safe.xpd.se Open in urlscan Pro
217.75.106.223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://safe.xpd.se/
Effective URL:
https://safe.xpd.se/
Submission: On January 11 via manual (January 11th 2024, 6:21:31 am UTC) from IN — Scanned from SE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 217.75.106.223, located in Ramkvilla, Sweden and belongs to IPO-EU, SE. The main domain is safe.xpd.se.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on September 19th 2023. Valid for: a year.

This is the only time safe.xpd.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	217.75.106.223 217.75.106.223		12552 (IPO-EU) (IPO-EU)
10	2

10 217.75.106.223 (Ramkvilla, Sweden)

ASN12552 (IPO-EU, SE)
PTR: safe.xpd.se

safe.xpd.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	xpd.se safe.xpd.se	258 KB
10	1

	Domain	Requested by
10	safe.xpd.se	safe.xpd.se
10	1

This site contains no links.

Subject Issuer	Validity	Valid
*.xpd.se RapidSSL TLS RSA CA G1	`2023-09-19` - `2024-08-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://safe.xpd.se/
Frame ID: 4D84DB941D9A61EB77012EA585906A43
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

StoredSafe

Page URL History Show full URLs

http://safe.xpd.se/ HTTP 307
https://safe.xpd.se/ Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

258 kB
Transfer

255 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://safe.xpd.se/ HTTP 307
https://safe.xpd.se/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
safe.xpd.se/
Redirect Chain

http://safe.xpd.se/
https://safe.xpd.se/

4 KB
2 KB

254ms
31ms

Document
text/html

217.75.106.223
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.xpd.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

217.75.106.223 Ramkvilla, Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

safe.xpd.se

Software

StoredSafe /

Resource Hash

9d5e9fc822025ed5eadcfcf9230a0ce192e51384e11a24f895f3fe71879fdf5a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Thu, 11 Jan 2024 06:21:27 GMT
referrer-policy: strict-origin-when-cross-origin
server: StoredSafe
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-robots-tag: none
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://safe.xpd.se/
Non-Authoritative-Reason: HSTS

GET
H2 200 vars-icons.css
safe.xpd.se/css/ 18 KB
19 KB 60ms
59ms Stylesheet
text/css 217.75.106.223
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.xpd.se/css/vars-icons.css?rnd=240111

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

217.75.106.223 Ramkvilla, Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

safe.xpd.se

Software

StoredSafe /

Resource Hash

375d59b84ea27990ec4f6d857ffd55451dfe617ebb3d84bca611e7ae4f874305

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://safe.xpd.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 06:21:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
last-modified: Fri, 20 Oct 2023 10:23:08 GMT
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
etag: "6532550c-49e7"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
x-robots-tag: none
content-length: 18919
x-xss-protection: 1; mode=block

GET
H2 200 login.css
safe.xpd.se/css/ 8 KB
9 KB 61ms
60ms Stylesheet
text/css 217.75.106.223
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.xpd.se/css/login.css?rnd=24011107

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

217.75.106.223 Ramkvilla, Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

safe.xpd.se

Software

StoredSafe /

Resource Hash

a6c930dcb708bf9056d5b1aa1e08ca5d6757e701b6e914b820556585690b6e99

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://safe.xpd.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 06:21:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
last-modified: Fri, 20 Oct 2023 10:23:08 GMT
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
etag: "6532550c-20cf"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
x-robots-tag: none
content-length: 8399
x-xss-protection: 1; mode=block

GET
H2 200 settings.js Show response
safe.xpd.se/js/ 2 KB
2 KB 62ms
61ms Script
application/javascript 217.75.106.223
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.xpd.se/js/settings.js?rnd=240111

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

217.75.106.223 Ramkvilla, Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

safe.xpd.se

Software

StoredSafe /

Resource Hash

1db6c7935ffdcdc304e08cc3e4cb09f7f514443c2739427f7764eac49febfd46

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://safe.xpd.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 06:21:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
last-modified: Fri, 20 Oct 2023 10:23:08 GMT
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
etag: "6532550c-656"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: none
content-length: 1622
x-xss-protection: 1; mode=block

GET
H2 200 login.js Show response
safe.xpd.se/js/ 6 KB
6 KB 62ms
62ms Script
application/javascript 217.75.106.223
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.xpd.se/js/login.js?rnd=240111

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

217.75.106.223 Ramkvilla, Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

safe.xpd.se

Software

StoredSafe /

Resource Hash

d9e38a327492dbc2c516b929a9e93da1a71abc605520a7189ca698737369f2a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://safe.xpd.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 06:21:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
last-modified: Fri, 20 Oct 2023 10:23:08 GMT
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
etag: "6532550c-172d"
x-frame-options: SAMEORIGIN
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: none
content-length: 5933
x-xss-protection: 1; mode=block

GET
H2 200 customerlogo.php
safe.xpd.se/img/ 104 KB
105 KB 31ms
31ms Image
image/png 217.75.106.223
IPO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe.xpd.se/img/customerlogo.php

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/css/login.css?rnd=24011107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

217.75.106.223 Ramkvilla, Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

safe.xpd.se

Software

StoredSafe /

Resource Hash

81d18e0e88a212eb1003f9ff5bb78642006a7464389daaadd9ef1844f69cbb9a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://safe.xpd.se/css/login.css?rnd=24011107
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 06:21:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-type: image/png
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 682 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b19d99450f7397267dcb8df20e7c78176ed020d1a5679fbe1f09adf217a7eb8

