URL: https://safemoviefw.cf/
Submission: On July 22 via automatic, source certstream-suspicious

Summary

This website contacted 12 IPs in 5 countries across 12 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3036::ac43:8642, located in United States and belongs to CLOUDFLARENET, US. The main domain is safemoviefw.cf.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 22nd 2020. Valid for: a year.
This is the only time safemoviefw.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-22 -
2021-07-22
a year crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA
2020-01-15 -
2022-03-16
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2020-07-07 -
2020-09-29
3 months crt.sh
*.google.com
GTS CA 1O1
2020-06-30 -
2020-09-22
3 months crt.sh
testbanklive.com
Go Daddy Secure Certificate Authority - G2
2020-07-21 -
2021-08-20
a year crt.sh
*.slidesharecdn.com
DigiCert SHA2 Secure Server CA
2019-08-14 -
2021-09-20
2 years crt.sh
misc-sni.blogspot.com
GTS CA 1O1
2020-06-30 -
2020-09-22
3 months crt.sh
*.valorebooks.com
Amazon
2020-02-05 -
2021-03-05
a year crt.sh
*.yimg.com
DigiCert SHA2 High Assurance Server CA
2020-07-02 -
2020-09-30
3 months crt.sh
*.mheducation.com
DigiCert SHA2 Secure Server CA
2020-05-12 -
2021-05-17
a year crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2
2019-10-02 -
2020-10-02
a year crt.sh
www.ebay.com
DigiCert SHA2 Secure Server CA
2019-07-17 -
2020-08-18
a year crt.sh

This page contains 2 frames:

Primary Page: https://safemoviefw.cf/
Frame ID: 6FF67A703C11E3F69BA3E08CFE7F891E
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/FaUVwkek8XE?rel=0
Frame ID: 37C575786A9F208C6391BD73D30866F1
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

12
Domains

13
Subdomains

12
IPs

5
Countries

582 kB
Transfer

810 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://youtube.com/embed/FaUVwkek8XE?rel=0 HTTP 301
  • https://www.youtube.com/embed/FaUVwkek8XE?rel=0

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
safemoviefw.cf/
16 KB
5 KB
Document
General
Full URL
https://safemoviefw.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0ce7c1b2ab3cc4a3a1aa45714b2e47ec9380bb54f34065d1a19c449215048d8

Request headers

:method
GET
:authority
safemoviefw.cf
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 22 Jul 2020 17:21:40 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d4429f75ba20c0d0f36fd90b64613c7ca1595438500; expires=Fri, 21-Aug-20 17:21:40 GMT; path=/; domain=.safemoviefw.cf; HttpOnly; SameSite=Lax
expires
Wed, 29 Jul 2020 17:21:40 GMT
cache-control
max-age=691200
cf-cache-status
MISS
cf-request-id
041924a1ed000017825d2f8200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5b6ed6e31f161782-FRA
content-encoding
br
style.css
safemoviefw.cf/
292 KB
78 KB
Stylesheet
General
Full URL
https://safemoviefw.cf/style.css
Requested by
Host: safemoviefw.cf
URL: https://safemoviefw.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2829e8d2c7677d08e1b850da92354bb59a658e246d00a0e2fc8e31abc061ba9e

Request headers

Referer
https://safemoviefw.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 22 Jul 2020 17:21:40 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
status
200
cache-control
max-age=691200
cf-ray
5b6ed6e4baf21782-FRA
cf-request-id
041924a2ef000017825d307200000001
expires
Wed, 29 Jul 2020 17:21:40 GMT
jquery.min.js
safemoviefw.cf/js/
9 KB
3 KB
Script
General
Full URL
https://safemoviefw.cf/js/jquery.min.js
Requested by
Host: safemoviefw.cf
URL: https://safemoviefw.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466d19f974e43cac1a59a058f01e79c41584b39ea0ce85001e7b0baf021bac5c

