urlscan.io logo urlscan.io
SecurityTrails logo

safebookpr.cf Open in urlscan Pro
2606:4700:3035::681c:121e  Public Scan

Go To Rescan Add Verdict Report
URL: https://safebookpr.cf/
Submission: On July 18 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 12 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3035::681c:121e, located in United States and belongs to CLOUDFLARENET, US. The main domain is safebookpr.cf.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2020. Valid for: a year.
This is the only time safebookpr.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2606:4700:3035::681c:121e (United States)

ASN13335 (CLOUDFLARENET, US)
safebookpr.cf
1    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
stackpath.bootstrapcdn.com
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh6.googleusercontent.com
1    13.224.194.79 (Seattle, United States)

ASN16509 (AMAZON-02, US)
pad.mymovies.it
2    2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a04:4e42:1b::272 (Ascension Island)

ASN54113 (FASTLY, US)
images-na.ssl-images-amazon.com
1    92.43.246.246 (Italy)

ASN44513 (OPTIMA, IT)
www.optimagazine.com
1    2a02:26f0:6c00:196::1931 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
i.pinimg.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
1    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3.bp.blogspot.com

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-18 -
2021-07-18		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2020-01-15 -
2022-03-16		 2 years crt.sh
*.googleusercontent.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
pad.mymovies.it
Amazon		 2020-07-17 -
2021-08-17		 a year crt.sh
edgestatic.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2019-10-02 -
2020-10-02		 a year crt.sh
www.optimagazine.com
GlobalSign Organization Validation CA - SHA256 - G2		 2019-01-24 -
2021-01-24		 2 years crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2020-07-16 -
2021-08-04		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://safebookpr.cf/
Frame ID: 05E97CD50E7B9274FD705A2329778746
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

15
Requests

100 %
HTTPS

75 %
IPv6

12
Domains

12
Subdomains

12
IPs

5
Countries

283 kB
Transfer

417 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
safebookpr.cf/ 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safebookpr.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681c:121e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306bd93a03521401f5c044c93488bd0ece8692f38c2c5304c99f45d804991d36

Request headers

:method
GET
:authority
safebookpr.cf
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sat, 18 Jul 2020 13:37:05 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d7a5957f176887129a620d67f50fe254f1595079425; expires=Mon, 17-Aug-20 13:37:05 GMT; path=/; domain=.safebookpr.cf; HttpOnly; SameSite=Lax
expires
Tue, 28 Jul 2020 13:37:04 GMT
cache-control
max-age=864000
cf-cache-status
MISS
cf-request-id
0403bd942c0000dfc31d0b2200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5b4c9866a967dfc3-FRA
content-encoding
br
style.css
safebookpr.cf/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safebookpr.cf/style.css
Requested by
Host: safebookpr.cf
URL: https://safebookpr.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681c:121e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
effd633a9bcd59005b0a3b4786f0939fac7717082aef27c65ad46402e08c536a

Request headers

Referer
https://safebookpr.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:37:05 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
status
200
cache-control
max-age=864000
cf-ray
5b4c98689e12dfc3-FRA
cf-request-id
0403bd955f0000dfc31d0d2200000001
expires
Tue, 28 Jul 2020 13:37:04 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: safebookpr.cf
URL: https://safebookpr.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://safebookpr.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
jquery-1.12.4
code.jquery.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.4
Requested by
Host: safebookpr.cf
URL: https://safebookpr.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://safebookpr.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
jquery.min.js
safebookpr.cf/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safebookpr.cf/js/jquery.min.js
Requested by
Host: safebookpr.cf
URL: https://safebookpr.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681c:121e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef7aeffbbcf9ceb7a1f1cc65fb49c8d3835a510a4954bdc32a3e7c8482085906

