sa.safefling.com Open in urlscan Pro
2606:4700::6810:1e3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sa.safefling.com/
Effective URL:
https://sa.safefling.com/login/?r=1
Submission: On March 22 via automatic, source certstream-suspicious (March 22nd 2023, 11:41:47 am UTC) — Scanned from DE

Summary HTTP 14 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6810:1e3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sa.safefling.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 22nd 2023. Valid for: a year.

This is the only time sa.safefling.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700::68... 2606:4700::6810:1e3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:20:... 2606:4700:20::681a:23c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.210.101 143.204.210.101	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
14	5

3 2606:4700::6810:1e3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sa.safefling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:23c (United States)

ASN13335 (CLOUDFLARENET, US)

s.wldcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.210.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-210-101.fra53.r.cloudfront.net

js.pusher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	wldcdn.net s.wldcdn.net	267 KB
3	safefling.com 1 redirects sa.safefling.com	4 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 886	6 KB
1	pusher.com js.pusher.com — Cisco Umbrella Rank: 13609	16 KB
14	5

	Domain	Requested by
9	s.wldcdn.net	sa.safefling.com
3	sa.safefling.com	1 redirects static.cloudflareinsights.com
1	www.google-analytics.com	s.wldcdn.net
1	static.cloudflareinsights.com	sa.safefling.com
1	js.pusher.com	sa.safefling.com
14	5

This site contains links to these domains. Also see Links.

Domain
www.safefling.com
www.onlinedatingprotector.com

Subject Issuer	Validity	Valid
sa.safefling.com Cloudflare Inc ECC CA-3	`2023-03-22` - `2024-03-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
js.pusher.com Amazon RSA 2048 M01	`2023-02-22` - `2023-06-11`	4 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sa.safefling.com/login/?r=1
Frame ID: 9E79012542EF35B01A166E3A050CCE45
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SafeFling ZA :: Login

Page URL History Show full URLs

https://sa.safefling.com/ HTTP 302
https://sa.safefling.com/login/?r=1 Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

14
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

312 kB
Transfer

1188 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.safefling.com/za
Title: Home

Search URL Search Domain Scan URL

URL: http://www.onlinedatingprotector.com/
Title: Online Dating Protector

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sa.safefling.com/ HTTP 302
https://sa.safefling.com/login/?r=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sa.safefling.com/login/
Redirect Chain

https://sa.safefling.com/
https://sa.safefling.com/login/?r=1

8 KB
3 KB

157ms
157ms

Document
text/html

2606:4700::6810:1e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sa.safefling.com/login/?r=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d15c7f24a504ff2be051335735b16c65a67e635ecce683a9e6703f999984c621

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7abe2ac3bfa52c6d-FRA
content-encoding: br
content-language: en-GB
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
content-type: text/html;charset=utf-8
date: Wed, 22 Mar 2023 11:41:42 GMT
expires: Wed, 22 Mar 2023 11:41:42 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4FqB6V9Ud6QciOW90u7JLdpEIbHqJftn2gfaU8btlGywPAOobUf4ocPFYPK4Lj60pr9DUwTFsQ%2B%2FFqOAmPMOllTJ63ac2qu9xRsgdoTafcBpyK1w%2BQbOHopU1Tx60Bp%2Fu%2Fkyk6u7pxgQBj%2B1Uc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-octopod: d350e1bec00d28e6, a491d801e5dde0eb
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7abe2ac2de9e2c6d-FRA
content-language: en-GB
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
content-type: text/html;charset=UTF-8
date: Wed, 22 Mar 2023 11:41:42 GMT
location: /login/?r=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UI%2B1LbNTqiqMa7MUwACgZyd60AmqmVUH%2FzJ46I80Ppcl8pWh1FMP2ESCNlkhtjd1aj5T9bAZvK0wifMBgVc5t45wf5dmpLu6fIcgMHo4hqUBDbgG%2FM3GO08enuN%2FIu7MElTH8p0n01nUpQ%2BGNo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cf-q-config;dur=6.0000002122251e-06
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-octopod: 8cffdd0f8bf00121, 5f40a6e4e7fe30d0
x-xss-protection: 1; mode=block