Request headers

Referer
https://safemoviefw.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Jul 2020 17:21:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 22 Jul 2020 17:21:40GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=691200
cf-ray
5b6ed6e4baf71782-FRA
cf-request-id
041924a2f0000017825d308200000001
expires
Wed, 29 Jul 2020 17:21:40 GMT
W7I1KA1.gif
i.imgur.com/
16 KB
17 KB
Image
General
Full URL
https://i.imgur.com/W7I1KA1.gif
Requested by
Host: safemoviefw.cf
URL: https://safemoviefw.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
88d99dfa644c8b1739d293400b58dcd2bd155b0fcd3fc3dea13a9f49f09994c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://safemoviefw.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 22 Jul 2020 17:21:40 GMT
x-content-type-options
nosniff
age
3540610
x-cache
HIT, HIT
status
200
content-length
16770
x-served-by
cache-bwi5144-BWI, cache-hhn4038-HHN
last-modified
Wed, 31 Oct 2018 22:46:18 GMT
server
cat factory 1.0
x-timer
S1595438501.646197,VS0,VE1
etag
"a3e34b4775ae5409b5b84ff56f7676c0"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
css
fonts.googleapis.com/
437 B
426 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans
Requested by
Host: safemoviefw.cf
URL: https://safemoviefw.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9ab974ecbea86bb7f98910529ee91abbf6a182aa647e04dd7032734955d8303d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://safemoviefw.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 22 Jul 2020 15:58:23 GMT
server
ESF
date
Wed, 22 Jul 2020 17:21:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Jul 2020 17:21:40 GMT
css
fonts.googleapis.com/
2 KB
644 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=EB+Garamond
Requested by
Host: safemoviefw.cf
URL: https://safemoviefw.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
01c6ce297ebc984b7d53f5ebb0a15867a3e82fefd9e9cd75333dba6af3295f86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://safemoviefw.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 22 Jul 2020 17:15:07 GMT
server
ESF
date
Wed, 22 Jul 2020 17:21:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Jul 2020 17:21:40 GMT
FaUVwkek8XE
www.youtube.com/embed/ Frame 37C5
Redirect Chain
  • https://youtube.com/embed/FaUVwkek8XE?rel=0
  • https://www.youtube.com/embed/FaUVwkek8XE?rel=0
0
0
Document
General
Full URL
https://www.youtube.com/embed/FaUVwkek8XE?rel=0
Requested by
Host: safemoviefw.cf
URL: https://safemoviefw.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/FaUVwkek8XE?rel=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://safemoviefw.cf/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://safemoviefw.cf/

Response headers

status
200
content-type
text/html; charset=utf-8
content-length
10638
cache-control
no-cache
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000
date
Wed, 22 Jul 2020 17:21:40 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=uT7mdbZVbfQ; path=/; domain=.youtube.com; secure; expires=Mon, 18-Jan-2021 17:21:40 GMT; httponly; samesite=None YSC=6hDQzzoE6Xw; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Wed, 22-Jul-2020 17:51:40 GMT VISITOR_INFO1_LIVE=uT7mdbZVbfQ; path=/; domain=.youtube.com; secure; expires=Mon, 18-Jan-2021 17:21:40 GMT; httponly; samesite=None
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
301
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
0
location
https://www.youtube.com/embed/FaUVwkek8XE?rel=0
date
Wed, 22 Jul 2020 17:21:40 GMT
content-type
text/html
server
YouTube Frontend Proxy
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rxrpsavw.png
safemoviefw.cf/images/
43 B
125 B
Image
General
Full URL
https://safemoviefw.cf/images/rxrpsavw.png
Requested by
Host: safemoviefw.cf
URL: https://safemoviefw.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://safemoviefw.cf/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 22 Jul 2020 17:21:40 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5b6ed6e59d511782-FRA
content-length
43
cf-request-id
041924a37b000017825d312200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
wdgstegrmdas.png
safemoviefw.cf/images/
43 B
125 B
Image
General
Full URL
https://safemoviefw.cf/images/wdgstegrmdas.png
Requested by
Host: safemoviefw.cf
URL: https://safemoviefw.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://safemoviefw.cf/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 22 Jul 2020 17:21:40 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5b6ed6e59d561782-FRA
content-length
43
cf-request-id
041924a37b000017825d313200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
keubequi.png
safemoviefw.cf/images/
43 B
125 B
Image
General
Full URL
https://safemoviefw.cf/images/keubequi.png
Requested by
Host: safemoviefw.cf
URL: https://safemoviefw.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://safemoviefw.cf/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 22 Jul 2020 17:21:40 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5b6ed6e59d581782-FRA
content-length
43
cf-request-id
041924a37c000017825d314200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
wvrjhwfherp.png
safemoviefw.cf/images/
43 B
201 B
Image
General
Full URL
https://safemoviefw.cf/images/wvrjhwfherp.png
Requested by
Host: safemoviefw.cf
URL: https://safemoviefw.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://safemoviefw.cf/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 22 Jul 2020 17:21:40 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5b6ed6e59d5c1782-FRA
content-length
43
cf-request-id
041924a37c000017825d315200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
business-essentials-canadian-8th-edition-ebert-test-bank.jpg
testbanklive.com/wp-content/uploads/2017/12/
109 KB
108 KB
Image
General
Full URL
https://testbanklive.com/wp-content/uploads/2017/12/business-essentials-canadian-8th-edition-ebert-test-bank.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.12 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
12fd1a57b2276aa23a2aa38c2f8bc7c7099fb0845d31a34ae24750f64a6c54c0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://safemoviefw.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 22 Jul 2020 17:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-sucuri-cache
MISS
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection
1; mode=block
last-modified
Wed, 06 Dec 2017 09:03:26 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1b346-55fa8396ad380-gzip"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
19012
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
essentials-of-investments-10th-edition-bodie-test-bank-3-638.jpg
image.slidesharecdn.com/essentialsofinvestments10theditionbodietestbank-180117042753/95/
68 KB
68 KB
Image
General
Full URL
https://image.slidesharecdn.com/essentialsofinvestments10theditionbodietestbank-180117042753/95/essentials-of-investments-10th-edition-bodie-test-bank-3-638.jpg?cb=1516163309
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.247.224.45 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
242e6d0032443e14d9e699e33795721e10f5176cbcf56419aa45e7e79b98adc4

