check.donsafe.com Open in urlscan Pro
103.224.22.12 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://check.donsafe.com/
Submission: On October 08 via automatic, source certstream-suspicious (October 8th 2022, 3:45:28 pm UTC) — Scanned from DE

Summary HTTP 21 Redirects Links 4 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 103.224.22.12, located in United Arab Emirates and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is check.donsafe.com.
TLS certificate: Issued by R3 on October 8th 2022. Valid for: 3 months.

This is the only time check.donsafe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
14	103.224.22.12 103.224.22.12		394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY)
3	2a00:1450:400... 2a00:1450:4001:811::200a		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a		15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003		15169 (GOOGLE) (GOOGLE)
21	4

14 103.224.22.12 (United Arab Emirates)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: md-hk-1.webhostbox.net

check.donsafe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	donsafe.com check.donsafe.com	170 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118 ajax.googleapis.com — Cisco Umbrella Rank: 485	35 KB
3	gstatic.com fonts.gstatic.com	95 KB
21	3

	Domain	Requested by
14	check.donsafe.com	check.donsafe.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	check.donsafe.com
1	ajax.googleapis.com	check.donsafe.com
21	4

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
plus.google.com
linkedin.com

Subject Issuer	Validity	Valid
check.donsafe.com R3	`2022-10-08` - `2023-01-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://check.donsafe.com/
Frame ID: 8B5EA5ADD5A18D7FDE58768BFB7C477E
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Turbo Website Reviewer

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

300 kB
Transfer

580 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/

Search URL Search Domain Scan URL

URL: https://plus.google.com/

Search URL Search Domain Scan URL

URL: https://linkedin.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
check.donsafe.com/ 19 KB
6 KB 677ms
240ms Document
text/html 103.224.22.12
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://check.donsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.22.12 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-hk-1.webhostbox.net
Software: Apache / Rainbow Framework
Resource Hash: a9d64c1cb7e14fcb916f6087b4b722d4f83ddbf562b5c5ebdbce7b6d709c066d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 5819
content-type: text/html; charset=UTF-8
date: Sat, 08 Oct 2022 15:45:22 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding,User-Agent
x-powered-by: Rainbow Framework

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 67ms
25ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Requested by

Host: check.donsafe.com
URL: https://check.donsafe.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cba6172988c4f2a636c28d2c46741ebbb03873f482eb038b51ee0c4840c9d13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://check.donsafe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Oct 2022 15:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 08 Oct 2022 14:10:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Oct 2022 15:45:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
592 B 68ms
26ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:400italic

Requested by

Host: check.donsafe.com
URL: https://check.donsafe.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f885663459f4406f792f1fd42fdee1b0a4ad9a953b30b0bf1b3628e012db1a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://check.donsafe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Oct 2022 15:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 08 Oct 2022 15:42:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Oct 2022 15:45:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
622 B 66ms
25ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: check.donsafe.com
URL: https://check.donsafe.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://check.donsafe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Oct 2022 15:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 08 Oct 2022 14:04:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Oct 2022 15:45:22 GMT

GET
H2 200 bootstrap.min.css
check.donsafe.com/theme/default/css/ 134 KB
30 KB 433ms
431ms Stylesheet
text/css 103.224.22.12
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://check.donsafe.com/theme/default/css/bootstrap.min.css
Requested by: Host: check.donsafe.com
URL: https://check.donsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.22.12 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-hk-1.webhostbox.net
Software: Apache /
Resource Hash: 65ea4400435855d24e1d70873b9f5fea98c778ae9b2adadb4da291e4c58802c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://check.donsafe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 15:45:22 GMT
content-encoding: gzip
last-modified: Fri, 10 Feb 2017 17:32:56 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-type: text/css

GET
H2 200 font-awesome.min.css
check.donsafe.com/theme/default/css/ 28 KB
7 KB 220ms
219ms Stylesheet
text/css 103.224.22.12
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://check.donsafe.com/theme/default/css/font-awesome.min.css
Requested by: Host: check.donsafe.com
URL: https://check.donsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.22.12 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-hk-1.webhostbox.net
Software: Apache /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://check.donsafe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 15:45:22 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2016 14:14:28 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 6709

