context.safeflowsecure.com Open in urlscan Pro
2606:4700:3030::ac43:a91e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://context.safeflowsecure.com/full/?mainLanguage=ee&affId=ED671EC1&promoIdentifier=estoniacard&px=1192497058779913&subid=52a41...
Submission: On July 04 via manual (July 4th 2024, 4:15:39 pm UTC) from ES — Scanned from ES

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3030::ac43:a91e, located in United States and belongs to CLOUDFLARENET, US. The main domain is context.safeflowsecure.com.
TLS certificate: Issued by E1 on May 10th 2024. Valid for: 3 months.

This is the only time context.safeflowsecure.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3030::ac43:a91e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	172.67.169.30 172.67.169.30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
11	5

2 2606:4700:3030::ac43:a91e (United States)

ASN13335 (CLOUDFLARENET, US)

context.safeflowsecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.169.30 (United States)

ASN13335 (CLOUDFLARENET, US)

context.safeflowsecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	safeflowsecure.com context.safeflowsecure.com	718 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
2	gstatic.com fonts.gstatic.com	70 KB
11	3

	Domain	Requested by
6	context.safeflowsecure.com	context.safeflowsecure.com
3	fonts.googleapis.com	context.safeflowsecure.com
2	fonts.gstatic.com	fonts.googleapis.com
11	3

This site contains no links.

Subject Issuer	Validity	Valid
safeflowsecure.com E1	`2024-05-10` - `2024-08-08`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://context.safeflowsecure.com/full/?mainLanguage=ee&affId=ED671EC1&promoIdentifier=estoniacard&px=1192497058779913&subid=52a412bd283193f97d0941ca1
Frame ID: B2720752FCF348D0ACED0AA76B3FCEFF
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checkout

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

3
Subdomains

5
IPs

2
Countries

789 kB
Transfer

3801 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
context.safeflowsecure.com/full/ 3 KB
1 KB 224ms
126ms Document
text/html 2606:4700:3030::ac43:a91e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://context.safeflowsecure.com/full/?mainLanguage=ee&affId=ED671EC1&promoIdentifier=estoniacard&px=1192497058779913&subid=52a412bd283193f97d0941ca1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:a91e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

80f5eb457d637ec553d524ee981876927361987dff884e169ebcacb39de9380e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 89e06a2b0ea82fb3-MAD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 04 Jul 2024 16:15:33 GMT
last-modified: Fri, 31 May 2024 22:31:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3Ivsy9tEgywQFVI2qGQo%2BGWO3zjUz1GbM1DR2cKkOAtGUPxd6W0b0u7YvHCsBQgUunY%2FfnHi629Yf5AlpjHdc8rwWm6QB68NCX%2FipkXDZPYCLe1HjrNL0DddIBt0%2FvGyZ4RT1WkeJEMJNYw0ZEMYOHe%2BeEQQ%2B3%2BWw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ 386 B
274 B 197ms
71ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Requested by

Host: context.safeflowsecure.com
URL: https://context.safeflowsecure.com/full/?mainLanguage=ee&affId=ED671EC1&promoIdentifier=estoniacard&px=1192497058779913&subid=52a412bd283193f97d0941ca1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b88f0f535211a95a4cea8a8cdcfcb00c71f4186c648b6086243455fa20bfdc4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer: https://context.safeflowsecure.com/
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)

Response headers

date: Thu, 04 Jul 2024 16:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Thu, 04 Jul 2024 16:15:33 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
342 B 197ms
71ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@200;300;400;500;600;700;800&display=swap

Requested by

Host: context.safeflowsecure.com
URL: https://context.safeflowsecure.com/full/?mainLanguage=ee&affId=ED671EC1&promoIdentifier=estoniacard&px=1192497058779913&subid=52a412bd283193f97d0941ca1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e95d2b97b8a08051871cd5d5d05fa335728a3369984532fdbf2dbb950891c3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer: https://context.safeflowsecure.com/
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)

Response headers

date: Thu, 04 Jul 2024 16:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Thu, 04 Jul 2024 16:15:33 GMT

GET
H2 200 css2
fonts.googleapis.com/ 201 B
517 B 195ms
70ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Aldrich&display=swap

Requested by

Host: context.safeflowsecure.com
URL: https://context.safeflowsecure.com/full/?mainLanguage=ee&affId=ED671EC1&promoIdentifier=estoniacard&px=1192497058779913&subid=52a412bd283193f97d0941ca1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee17d87599dd966e076681389df6931dae26e28040a1d1d265075f6e70ca0f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer: https://context.safeflowsecure.com/
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)

Response headers

date: Thu, 04 Jul 2024 16:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Thu, 04 Jul 2024 16:15:33 GMT

GET
H2 200 build.app.js Show response
context.safeflowsecure.com/ 4 MB
702 KB 132ms
131ms Script
application/javascript 2606:4700:3030::ac43:a91e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://context.safeflowsecure.com/build.app.js

Requested by

Host: context.safeflowsecure.com
URL: https://context.safeflowsecure.com/full/?mainLanguage=ee&affId=ED671EC1&promoIdentifier=estoniacard&px=1192497058779913&subid=52a412bd283193f97d0941ca1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:a91e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