Request headers

Referer
https://safemoviefw.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
v.pgVqTtQi5HyDFbVEqn1pV9FXYTG6gT
Last-Modified
Wed, 17 Jan 2018 04:27:55 GMT
Server
AmazonS3
x-amz-request-id
4N1S6Q7VBWFN5W1Y
ETag
"10a415a7b2d002ee85cb1cc1f6b7e1a4"
x-amz-id-2
aG3KkYpdbtGkthjk9+ccmCBK2s+rb4W3QqmelOJL4zGnItWRtwKV0D5bEGp34pWk795v4kUp5W0=
Content-Type
image/jpeg
Cache-Control
max-age=604800
Date
Wed, 22 Jul 2020 17:21:41 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
69554
X-CDN
AKAM
Investments,+8th+Edition.jpg
4.bp.blogspot.com/-owUiLAB7gpc/UWvpj8tFtMI/AAAAAAAAABA/9V1w-QPDg7s/s1600/
9 KB
10 KB
Image
General
Full URL
https://4.bp.blogspot.com/-owUiLAB7gpc/UWvpj8tFtMI/AAAAAAAAABA/9V1w-QPDg7s/s1600/Investments,+8th+Edition.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
96f6d1dc14b2c77ed8bb5e609d4adee51235d48a85ecd1f5bfe2d7c2d0ae7db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safemoviefw.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 22 Jul 2020 17:21:41 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="Investments, 8th Edition.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9412
x-xss-protection
0
server
fife
etag
"v11"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 23 Jul 2020 17:21:41 GMT
essentials-of-investments-8th-edition-solutions-manual-2-638.jpg
image.slidesharecdn.com/essentialsofinvestments8theditionsolutionsmanual-180214041320/95/
102 KB
102 KB
Image
General
Full URL
https://image.slidesharecdn.com/essentialsofinvestments8theditionsolutionsmanual-180214041320/95/essentials-of-investments-8th-edition-solutions-manual-2-638.jpg?cb=1518581685
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.247.224.45 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e4826eeb911d141b385fe1392ee4e404d18db3da382884598f57d2ac12f1bd5

Request headers

Referer
https://safemoviefw.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
eWbZ.77G2uN1Bs1ng3ctDkiMQHdCZ8Ue
Last-Modified
Wed, 14 Feb 2018 04:13:22 GMT
Server
AmazonS3
x-amz-request-id
021F2CB36A8AEBDA
ETag
"2a1c1a7b64e348216e752e3b758bf609"
x-amz-id-2
nrjAKimt9+cq4umS3f8uzaZq63MOe5Jcv5Naa+j0sed3QSWPLfomAFudfHgSuQ9v1o9UcKu7tbk=
Content-Type
image/jpeg
Cache-Control
max-age=604800
Date
Wed, 22 Jul 2020 17:21:41 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
104296
X-CDN
AKAM
essentials-of-investments-10th-edition-bodie-test-bank-1-638.jpg
image.slidesharecdn.com/essentialsofinvestments10theditionbodietestbank-180117042753/95/
71 KB
71 KB
Image
General
Full URL
https://image.slidesharecdn.com/essentialsofinvestments10theditionbodietestbank-180117042753/95/essentials-of-investments-10th-edition-bodie-test-bank-1-638.jpg?cb=1516163309
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.247.224.45 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4df2cee8702e45490ffc99ca6b7df14fd9edee78eab49950c9a7cc1c13f83ab7