GET
H2 200 core-D2FA6ABBED1C5A45A2947189827115F6.css
s.wldcdn.net/assets/template/premium/styles/sites/60091/ 273 KB
54 KB 247ms
182ms Stylesheet
text/css 2606:4700:20::681a:23c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.wldcdn.net/assets/template/premium/styles/sites/60091/core-D2FA6ABBED1C5A45A2947189827115F6.css

Requested by

Host: sa.safefling.com
URL: https://sa.safefling.com/login/?r=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:23c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71407d7a0033bbdee0694fec376c6e07b35f28c85dca19eadfac31a05a6261ae

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.safefling.com/login/?r=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-octopod: ad3e422a5c72cd73, 615ffe29db897ad6
date: Wed, 22 Mar 2023 11:41:42 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Mar 2023 11:41:42 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=utf-8
x-wld-request-id: 855010ef7656026d2e912b2328155104
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OY2QULUdRVskgrxAmd4XBnHWEV9h3rCx03zlB0%2BY9R4ysjvRCEQ42Qw8v4tm%2FTGndpXnAfZ0fBMx%2BB%2BtSLkiKucq98y8lNh%2B7oHf9tQzZZ0zBPaQQrOl5lY06Z6AaHQ8X2uOIsBvd4UuBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7abe2ac5293b995c-FRA

GET
H2 200 theme-B701B5B4656A2E213A25CD536E09613C.css
s.wldcdn.net/assets/template/premium/styles/sites/60091/ 39 KB
7 KB 396ms
332ms Stylesheet
text/css 2606:4700:20::681a:23c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.wldcdn.net/assets/template/premium/styles/sites/60091/theme-B701B5B4656A2E213A25CD536E09613C.css

Requested by

Host: sa.safefling.com
URL: https://sa.safefling.com/login/?r=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:23c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79ca646d612c56e04d2a830df04483158bf1b17b469e09f7b73ba45f9c6a37f7

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.safefling.com/login/?r=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-octopod: 8cffdd0f8bf00121, 8209f97f23886099
date: Wed, 22 Mar 2023 11:41:42 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Mar 2023 11:41:42 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=utf-8
x-wld-request-id: 9b232671e92964138ef9dc00ae0f5ebe
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkCqWuWK8pHbo9d%2Fq8J7X5xunUcKooZ74X%2Bqa4wgKXS%2FDaAtkCj2FTUU%2FeNLSXAFOTEhGmOSXBCa6Y4CvLX8VTtXuvhQ2NeWnrqrVkqRY4AgNPBKJUg143kAYm1SM6n9PcJDXrtL75bP2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7abe2ac5293c995c-FRA

GET
H2 200 wld.min.js Show response
s.wldcdn.net/assets/template/premium/scripts/ 3 KB
2 KB 93ms
29ms Script
application/javascript 2606:4700:20::681a:23c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.wldcdn.net/assets/template/premium/scripts/wld.min.js?88826fd8d915015fc3292803f8f4da65

Requested by

Host: sa.safefling.com
URL: https://sa.safefling.com/login/?r=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:23c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b59da24800a9b25ef674dbbb1d985285df8e2ae20d44653df840d46dffa106c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.safefling.com/login/?r=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-octopod: ad3e422a5c72cd73, 615ffe29db897ad6
date: Wed, 22 Mar 2023 11:41:42 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4257
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Mar 2023 12:13:34 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
x-wld-request-id: 71620bb5c47234373be77a28a259e104
cache-control: max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0K6bgJMk5oxVfjV7u0xSruaJFgdjqBCXTFG0FZUROWbLygRqiqx3iOjWmZFBM0X7MF0myDQYv5fBYe0SoGbhVE7JBqzYDAQutUbQWvltxjcsJDyA%2FmTASaEEKWkaVfOE3lDusYx6E5UwIg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7abe2ac5293e995c-FRA