28910218f3cf5c50dbc3dae19e65e157255c834626cca640d2bb48708dcf20bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer: https://context.safeflowsecure.com/full/?mainLanguage=ee&affId=ED671EC1&promoIdentifier=estoniacard&px=1192497058779913&subid=52a412bd283193f97d0941ca1
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)

Response headers

date: Thu, 04 Jul 2024 16:15:33 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 31 May 2024 22:31:46 GMT
server: cloudflare
etag: W/"386ed3-18fd0c7ce5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T23cfKh27QNXADIuPejY%2FU6Mh8p%2Bghs8%2Fng9x47fxyDNkS1VfS2cCdCalw5%2Fk63zXjcaGM4JbOAhpgtc1BZ%2Fol8ibde6nfBiJQtJFNBc2dT1wYCOw2FKelwZzz3Iz2Tpa5nWeAZz9nfQsjPkiw98CatgqqE2I6iDtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89e06a2be87a2fb3-MAD

GET
DATA 200
OK truncated
/ 841 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66e3b035d741dd6abd495b6f9e23a12cae7bb523d75f7264d0766db101a3a7b

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f3505c4b13eefcbd1135a49f3fdb24670c0c6072f2ac99c14fdc5321b2a3dbe

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dd2f995dc80897955bb1172add559b87a0854ae7e6b6f383fb3c16c85155ce1

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c220918c64e8ad559879beb308f5007bd3662b5b89e07681505cd34fe2376e1

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)

Response headers

Content-Type: image/svg+xml

GET
H3 200 615aab886d1ca0d94a39.svg
context.safeflowsecure.com/ 10 KB
4 KB 121ms
120ms Image
image/svg+xml 172.67.169.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://context.safeflowsecure.com/615aab886d1ca0d94a39.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.169.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c839ca74ec35361492d934ba6c474bc539b7bfac0f0e7412e24c129350a14323

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer: https://context.safeflowsecure.com/full/?mainLanguage=ee&affId=ED671EC1&promoIdentifier=estoniacard&px=1192497058779913&subid=52a412bd283193f97d0941ca1
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)

Response headers

date: Thu, 04 Jul 2024 16:15:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 31 May 2024 22:31:46 GMT
server: cloudflare
etag: W/"2726-18fd0c7ce5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwInQaT8%2F4Ws%2F4ykpcnJbR1NnW8atcsqy4pGXz626App8sHhoLyyUcWD7N5WhUSwQR%2BIB8HUYHWhcVj2aou7dKjbW71F1EZzzZMW3l9mepExmnKZrRtNKV5fhCNfEoKYEwy%2Fox17vL6E9%2BYp8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 89e06a302a5d0402-MAD

GET
H3 200 4d34f4d6d7d349a00cad.svg
context.safeflowsecure.com/ 11 KB
5 KB 129ms
129ms Image
image/svg+xml 172.67.169.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://context.safeflowsecure.com/4d34f4d6d7d349a00cad.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.169.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c4770ee17f6855405013eef31db8cae9429980de9fd211aa961a6eb8e5e88517

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer: https://context.safeflowsecure.com/full/?mainLanguage=ee&affId=ED671EC1&promoIdentifier=estoniacard&px=1192497058779913&subid=52a412bd283193f97d0941ca1
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)

Response headers

date: Thu, 04 Jul 2024 16:15:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 31 May 2024 22:31:46 GMT
server: cloudflare
etag: W/"2cd3-18fd0c7ce5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BJbF4AxB%2FwpJzaA%2Fxnk8GTVTg9J5ZPZBvYyuwRL90fksAi%2BCIxQuuYkv10hDN5anc%2FuIVDrjd%2Fh6wn0adcmQ%2BoXNqqfDDHKIN7JHYwNdrae75vdktCrpQmWJDTZu%2BJBz2ifMZb06d4zjfcYQhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 89e06a302a5f0402-MAD

GET
H3 200 6707220f44df98fc0464.svg
context.safeflowsecure.com/ 13 KB
5 KB 128ms
128ms Image
image/svg+xml 172.67.169.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://context.safeflowsecure.com/6707220f44df98fc0464.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.169.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c8061ac768fb214a4956e9ccdb7c1dfd8db4dd5a606c8ebdce8df018740d06b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer: https://context.safeflowsecure.com/full/?mainLanguage=ee&affId=ED671EC1&promoIdentifier=estoniacard&px=1192497058779913&subid=52a412bd283193f97d0941ca1
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)

Response headers

date: Thu, 04 Jul 2024 16:15:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 31 May 2024 22:31:46 GMT
server: cloudflare
etag: W/"3263-18fd0c7ce5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWPRfJKj5wqqJFG96643hDRGui2ESQkR901HR7B6u1iJELaso3v0AsEuOtUVDOe096XSMW9884ZZeQx2o2yysPX1j%2B5LeB83Y1QC72JGVRWZ9m3VbwZb%2BJs9Z665ZIaqeTKlpjlL%2B%2BPQuFeEBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 89e06a302a600402-MAD