Request headers

Referer
https://safemoviefw.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
XhYCOfSJgN2.IgqYAQgJ.XUCFg3ysj3a
Last-Modified
Wed, 17 Jan 2018 04:27:55 GMT
Server
AmazonS3
x-amz-request-id
1B0C8D507BE1B329
ETag
"011b1e1f72665e7c789a4410ceb07b8c"
x-amz-id-2
mE6fSgwffK1uBMaDDy78m0cJMJX6QSmW0q1/bSi+Yne2ELSLP2PhN8CZ7hT1ZK0W5Cu0lHJcJ1w=
Content-Type
image/jpeg
Cache-Control
max-age=604800
Date
Wed, 22 Jul 2020 17:21:41 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72505
X-CDN
AKAM
9780072837421.jpg
img.valorebooks.com/FULL/97/9780/978007/
17 KB
17 KB
Image
General
Full URL
https://img.valorebooks.com/FULL/97/9780/978007/9780072837421.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.48 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ac142080fd8588603ab3d2c41d599cf4c85aadcab8274b0aef77427c661518b

Request headers

Referer
https://safemoviefw.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 22 Jul 2020 17:21:42 GMT
Via
1.1 850ccace60916919bf31313cb9176e01.cloudfront.net (CloudFront)
Last-Modified
Thu, 19 Mar 2015 20:40:04 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA53-C1
ETag
"24e7a529d71d3bf85cea96cb614a0912"
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17345
X-Amz-Cf-Id
0-EevzCHdqgC5qJiRjjkYi5WgIBdr6ZuK4mT0V0FYK6LUfgqZ4QJ_g==
9780077835422.jpg
img.valorebooks.com/FULL/97/9780/978007/
22 KB
23 KB
Image
General
Full URL
https://img.valorebooks.com/FULL/97/9780/978007/9780077835422.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.48 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a32d820551fd9482cfa6466c52ecaf16c69982eca04f38eeee0c43bbb8f354c

Request headers

Referer
https://safemoviefw.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 22 Jul 2020 17:21:42 GMT
Via
1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
Last-Modified
Thu, 08 Sep 2016 18:13:05 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA53-C1
ETag
"5cf886438b532ad959982fcbdcf1ec91"
X-Cache
Miss from cloudfront
Content-Type
binary/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22878
X-Amz-Cf-Id
5f7z4RcWw3TUvyw9sXKYVcQ_2rlAJb5AoPTXdENFihahWjwlMJ2ehg==
essentials-of-investments-9th-edition-2012-by-zvi-bodie-alex-kane-and-alan-j-marcus-color-3.gif
sep.yimg.com/ay/yhst-84458782946381/
44 KB
45 KB
Image
General
Full URL
https://sep.yimg.com/ay/yhst-84458782946381/essentials-of-investments-9th-edition-2012-by-zvi-bodie-alex-kane-and-alan-j-marcus-color-3.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
c101ee7ff8207a9732ace6b7fd70f9e81dd68ca8aa71416ea9443423c2946a19
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://safemoviefw.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 22 Jul 2020 17:21:42 GMT
x-amz-meta-created-date
Wed, 16 Dec 2015 08:51:09 GMT
age
0
x-amz-server-side-encryption
AES256
status
200
vary
Origin
x-amz-request-id
2C82BA40EA6332A9
x-amz-id-2
X5oPZjNkdCEnawLuWM5QNDUf1tw1+IP3/YhGea1BtL6EZqavfNrbP+jUcZo4B5OdDYaf5byEfJs=
x-amz-meta-x-ysws-mbst-vtime
1450255869110659
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 May 2018 08:21:20 GMT
server
ATS
etag
"e7b42548ef48dcc174823c9ad2b9ee18"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
public,stale-while-revalidate=30,max-age=31536000
accept-ranges
bytes
content-length
45256
x-amz-meta-x-ysws-access
public
x-amz-meta-mbst-etag
"YM:1:42c79919-4d5a-4e0c-89a1-bdbf31198ef30005270001e96983"
x-content-type-options
nosniff
expires
Thu, 23 May 2019 08:21:19 GMT
1260013928.jpeg
www.mheducation.com/cover-images/Jpeg_250-high/
8 KB
8 KB
Image
General
Full URL
https://www.mheducation.com/cover-images/Jpeg_250-high/1260013928.jpeg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.55.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache /
Resource Hash
a28c217569cd69dba204bd45a09303ddd29a5236a7ea20591475741308383e37
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://safemoviefw.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 22 Jul 2020 17:21:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Jul 2018 06:25:15 GMT
server
Apache
etag
"1a78aa-2055-5b5817cb"
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8277
expires
Fri, 21 Aug 2020 12:53:02 GMT
51B+IZrMtPL._SX398_BO1,204,203,200_.jpg
images-na.ssl-images-amazon.com/images/I/
23 KB
23 KB
Image
General
Full URL
https://images-na.ssl-images-amazon.com/images/I/51B+IZrMtPL._SX398_BO1,204,203,200_.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::272 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b20d9a665ee04aef95eb58c865c31e6a6571f57f866984aec655917fb786e860