Request headers

Referer
https://safebookpr.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jul 2020 13:37:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 18 Jul 2020 13:37:04GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=864000
cf-ray
5b4c98689e14dfc3-FRA
cf-request-id
0403bd955f0000dfc31d0d3200000001
expires
Tue, 28 Jul 2020 13:37:04 GMT
G552PV1.gif
i.imgur.com/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/G552PV1.gif
Requested by
Host: safebookpr.cf
URL: https://safebookpr.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
88d99dfa644c8b1739d293400b58dcd2bd155b0fcd3fc3dea13a9f49f09994c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://safebookpr.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:37:05 GMT
x-content-type-options
nosniff
age
3222673
x-cache
HIT, HIT
status
200
content-length
16770
x-served-by
cache-bwi5122-BWI, cache-hhn4083-HHN
last-modified
Wed, 31 Oct 2018 22:51:12 GMT
server
cat factory 1.0
x-timer
S1595079426.528837,VS0,VE1
etag
"a3e34b4775ae5409b5b84ff56f7676c0"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
TQ9_UDhuWgEPufHs03AqHm5xSmgyW6-O2bWP7K2RYB-xVsufc2RL3z80WXQn4WDWituMrP5D_O_gbSS7D2hpC_IW266wKZ42VCCjMsr7_u1hKyYorO8VrG4m_rSsLnfXfrAVNEwgRBuOihiWYislTJKR71b5cb_eCAKNDcE1yk3H6fo=w1200-h630-p-k-no-nu
lh6.googleusercontent.com/proxy/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/proxy/TQ9_UDhuWgEPufHs03AqHm5xSmgyW6-O2bWP7K2RYB-xVsufc2RL3z80WXQn4WDWituMrP5D_O_gbSS7D2hpC_IW266wKZ42VCCjMsr7_u1hKyYorO8VrG4m_rSsLnfXfrAVNEwgRBuOihiWYislTJKR71b5cb_eCAKNDcE1yk3H6fo=w1200-h630-p-k-no-nu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
63df3b8eddab024babe29944308bc708dc43a0da22afefe5d0de672bdaffbf59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safebookpr.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:37:05 GMT
x-content-type-options
nosniff
server
fife
status
200
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18052
x-xss-protection
0
expires
Sun, 19 Jul 2020 13:37:05 GMT
73537.jpg
pad.mymovies.it/filmclub/attori/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pad.mymovies.it/filmclub/attori/73537.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aea9eb84cbab8f228e4d6b1013aa111e431fd6e68a1d3a601332dd34e45aa725

Request headers

Referer
https://safebookpr.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:37:06 GMT
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified
Wed, 10 Jan 2018 13:36:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"1dd6ae1839dfcb7effc5bfeeb6c6c1b4"
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
17014
x-amz-cf-id
GBNsrZQ1w4ZccJNUfAO8YQ1YRrRCAUL9j-o8iLkoOs0_WuBzphsISw==
x-amz-meta-s3b-last-modified
20121112T113850Z
hqdefault.jpg
i.ytimg.com/vi/fpWBBdg-x3o/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/fpWBBdg-x3o/hqdefault.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fae0ee6b77e8cc203c9fc1f829c0b1b6a7473709d3a7b2eb9a72cffa1f069347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safebookpr.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:37:05 GMT
x-content-type-options
nosniff
server
sffe
etag
"1438485266"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15582
x-xss-protection
0
expires
Sat, 18 Jul 2020 15:37:05 GMT
hqdefault.jpg
i.ytimg.com/vi/5cC32MYDgyQ/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/5cC32MYDgyQ/hqdefault.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17a1b1effe64f1523a4595a8b40a340c8279b1e507f68122f8845aab1eba31d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safebookpr.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:37:05 GMT
x-content-type-options
nosniff
server
sffe
etag
"1461690600"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12592
x-xss-protection
0
expires
Sat, 18 Jul 2020 15:37:05 GMT
811xW9HnGIL._UX466_.jpg
images-na.ssl-images-amazon.com/images/I/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com/images/I/811xW9HnGIL._UX466_.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
83529596c6ec674cc7bc242f9103fa4a4e0eb75a156c1992847b8996efb5c628

Request headers

Referer
https://safebookpr.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:37:05 GMT
last-modified
Wed, 07 Feb 2018 18:41:34 GMT
age
6
status
200
x-cache
HIT from fastly, MISS from fastly
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 13 Jul 2040 13:36:59 GMT
cache-control
max-age=630720000,public
x-amz-ir-id
a3d4895a-8e17-4e3f-9eab-711f46e1a325
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
content-length
14895
x-served-by
cache-dca17762-DCA, cache-hhn4042-HHN
sottotitoli-per-le-serie-tv.png
www.optimagazine.com/wp-content/uploads/2018/02/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.optimagazine.com/wp-content/uploads/2018/02/sottotitoli-per-le-serie-tv.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.43.246.246 , Italy, ASN44513 (OPTIMA, IT),
Reverse DNS
Software
Apache /
Resource Hash
cac1add252e029d14f6481e1ca4bf2ad9437af8a449f6060c335625b21513a3f