GET
H2 200 custom.css
check.donsafe.com/theme/default/css/ 42 KB
11 KB 222ms
221ms Stylesheet
text/css 103.224.22.12
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://check.donsafe.com/theme/default/css/custom.css
Requested by: Host: check.donsafe.com
URL: https://check.donsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.22.12 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-hk-1.webhostbox.net
Software: Apache /
Resource Hash: 056c87194ed22f2182e99ba8d842bb9ecdb7f365a837ce3b8f44f946214a84d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://check.donsafe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 15:45:22 GMT
content-encoding: gzip
last-modified: Mon, 15 May 2017 23:10:12 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 11122

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 71ms
17ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: check.donsafe.com
URL: https://check.donsafe.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://check.donsafe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 15:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Oct 2023 15:04:00 GMT

GET
H2 404 prothemes.biz
check.donsafe.com/ajax/snap/ 583 B
583 B 1370ms
1369ms Image
text/html 103.224.22.12
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://check.donsafe.com/ajax/snap/prothemes.biz
Requested by: Host: check.donsafe.com
URL: https://check.donsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.22.12 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-hk-1.webhostbox.net
Software: Apache /
Resource Hash: 0b41f69e6564b9c89b1b344744c5b06eb4adc0e584028909286d2b936e1afed5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://check.donsafe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 15:45:23 GMT
content-encoding: gzip
last-modified: Fri, 11 Feb 2022 16:01:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 358

GET
H2 404 facebook.com
check.donsafe.com/ajax/snap/ 583 B
583 B 1169ms
1168ms Image
text/html 103.224.22.12
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://check.donsafe.com/ajax/snap/facebook.com
Requested by: Host: check.donsafe.com
URL: https://check.donsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.22.12 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-hk-1.webhostbox.net
Software: Apache /
Resource Hash: 0b41f69e6564b9c89b1b344744c5b06eb4adc0e584028909286d2b936e1afed5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://check.donsafe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 15:45:23 GMT
content-encoding: gzip
last-modified: Fri, 11 Feb 2022 16:01:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 358

GET
H2 404 google.com
check.donsafe.com/ajax/snap/ 583 B
583 B 1170ms
1169ms Image
text/html 103.224.22.12
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://check.donsafe.com/ajax/snap/google.com
Requested by: Host: check.donsafe.com
URL: https://check.donsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.22.12 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-hk-1.webhostbox.net
Software: Apache /
Resource Hash: 0b41f69e6564b9c89b1b344744c5b06eb4adc0e584028909286d2b936e1afed5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://check.donsafe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 15:45:23 GMT
content-encoding: gzip
last-modified: Fri, 11 Feb 2022 16:01:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 358

GET
H2 200 bootstrap.min.js Show response
check.donsafe.com/theme/default/js/ 36 KB
14 KB 220ms
219ms Script
application/javascript 103.224.22.12
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://check.donsafe.com/theme/default/js/bootstrap.min.js
Requested by: Host: check.donsafe.com
URL: https://check.donsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.22.12 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-hk-1.webhostbox.net
Software: Apache /
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://check.donsafe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 15:45:22 GMT
content-encoding: gzip
last-modified: Tue, 24 Nov 2015 22:04:22 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 14315

GET
H2 200 particleground.min.js Show response
check.donsafe.com/theme/default/js/ 7 KB
3 KB 218ms
218ms Script
application/javascript 103.224.22.12
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://check.donsafe.com/theme/default/js/particleground.min.js
Requested by: Host: check.donsafe.com
URL: https://check.donsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.22.12 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-hk-1.webhostbox.net
Software: Apache /
Resource Hash: 3dededbea19fcdb401a18a974d30852db46f9cffed34aedb5de74cb3b4c746a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://check.donsafe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 15:45:22 GMT
content-encoding: gzip
last-modified: Sat, 14 Mar 2015 07:19:36 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 2763

GET
H2 200 sweetalert.min.js Show response
check.donsafe.com/theme/default/js/ 17 KB
7 KB 1372ms
1370ms Script
application/javascript 103.224.22.12
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://check.donsafe.com/theme/default/js/sweetalert.min.js
Requested by: Host: check.donsafe.com
URL: https://check.donsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.22.12 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-hk-1.webhostbox.net
Software: Apache /
Resource Hash: be4d1215ef6f2b2915b7f65cd28b9a9f7dcef17e1f0d883edd19400ca0ea795c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://check.donsafe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 15:45:23 GMT
content-encoding: gzip
last-modified: Thu, 15 Dec 2016 04:09:02 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 6946