Request headers

Referer
https://safemoviefw.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 22 Jul 2020 17:21:41 GMT
last-modified
Thu, 21 Aug 2008 19:45:12 GMT
age
323556
status
200
x-cache
HIT from fastly, HIT from fastly
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 13 Jul 2040 23:29:04 GMT
cache-control
max-age=630720000,public
x-amz-ir-id
2d362f2a-6376-40b7-8686-ae44bde7c8f9
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
content-length
23377
x-served-by
cache-dca17751-DCA, cache-hhn4081-HHN
mr0OASGUDP1wX_HyaV-ZwRw.jpg
thumbs4.ebaystatic.com/d/l225/m/
1 KB
2 KB
Image
General
Full URL
https://thumbs4.ebaystatic.com/d/l225/m/mr0OASGUDP1wX_HyaV-ZwRw.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.223.22.217 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
envoy /
Resource Hash
a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a

Request headers

Referer
https://safemoviefw.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 22 Jul 2020 17:21:41 GMT
last-modified
Wed, 22 Jul 2020 17:21:41 GMT
server
envoy
x-ebay-pop-id
UFES2-DUS-zoe-anycast
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0,no-store,no-cache
x-envoy-upstream-service-time
160
rlogid
t6yhccjd%3C%3Dpie%7Dn%60bnb%2850%3A6476-173778b8dcc-0x132
x-ebay-c-version
1.0.0
content-length
1359
x-ebay-c-extension
responsecode=404,responsemessage=Not Found

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| q string| t string| s object| c2F string| ref

4 Cookies

Domain/Path Name / Value
.youtube.com/ Name: GPS
Value: 1
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: uT7mdbZVbfQ
.youtube.com/ Name: YSC
Value: 6hDQzzoE6Xw
.safemoviefw.cf/ Name: __cfduid
Value: d4429f75ba20c0d0f36fd90b64613c7ca1595438500

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
fonts.googleapis.com
i.imgur.com
image.slidesharecdn.com
images-na.ssl-images-amazon.com
img.valorebooks.com
safemoviefw.cf
sep.yimg.com
testbanklive.com
thumbs4.ebaystatic.com
www.mheducation.com
www.youtube.com
youtube.com
143.204.202.48
151.101.112.193
173.223.22.217
192.124.249.12
2606:4700:3036::ac43:8642
2a00:1288:f03d:1fa::4000
2a00:1450:4001:801::2001
2a00:1450:4001:815::200e
2a00:1450:4001:81e::200a
2a04:4e42:1b::272
34.206.55.153
72.247.224.45
01c6ce297ebc984b7d53f5ebb0a15867a3e82fefd9e9cd75333dba6af3295f86
0e4826eeb911d141b385fe1392ee4e404d18db3da382884598f57d2ac12f1bd5
12fd1a57b2276aa23a2aa38c2f8bc7c7099fb0845d31a34ae24750f64a6c54c0
242e6d0032443e14d9e699e33795721e10f5176cbcf56419aa45e7e79b98adc4
2829e8d2c7677d08e1b850da92354bb59a658e246d00a0e2fc8e31abc061ba9e
466d19f974e43cac1a59a058f01e79c41584b39ea0ce85001e7b0baf021bac5c
4df2cee8702e45490ffc99ca6b7df14fd9edee78eab49950c9a7cc1c13f83ab7
5ac142080fd8588603ab3d2c41d599cf4c85aadcab8274b0aef77427c661518b
88d99dfa644c8b1739d293400b58dcd2bd155b0fcd3fc3dea13a9f49f09994c5
8a32d820551fd9482cfa6466c52ecaf16c69982eca04f38eeee0c43bbb8f354c
96f6d1dc14b2c77ed8bb5e609d4adee51235d48a85ecd1f5bfe2d7c2d0ae7db7
9ab974ecbea86bb7f98910529ee91abbf6a182aa647e04dd7032734955d8303d
a28c217569cd69dba204bd45a09303ddd29a5236a7ea20591475741308383e37
a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a
b0ce7c1b2ab3cc4a3a1aa45714b2e47ec9380bb54f34065d1a19c449215048d8
b20d9a665ee04aef95eb58c865c31e6a6571f57f866984aec655917fb786e860
c101ee7ff8207a9732ace6b7fd70f9e81dd68ca8aa71416ea9443423c2946a19
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda