safe.xpd.se Open in urlscan Pro
2001:16d8:c016::223 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://safe.xpd.se/index.php
Submission: On March 11 via manual (March 11th 2024, 12:07:52 pm UTC) from IN — Scanned from SE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 2001:16d8:c016::223, located in Sweden and belongs to IPO-EU, SE. The main domain is safe.xpd.se.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on September 19th 2023. Valid for: a year.

This is the only time safe.xpd.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	2001:16d8:c01... 2001:16d8:c016::223		12552 (IPO-EU) (IPO-EU)
10	2

10 2001:16d8:c016::223 (Sweden)

ASN12552 (IPO-EU, SE)

safe.xpd.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	xpd.se safe.xpd.se	258 KB
10	1

	Domain	Requested by
10	safe.xpd.se	safe.xpd.se
10	1

This site contains no links.

Subject Issuer	Validity	Valid
*.xpd.se RapidSSL TLS RSA CA G1	`2023-09-19` - `2024-08-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://safe.xpd.se/index.php
Frame ID: 2608DF60F92D03F4BA30D436AF6BC964
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

StoredSafe

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

10
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

258 kB
Transfer

255 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.php Show response
safe.xpd.se/ 4 KB
2 KB 561ms
78ms Document
text/html 2001:16d8:c016::223
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.xpd.se/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:16d8:c016::223 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

9e4c801a7df38b12a6eb2003b84e83a07abf53313386f84717cb6deeb73309a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Mon, 11 Mar 2024 12:07:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: StoredSafe
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 vars-icons.css
safe.xpd.se/css/ 18 KB
19 KB 153ms
152ms Stylesheet
text/css 2001:16d8:c016::223
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.xpd.se/css/vars-icons.css?rnd=240311

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:16d8:c016::223 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

375d59b84ea27990ec4f6d857ffd55451dfe617ebb3d84bca611e7ae4f874305

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://safe.xpd.se/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
last-modified: Fri, 20 Oct 2023 10:23:08 GMT
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
etag: "6532550c-49e7"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
x-robots-tag: none
content-length: 18919
x-xss-protection: 1; mode=block

GET
H2 200 login.css
safe.xpd.se/css/ 8 KB
9 KB 154ms
154ms Stylesheet
text/css 2001:16d8:c016::223
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.xpd.se/css/login.css?rnd=24031101

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:16d8:c016::223 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

a6c930dcb708bf9056d5b1aa1e08ca5d6757e701b6e914b820556585690b6e99

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://safe.xpd.se/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
last-modified: Fri, 20 Oct 2023 10:23:08 GMT
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
etag: "6532550c-20cf"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
x-robots-tag: none
content-length: 8399
x-xss-protection: 1; mode=block

GET
H2 200 settings.js Show response
safe.xpd.se/js/ 2 KB
2 KB 155ms
155ms Script
application/javascript 2001:16d8:c016::223
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.xpd.se/js/settings.js?rnd=240311

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:16d8:c016::223 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

1db6c7935ffdcdc304e08cc3e4cb09f7f514443c2739427f7764eac49febfd46

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://safe.xpd.se/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
last-modified: Fri, 20 Oct 2023 10:23:08 GMT
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
etag: "6532550c-656"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: none
content-length: 1622
x-xss-protection: 1; mode=block

GET
H2 200 login.js Show response
safe.xpd.se/js/ 6 KB
6 KB 156ms
156ms Script
application/javascript 2001:16d8:c016::223
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.xpd.se/js/login.js?rnd=240311

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:16d8:c016::223 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

d9e38a327492dbc2c516b929a9e93da1a71abc605520a7189ca698737369f2a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://safe.xpd.se/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
last-modified: Fri, 20 Oct 2023 10:23:08 GMT
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
etag: "6532550c-172d"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: none
content-length: 5933
x-xss-protection: 1; mode=block

GET
H2 200 customerlogo.php
safe.xpd.se/img/ 104 KB
105 KB 77ms
77ms Image
image/png 2001:16d8:c016::223
IPO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe.xpd.se/img/customerlogo.php

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/css/login.css?rnd=24031101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:16d8:c016::223 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

81d18e0e88a212eb1003f9ff5bb78642006a7464389daaadd9ef1844f69cbb9a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://safe.xpd.se/css/login.css?rnd=24031101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-type: image/png
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 682 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b19d99450f7397267dcb8df20e7c78176ed020d1a5679fbe1f09adf217a7eb8