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 yubikey2.svg
safe.xpd.se/img/ico/default/sys/svg/ 1021 B
1 KB 59ms
59ms Image
image/svg+xml 217.75.106.223
IPO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe.xpd.se/img/ico/default/sys/svg/yubikey2.svg

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/css/login.css?rnd=24011107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

217.75.106.223 Ramkvilla, Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

safe.xpd.se

Software

StoredSafe /

Resource Hash

a0b8325210d65c3a70c4ec9dea633a6f8731b60d30cce52bca67ee32e73fc22f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://safe.xpd.se/css/login.css?rnd=24011107
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 06:21:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
last-modified: Fri, 20 Oct 2023 10:23:08 GMT
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
etag: "6532550c-3fd"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-robots-tag: none
content-length: 1021
x-xss-protection: 1; mode=block

GET
H2 200 smartcard.svg
safe.xpd.se/img/ico/default/sys/svg/ 768 B
1 KB 59ms
59ms Image
image/svg+xml 217.75.106.223
IPO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe.xpd.se/img/ico/default/sys/svg/smartcard.svg

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/css/login.css?rnd=24011107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

217.75.106.223 Ramkvilla, Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

safe.xpd.se

Software

StoredSafe /

Resource Hash

608f4163d9b72eb201056ede1735fca8df7ecbd9fb549653935681dd3b61c5d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://safe.xpd.se/css/login.css?rnd=24011107
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 06:21:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
last-modified: Fri, 20 Oct 2023 10:23:08 GMT
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
etag: "6532550c-300"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
x-robots-tag: none
content-length: 768
x-xss-protection: 1; mode=block

GET
H2 200 logotype-storedsafe.png
safe.xpd.se/img/ 32 KB
32 KB 60ms
59ms Image
image/png 217.75.106.223
IPO-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safe.xpd.se/img/logotype-storedsafe.png

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/css/login.css?rnd=24011107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

217.75.106.223 Ramkvilla, Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

safe.xpd.se

Software

StoredSafe /

Resource Hash

d0785fa2f7b9adbb01c30a0dbda327f6a9d5671192629d42e6f6b3f7ab27085b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://safe.xpd.se/css/login.css?rnd=24011107
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 06:21:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
last-modified: Fri, 20 Oct 2023 10:23:08 GMT
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
etag: "6532550c-7ef4"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-robots-tag: none
content-length: 32500
x-xss-protection: 1; mode=block

GET
H2 200 Gilroy-Light.ttf
safe.xpd.se/css/fonts/ 80 KB
80 KB 52ms
52ms Font
application/octet-stream 217.75.106.223
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.xpd.se/css/fonts/Gilroy-Light.ttf

Requested by

Host: safe.xpd.se
URL: https://safe.xpd.se/css/login.css?rnd=24011107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

217.75.106.223 Ramkvilla, Sweden, ASN12552 (IPO-EU, SE),

Reverse DNS

safe.xpd.se

Software

StoredSafe /

Resource Hash

e34ac36d5466c7a9f001d3c1911e8ad71865c5f684d362ff0610ad028531c729

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safe.xpd.se/css/login.css?rnd=24011107
Origin: https://safe.xpd.se
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 06:21:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
last-modified: Fri, 20 Oct 2023 10:23:08 GMT
server: StoredSafe
x-permitted-cross-domain-policies: master-only
referrer-policy: strict-origin-when-cross-origin
etag: "6532550c-13e7c"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
accept-ranges: bytes
x-robots-tag: none
content-length: 81532
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			safe.xpd.se/	1970-01-20 17:35:57	Name: CSRF_LOGIN Value: sjq8djzuehc0vzAwWtVCIg%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

safe.xpd.se
217.75.106.223
1db6c7935ffdcdc304e08cc3e4cb09f7f514443c2739427f7764eac49febfd46
375d59b84ea27990ec4f6d857ffd55451dfe617ebb3d84bca611e7ae4f874305
3b19d99450f7397267dcb8df20e7c78176ed020d1a5679fbe1f09adf217a7eb8
608f4163d9b72eb201056ede1735fca8df7ecbd9fb549653935681dd3b61c5d7
81d18e0e88a212eb1003f9ff5bb78642006a7464389daaadd9ef1844f69cbb9a
9d5e9fc822025ed5eadcfcf9230a0ce192e51384e11a24f895f3fe71879fdf5a
a0b8325210d65c3a70c4ec9dea633a6f8731b60d30cce52bca67ee32e73fc22f
a6c930dcb708bf9056d5b1aa1e08ca5d6757e701b6e914b820556585690b6e99
d0785fa2f7b9adbb01c30a0dbda327f6a9d5671192629d42e6f6b3f7ab27085b
d9e38a327492dbc2c516b929a9e93da1a71abc605520a7189ca698737369f2a6
e34ac36d5466c7a9f001d3c1911e8ad71865c5f684d362ff0610ad028531c729

safe.xpd.se Open in urlscan Pro 217.75.106.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

258 kBTransfer

255 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

safe.xpd.se Open in urlscan Pro
217.75.106.223 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

258 kB
Transfer

255 kB
Size

1
Cookies

10 HTTP transactions
1 data transactions