GET
H3 200 60091 Show response
s.wldcdn.net/api/snippets/js/consent-banner/ 2 KB
1 KB 290ms
288ms Script
text/javascript 2606:4700:20::681a:23c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.wldcdn.net/api/snippets/js/consent-banner/60091

Requested by

Host: sa.safefling.com
URL: https://sa.safefling.com/login/?r=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:23c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc9af03ad3ceb58b96118904dd26fe5766e257e0d6074c93d7189d7bacb42bf3

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.safefling.com/login/?r=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-octopod: ad3e422a5c72cd73, b767126283496fc0
date: Wed, 22 Mar 2023 11:41:43 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Mar 2023 11:41:43 GMT
server: cloudflare
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
x-wld-request-id: a5622a6d2e02caf2ee759f2791245015
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kG9lMHkeYprIf1Y%2BzMFu8jF%2BjW1jSy%2BndQhfOA50CaN6C6kzlE%2Bu9blKbtV%2BJmqXuMJIa5UqiSgh3I0otN6CFc7oPKakO4sOG9%2BZy29Q73pRiKhsOlIg2KWo0O4q2p%2BXxYiays%2F4mME81g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7abe2ac75e1c3680-FRA
expires: Wed, 22 Mar 2023 12:41:43 GMT

GET
H3 200 logo-adult.svg
s.wldcdn.net/media/safefling/img/ 6 KB
3 KB 33ms
31ms Image
image/svg+xml 2606:4700:20::681a:23c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.wldcdn.net/media/safefling/img/logo-adult.svg

Requested by

Host: sa.safefling.com
URL: https://sa.safefling.com/login/?r=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:23c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ccf21af6745d143ce1ef86369e5fc52eed851ca69899b40404a7e4501033f4

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.safefling.com/login/?r=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-octopod: a5601cb5759a97d8, 8209f97f23886099
date: Wed, 22 Mar 2023 11:41:42 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 190
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 Jul 2017 10:08:03 GMT
server: cloudflare
etag: W/"255e0a5734706985d8cfc67cafd661c0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
x-wld-request-id: 8f25774b8f7c914a6753a0a11de38eb2
cache-control: max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xmB3flS%2FOK9WfvlOGf%2FxryinOLRCX05ewPderaaB5XLDJJkPtsfwG9qhVkxdgz4bODKTz2BeHlHXFfs4BZeEIGZGIcFjRDajE6FG0RYkL5JA2ktDi4ckAhPNqiQyZYuXvfz7AecnTQIKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7abe2ac75e1d3680-FRA

GET
H2 200 push-notifications-cdn.js Show response
js.pusher.com/beams/1.0/ 81 KB
16 KB 92ms
23ms Script
application/javascript 143.204.210.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pusher.com/beams/1.0/push-notifications-cdn.js
Requested by: Host: sa.safefling.com
URL: https://sa.safefling.com/login/?r=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.210.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-210-101.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1bedb31bbcac17d972eafe24badd0e3049a5123ef49236fc6cdcdf9d0d14c0f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.safefling.com/login/?r=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:11:52 GMT
content-encoding: gzip
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
last-modified: Thu, 10 Sep 2020 10:59:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 2215793
etag: W/"7b1eadae70451cf223f5e9e211565809"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: c1fxe08_8x81b7jdAURnnN_F02Ssm-Lri-i46lQn21ayJv__gE1EgQ==

GET
H2 200 vendor.min.js Show response
s.wldcdn.net/assets/template/premium/scripts/ 451 KB
126 KB 51ms
50ms Script
application/javascript 2606:4700:20::681a:23c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.wldcdn.net/assets/template/premium/scripts/vendor.min.js?f6cd21f30052a540f82d7e3d3446e61c

Requested by

Host: sa.safefling.com
URL: https://sa.safefling.com/login/?r=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:23c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b51e0994053d99783cfbe33bb5164f3ba3f48f5878a1c966cfebc5c8d753ef0