Request headers

Referer
https://safebookpr.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 18 Jul 2020 13:37:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Apr 2020 18:52:53 GMT
Server
Apache
X-Cacheable
YES
Vary
Accept-Encoding,Accept, User-Agent
Content-Type
image/webp
X-UA-Device
pc
Cache-Control
max-age=2592000
X-WebP-Express
Redirected directly to existing webp
Accept-Ranges
bytes
Content-Length
24417
Expires
Mon, 17 Aug 2020 13:37:05 GMT
efb7da621300787ef35c19937241a1ee.jpg
i.pinimg.com/736x/ef/b7/da/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/ef/b7/da/efb7da621300787ef35c19937241a1ee.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:196::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
574e0c37a25e74669737674e49ebc373c97d2000fb3e5c24158cba04a59c5bca

Request headers

Referer
https://safebookpr.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn
akamai
etag
"261d103590407f7b6ce15105ec69398b"
vary
Origin
content-type
image/jpeg
status
200
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
85977
0.jpg
img.youtube.com/vi/MOP8mBJ9z8o/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/MOP8mBJ9z8o/0.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a8df6ca8e3d13c27a2b575a5d69dd8c7a73d1d68c2cc35d1fe923c23450c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safebookpr.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:37:05 GMT
x-content-type-options
nosniff
server
sffe
etag
"0"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23854
x-xss-protection
0
expires
Sat, 18 Jul 2020 15:37:05 GMT
benvenuto-presidente.jpg
3.bp.blogspot.com/-p7AgS9PNWMc/UWH8GByMkoI/AAAAAAAALAw/NjLZr1G9DB0/s200/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-p7AgS9PNWMc/UWH8GByMkoI/AAAAAAAALAw/NjLZr1G9DB0/s200/benvenuto-presidente.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
28926589cdd5413bcfc10d970dac90892828fe53c2594b93f15568f68afd730c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safebookpr.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:37:05 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="benvenuto-presidente.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24692
x-xss-protection
0
server
fife
etag
"v2c0d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 19 Jul 2020 13:37:05 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| q string| t string| s object| c2F string| ref

1 Cookies

Domain/Path Name / Value
.safebookpr.cf/ Name: __cfduid
Value: d7a5957f176887129a620d67f50fe254f1595079425

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
code.jquery.com
i.imgur.com
i.pinimg.com
i.ytimg.com
images-na.ssl-images-amazon.com
img.youtube.com
lh6.googleusercontent.com
pad.mymovies.it
safebookpr.cf
stackpath.bootstrapcdn.com
www.optimagazine.com
13.224.194.79
151.101.112.193
2001:4de0:ac19::1:b:3a
2001:4de0:ac19::1:b:3b
2606:4700:3035::681c:121e
2a00:1450:4001:809::2016
2a00:1450:4001:80b::200e
2a00:1450:4001:81a::2001
2a00:1450:4001:81c::2001
2a02:26f0:6c00:196::1931
2a04:4e42:1b::272
92.43.246.246
17a1b1effe64f1523a4595a8b40a340c8279b1e507f68122f8845aab1eba31d3
28926589cdd5413bcfc10d970dac90892828fe53c2594b93f15568f68afd730c
306bd93a03521401f5c044c93488bd0ece8692f38c2c5304c99f45d804991d36
574e0c37a25e74669737674e49ebc373c97d2000fb3e5c24158cba04a59c5bca
63df3b8eddab024babe29944308bc708dc43a0da22afefe5d0de672bdaffbf59
83529596c6ec674cc7bc242f9103fa4a4e0eb75a156c1992847b8996efb5c628
83a8df6ca8e3d13c27a2b575a5d69dd8c7a73d1d68c2cc35d1fe923c23450c26
88d99dfa644c8b1739d293400b58dcd2bd155b0fcd3fc3dea13a9f49f09994c5
aea9eb84cbab8f228e4d6b1013aa111e431fd6e68a1d3a601332dd34e45aa725
cac1add252e029d14f6481e1ca4bf2ad9437af8a449f6060c335625b21513a3f
ef7aeffbbcf9ceb7a1f1cc65fb49c8d3835a510a4954bdc32a3e7c8482085906
effd633a9bcd59005b0a3b4786f0939fac7717082aef27c65ad46402e08c536a
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fae0ee6b77e8cc203c9fc1f829c0b1b6a7473709d3a7b2eb9a72cffa1f069347