GET
H2 200 app.js Show response
check.donsafe.com/theme/default/js/ 5 KB
2 KB 1372ms
1371ms Script
application/javascript 103.224.22.12
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://check.donsafe.com/theme/default/js/app.js
Requested by: Host: check.donsafe.com
URL: https://check.donsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.22.12 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-hk-1.webhostbox.net
Software: Apache /
Resource Hash: a1a37d8215a4d848ea75bbb669d9ad8d16e12b50b0df9aff0bad70fa54212a26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://check.donsafe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 15:45:23 GMT
content-encoding: gzip
last-modified: Sun, 14 May 2017 23:19:24 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 1541

GET
H2 404 master-js
check.donsafe.com/rainbow/ 0
0 1158ms
1157ms Script
text/html 103.224.22.12
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://check.donsafe.com/rainbow/master-js
Requested by: Host: check.donsafe.com
URL: https://check.donsafe.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.22.12 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-hk-1.webhostbox.net
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://check.donsafe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 15:45:23 GMT
content-encoding: gzip
last-modified: Fri, 11 Feb 2022 16:01:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 358

GET
H2 200 fontawesome-webfont.woff2
check.donsafe.com/theme/default/fonts/ 70 KB
71 KB 1168ms
1167ms Font
font/woff2 103.224.22.12
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://check.donsafe.com/theme/default/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: check.donsafe.com
URL: https://check.donsafe.com/theme/default/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.22.12 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-hk-1.webhostbox.net
Software: Apache /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://check.donsafe.com/theme/default/css/font-awesome.min.css
Origin: https://check.donsafe.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 15:45:23 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2016 14:14:26 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-type: font/woff2

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 57ms
16ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://check.donsafe.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 420888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 18:50:34 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 77ms
37ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://check.donsafe.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 137040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 01:41:22 GMT

GET
H2 200 0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFoq92nA.woff2
fonts.gstatic.com/s/lora/v26/ 20 KB
21 KB 85ms
45ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v26/0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFoq92nA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400italic

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e374dcf269fb2d33b261b4f54c708f34fcd4f06e8fa9bda11462965282ae0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://check.donsafe.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 20:31:18 GMT
x-content-type-options: nosniff
age: 414844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20908
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 20:31:18 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
check.donsafe.com/theme/default/fonts/ 18 KB
18 KB 1154ms
1154ms Font
font/woff2 103.224.22.12
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: https://check.donsafe.com/theme/default/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: check.donsafe.com
URL: https://check.donsafe.com/theme/default/css/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.22.12 , United Arab Emirates, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-hk-1.webhostbox.net
Software: Apache /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://check.donsafe.com/theme/default/css/bootstrap.min.css
Origin: https://check.donsafe.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 15:45:23 GMT
content-encoding: gzip
last-modified: Tue, 24 Nov 2015 21:29:06 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-type: font/woff2

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| jQuery1102020699682385976148 function| particleground function| swal function| sweetAlert string| baseUrl object| badWords string| badStr string| oopsStr string| emptyStr function| containsAny function| fixURL function| getCapKeys function| reloadCap

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			check.donsafe.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3c94f278de3b9487fecbce3118803d36

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://check.donsafe.com/rainbow/master-js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://check.donsafe.com/ajax/snap/facebook.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://check.donsafe.com/ajax/snap/google.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://check.donsafe.com/ajax/snap/prothemes.biz Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
check.donsafe.com
fonts.googleapis.com
fonts.gstatic.com
103.224.22.12
2a00:1450:4001:801::200a
2a00:1450:4001:806::2003
2a00:1450:4001:811::200a
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
056c87194ed22f2182e99ba8d842bb9ecdb7f365a837ce3b8f44f946214a84d5
0b41f69e6564b9c89b1b344744c5b06eb4adc0e584028909286d2b936e1afed5
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
3dededbea19fcdb401a18a974d30852db46f9cffed34aedb5de74cb3b4c746a8
3f885663459f4406f792f1fd42fdee1b0a4ad9a953b30b0bf1b3628e012db1a1
63e374dcf269fb2d33b261b4f54c708f34fcd4f06e8fa9bda11462965282ae0c
65ea4400435855d24e1d70873b9f5fea98c778ae9b2adadb4da291e4c58802c3
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
a1a37d8215a4d848ea75bbb669d9ad8d16e12b50b0df9aff0bad70fa54212a26
a9d64c1cb7e14fcb916f6087b4b722d4f83ddbf562b5c5ebdbce7b6d709c066d
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
be4d1215ef6f2b2915b7f65cd28b9a9f7dcef17e1f0d883edd19400ca0ea795c
cba6172988c4f2a636c28d2c46741ebbb03873f482eb038b51ee0c4840c9d13f
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c