f12db7cc690c11b458eaaf7f9390752f8dc8ff7
94d4036eed1be089b40afbc88a6f0d022224a23f8f10d96dcb8a21f271a708ec
9687ee5934e8a8b125cd0e3f7e21b9eea12c5eba602dfb12941aeafaad44fbe3
c182388b82283ea38984d0960bc82d8115834d52c614a74023daccf7a86a7bc2
caacfc6a3602fe9a189a4bd15792c4bed2fce634c04716f515e6c07cda07315a
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d359f3aa32f8fcc68d5e5d9c41fa986f418496fba38c9c85ba216eeff67a3957
de3d0ff2de0c1096f27b3582d67a951d95ffbb9f99a37f15ffa4b39a33e9292e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7bcbf52ede50cbf6cdd39565faf06669d3acc78213b9d2b5413d4b2f01db83f