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a59e53117b76d2fe87c2fbf2fc6a1a18eeb50e8dcc0001f0104183041a4698ce

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)

Response headers

Content-Type: image/svg+xml

GET
H2 200 S6u9w4BMUTPHh6UVew8.ttf
fonts.gstatic.com/s/lato/v24/ 69 KB
35 KB 306ms
172ms Font
font/ttf 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVew8.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02e8f4be57ddc47cb7882c41b60216b6085b1ceaf717514be2b88fa15396238d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://context.safeflowsecure.com
Accept-Language: es-ES,es;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)

Response headers

date: Thu, 04 Jul 2024 16:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35383
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Jul 2025 16:06:35 GMT

GET
H2 200 S6uyw4BMUTPHvxk.ttf
fonts.gstatic.com/s/lato/v24/ 71 KB
36 KB 207ms
74ms Font
font/ttf 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHvxk.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43f1c7780d69792278f04b136c934a0298fc66f2e974bac13dd2e53adc52bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://context.safeflowsecure.com
Accept-Language: es-ES,es;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)

Response headers

date: Thu, 04 Jul 2024 16:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36024
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Jul 2025 16:06:35 GMT

POST
H3 200 ip Show response
context.safeflowsecure.com/api/ 111 B
602 B 330ms
330ms Fetch
application/json 172.67.169.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://context.safeflowsecure.com/api/ip

Requested by

Host: context.safeflowsecure.com
URL: https://context.safeflowsecure.com/build.app.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.169.30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

33a9d813cee855962927399da7c4231c39af7f8361f98366e83c1efd42761a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer: https://context.safeflowsecure.com/full/?mainLanguage=ee&affId=ED671EC1&promoIdentifier=estoniacard&px=1192497058779913&subid=52a412bd283193f97d0941ca1
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; http://www.google.com/bot.html)

Response headers

date: Thu, 04 Jul 2024 16:15:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
x-powered-by: Express
etag: W/"6f-dxwAuR5bk3g7GUr2PO6ra9UFzpo"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nHZDNhUGNl5mj%2B%2BVFyutDytlUSCZhy1sXUZcYGSRSx%2FqyCnvHn4FMKYE1dJE16VMWBJSanYhKHKlXVHIS7t8qt0k6JVnbSxwUAdPIJPFQEwqiaFQdhV06E9l1qLCA1vz2SAM4FYBhEo1jwK1NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 89e06a304aa10402-MAD
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| regeneratorRuntime

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://context.safeflowsecure.com/full/?mainLanguage=ee&affId=ED671EC1&promoIdentifier=estoniacard&px=1192497058779913&subid=52a412bd283193f97d0941ca1 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

context.safeflowsecure.com
fonts.googleapis.com
fonts.gstatic.com
172.67.169.30
2606:4700:3030::ac43:a91e
2a00:1450:4001:812::2003
2a00:1450:4001:829::200a
02e8f4be57ddc47cb7882c41b60216b6085b1ceaf717514be2b88fa15396238d
0c220918c64e8ad559879beb308f5007bd3662b5b89e07681505cd34fe2376e1
28910218f3cf5c50dbc3dae19e65e157255c834626cca640d2bb48708dcf20bb
33a9d813cee855962927399da7c4231c39af7f8361f98366e83c1efd42761a88
4f3505c4b13eefcbd1135a49f3fdb24670c0c6072f2ac99c14fdc5321b2a3dbe
80f5eb457d637ec553d524ee981876927361987dff884e169ebcacb39de9380e
8dd2f995dc80897955bb1172add559b87a0854ae7e6b6f383fb3c16c85155ce1
a59e53117b76d2fe87c2fbf2fc6a1a18eeb50e8dcc0001f0104183041a4698ce
b66e3b035d741dd6abd495b6f9e23a12cae7bb523d75f7264d0766db101a3a7b
b88f0f535211a95a4cea8a8cdcfcb00c71f4186c648b6086243455fa20bfdc4b
c4770ee17f6855405013eef31db8cae9429980de9fd211aa961a6eb8e5e88517
c8061ac768fb214a4956e9ccdb7c1dfd8db4dd5a606c8ebdce8df018740d06b9
c839ca74ec35361492d934ba6c474bc539b7bfac0f0e7412e24c129350a14323
e95d2b97b8a08051871cd5d5d05fa335728a3369984532fdbf2dbb950891c3ee
ee17d87599dd966e076681389df6931dae26e28040a1d1d265075f6e70ca0f7b
f43f1c7780d69792278f04b136c934a0298fc66f2e974bac13dd2e53adc52bde

context.safeflowsecure.com Open in urlscan Pro 2606:4700:3030::ac43:a91e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

75 %IPv6

3 Domains

3 Subdomains

5 IPs

2 Countries

789 kBTransfer

3801 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

context.safeflowsecure.com Open in urlscan Pro
2606:4700:3030::ac43:a91e Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

3
Subdomains

5
IPs

2
Countries

789 kB
Transfer

3801 kB
Size

0
Cookies

11 HTTP transactions
5 data transactions