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.safefling.com/login/?r=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-octopod: a5601cb5759a97d8, 615ffe29db897ad6
date: Wed, 22 Mar 2023 11:41:42 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4255
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Mar 2023 12:13:34 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
x-wld-request-id: 290a22508dcc0d94d53f0be6c678a723
cache-control: max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rx%2FeoE2WfAO%2B%2BcN8Fie2Hdj%2FnEmhVau%2BpLk4JR41HbcjQ2SMMmGfeJqyXMOP3zcCXhkqWKHbqig9bgZVG%2BE1L2SPm0V43qAMns1rUwr5awuD4OAZ8F60jr6bLTw4KmwWfc4Yn2%2BHAJXZ1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7abe2ac70b5e995c-FRA

GET
H3 200 en_ZA.min.js Show response
s.wldcdn.net/assets/template/premium/scripts/ 534 B
884 B 131ms
131ms Script
application/javascript 2606:4700:20::681a:23c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.wldcdn.net/assets/template/premium/scripts/en_ZA.min.js?2d646246cdc54fa64aed130de00ab952

Requested by

Host: sa.safefling.com
URL: https://sa.safefling.com/login/?r=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:23c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52fcc2471ba37d2241012f5d8bf762bfa1e4a436b88f7e82aa43186224a49377

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.safefling.com/login/?r=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-octopod: a5601cb5759a97d8, 615ffe29db897ad6
date: Wed, 22 Mar 2023 11:41:43 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Mar 2023 12:13:34 GMT
server: cloudflare
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfCtKuJ7uiBF8bAqbkw7bfqKOsl7eAUnr4l2wLXlBk5rTLMYVv04YDKfC%2FBrzB1c7UCHevWq%2FWclp2T8CFHj4IIgUEUPTBrTaZ5yc6Mv%2BTQyrPYH4ObiqPn4OpwuMm3Qdezg8I7EGWTEpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
x-wld-request-id: 723cf51d6c8d227a1b3ee7e17b3601b3
cache-control: max-age=86400
cf-ray: 7abe2ac74e153680-FRA

GET
H3 200 wldlib.min.js Show response
s.wldcdn.net/assets/template/premium/scripts/ 116 KB
33 KB 54ms
53ms Script
application/javascript 2606:4700:20::681a:23c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.wldcdn.net/assets/template/premium/scripts/wldlib.min.js?4adb4ff05d0c0f562386ed83a9258e28

Requested by

Host: sa.safefling.com
URL: https://sa.safefling.com/login/?r=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:23c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31f5243879323ca024c4b7510832e52159d6c8e25816a7beea17d8de002179c2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.safefling.com/login/?r=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-octopod: 8cffdd0f8bf00121, 615ffe29db897ad6
date: Wed, 22 Mar 2023 11:41:42 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5683
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Mar 2023 12:13:34 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
x-wld-request-id: dd9c59f4adde92dd383720827af1e998
cache-control: max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiJ7VFR1p1XlNIgNB18BxWajx5KfBzCgtq11ZBBLwAZIe%2Bqou%2BGeThDHOLS%2Bzvc0zZRBwFn6JELElaZsWNn36%2BUztRa4yHDP%2BWIYfGFngFi4XRXNvt%2FXWFzpnsCLrpE6wERlze7QKo%2FAoA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7abe2ac74e183680-FRA

GET
H3 200 app.min.js Show response
s.wldcdn.net/assets/template/premium/scripts/ 143 KB
40 KB 34ms
32ms Script
application/javascript 2606:4700:20::681a:23c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.wldcdn.net/assets/template/premium/scripts/app.min.js?a26cb101bdd58272cac26352f0fdb44c

Requested by

Host: sa.safefling.com
URL: https://sa.safefling.com/login/?r=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:23c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