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 yubikey2.svg
safe.xpd.se/img/ico/default/sys/svg/ 1021 B
1 KB 151ms
150ms Image
image/svg+xml 2001:16d8:c016::223
IPO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe.xpd.se/img/ico/default/sys/svg/yubikey2.svg

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/css/login.css?rnd=24031101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:16d8:c016::223 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

a0b8325210d65c3a70c4ec9dea633a6f8731b60d30cce52bca67ee32e73fc22f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://safe.xpd.se/css/login.css?rnd=24031101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
last-modified: Fri, 20 Oct 2023 10:23:08 GMT
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
etag: "6532550c-3fd"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-robots-tag: none
content-length: 1021
x-xss-protection: 1; mode=block

GET
H2 200 smartcard.svg
safe.xpd.se/img/ico/default/sys/svg/ 768 B
1 KB 151ms
151ms Image
image/svg+xml 2001:16d8:c016::223
IPO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe.xpd.se/img/ico/default/sys/svg/smartcard.svg

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/css/login.css?rnd=24031101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:16d8:c016::223 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

608f4163d9b72eb201056ede1735fca8df7ecbd9fb549653935681dd3b61c5d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://safe.xpd.se/css/login.css?rnd=24031101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
last-modified: Fri, 20 Oct 2023 10:23:08 GMT
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
etag: "6532550c-300"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-robots-tag: none
content-length: 768
x-xss-protection: 1; mode=block

GET
H2 200 logotype-storedsafe.png
safe.xpd.se/img/ 32 KB
32 KB 151ms
151ms Image
image/png 2001:16d8:c016::223
IPO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe.xpd.se/img/logotype-storedsafe.png

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/css/login.css?rnd=24031101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:16d8:c016::223 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

d0785fa2f7b9adbb01c30a0dbda327f6a9d5671192629d42e6f6b3f7ab27085b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://safe.xpd.se/css/login.css?rnd=24031101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
last-modified: Fri, 20 Oct 2023 10:23:08 GMT
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
etag: "6532550c-7ef4"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-robots-tag: none
content-length: 32500
x-xss-protection: 1; mode=block

GET
H2 200 Gilroy-Light.ttf
safe.xpd.se/css/fonts/ 80 KB
80 KB 151ms
151ms Font
application/octet-stream 2001:16d8:c016::223
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.xpd.se/css/fonts/Gilroy-Light.ttf

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/css/login.css?rnd=24031101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:16d8:c016::223 , Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

Software

StoredSafe /

Resource Hash

e34ac36d5466c7a9f001d3c1911e8ad71865c5f684d362ff0610ad028531c729

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safe.xpd.se/css/login.css?rnd=24031101
Origin: https://safe.xpd.se
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:07:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
last-modified: Fri, 20 Oct 2023 10:23:08 GMT
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
etag: "6532550c-13e7c"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
accept-ranges: bytes
x-robots-tag: none
content-length: 81532
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			safe.xpd.se/	1970-01-20 19:02:42	Name: CSRF_LOGIN Value: 62eMhqRXX699x%2BZ6FNt6sw%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

safe.xpd.se
2001:16d8:c016::223
1db6c7935ffdcdc304e08cc3e4cb09f7f514443c2739427f7764eac49febfd46
375d59b84ea27990ec4f6d857ffd55451dfe617ebb3d84bca611e7ae4f874305
3b19d99450f7397267dcb8df20e7c78176ed020d1a5679fbe1f09adf217a7eb8
608f4163d9b72eb201056ede1735fca8df7ecbd9fb549653935681dd3b61c5d7
81d18e0e88a212eb1003f9ff5bb78642006a7464389daaadd9ef1844f69cbb9a
9e4c801a7df38b12a6eb2003b84e83a07abf53313386f84717cb6deeb73309a5
a0b8325210d65c3a70c4ec9dea633a6f8731b60d30cce52bca67ee32e73fc22f
a6c930dcb708bf9056d5b1aa1e08ca5d6757e701b6e914b820556585690b6e99
d0785fa2f7b9adbb01c30a0dbda327f6a9d5671192629d42e6f6b3f7ab27085b
d9e38a327492dbc2c516b929a9e93da1a71abc605520a7189ca698737369f2a6
e34ac36d5466c7a9f001d3c1911e8ad71865c5f684d362ff0610ad028531c729

safe.xpd.se Open in urlscan Pro 2001:16d8:c016::223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

258 kBTransfer

255 kBSize

1 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

safe.xpd.se Open in urlscan Pro
2001:16d8:c016::223 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

258 kB
Transfer

255 kB
Size

1
Cookies

10 HTTP transactions
1 data transactions