926f301055fd8519e23f9787bd8c3a4b4ab0b416b3da854978a4da93098492c4

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.safefling.com/login/?r=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-octopod: 8cffdd0f8bf00121, 8209f97f23886099
date: Wed, 22 Mar 2023 11:41:42 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5683
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Mar 2023 12:13:34 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
x-wld-request-id: a22ce72b953d07f616407f6235ba3a7a
cache-control: max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rb5wtS1mnkCPmPU4K%2FJyYy3fB709UlTmPoIH8Vvahb%2Bk4GFYxgFhOSZJ64DoWLOPU7j0Sc9JzdliVEoHIyx%2FkArfylYKPt5rNgNuj8sM0rUJhzVOG79CuG%2FhxkxKojrW2TyLwX%2B7dffslw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7abe2ac75e1b3680-FRA

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 114ms
56ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: sa.safefling.com
URL: https://sa.safefling.com/login/?r=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://sa.safefling.com/login/?r=1
Origin: https://sa.safefling.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 11:41:43 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2023 17:58:49 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7abe2ac7aeff30d2-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: s.wldcdn.net
URL: https://s.wldcdn.net/assets/template/premium/scripts/app.min.js?a26cb101bdd58272cac26352f0fdb44c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sa.safefling.com/login/?r=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Mar 2023 10:23:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4690
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 22 Mar 2023 12:23:33 GMT

POST
H2 204 rum Show response
sa.safefling.com/cdn-cgi/ 0
170 B 24ms
23ms XHR
text/plain 2606:4700::6810:1e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sa.safefling.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:1e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sa.safefling.com/login/?r=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json

Response headers

date: Wed, 22 Mar 2023 11:41:43 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sa.safefling.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7abe2ac92e722c6d-FRA

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sa.safefling.com/	1969-12-31 23:59:59	Name: WLDSITE Value: 60091
.safefling.com/	1970-01-20 20:07:25	Name: _ga Value: GA1.2.1975438277.1679485303
.safefling.com/	1970-01-20 10:32:51	Name: _gid Value: GA1.2.914592054.1679485303
.sa.safefling.com/	1970-01-20 10:31:27	Name: __cf_bm Value: RnG62V9dFkV5LhaipbWS7DlS8ak96P068ebeiDTqB1Q-1679485303-0-ARITy28srqrYBHlADKJdi0h+p59rnMq5FEM4ECpq1rYseJIAmRKDSGLJO2Uy/W+aoo1/IhYkopzaMLlF94XqK2c=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

js.pusher.com
s.wldcdn.net
sa.safefling.com
static.cloudflareinsights.com
www.google-analytics.com
143.204.210.101
2606:4700:20::681a:23c
2606:4700::6810:1e3
2606:4700::6810:3965
2a00:1450:4001:810::200e
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
1b59da24800a9b25ef674dbbb1d985285df8e2ae20d44653df840d46dffa106c
1bedb31bbcac17d972eafe24badd0e3049a5123ef49236fc6cdcdf9d0d14c0f4
31f5243879323ca024c4b7510832e52159d6c8e25816a7beea17d8de002179c2
52fcc2471ba37d2241012f5d8bf762bfa1e4a436b88f7e82aa43186224a49377
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
71407d7a0033bbdee0694fec376c6e07b35f28c85dca19eadfac31a05a6261ae
79ca646d612c56e04d2a830df04483158bf1b17b469e09f7b73ba45f9c6a37f7
7b51e0994053d99783cfbe33bb5164f3ba3f48f5878a1c966cfebc5c8d753ef0
926f301055fd8519e23f9787bd8c3a4b4ab0b416b3da854978a4da93098492c4
c3ccf21af6745d143ce1ef86369e5fc52eed851ca69899b40404a7e4501033f4
d15c7f24a504ff2be051335735b16c65a67e635ecce683a9e6703f999984c621
dc9af03ad3ceb58b96118904dd26fe5766e257e0d6074c93d7189d7bacb42bf3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

sa.safefling.com Open in urlscan Pro 2606:4700::6810:1e3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

312 kBTransfer

1188 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

sa.safefling.com Open in urlscan Pro
2606:4700::6810:1e3 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

312 kB
Transfer

1188 kB
Size

4
Cookies

14 HTTP transactions
0 data transactions