URL: https://safeupater.pages.dev/
Submission: On August 12 via automatic, source certstream-suspicious — Scanned from NL

Summary

This website contacted 11 IPs in 5 countries across 12 domains to perform 15 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is safeupater.pages.dev.
TLS certificate: Issued by WE1 on August 11th 2024. Valid for: 3 months.
This is the only time safeupater.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 188.114.97.3 13335 (CLOUDFLAR...)
2 104.18.10.207 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 192.232.218.200 46606 (UNIFIEDLA...)
1 23.106.49.55 59253 (LEASEWEB-...)
1 172.240.127.234 7979 (SERVERS-COM)
1 2620:1ec:33::10 8075 (MICROSOFT...)
15 11
Apex Domain
Subdomains
Transfer
2 blogspot.com
2.bp.blogspot.com — Cisco Umbrella Rank: 21437
4.bp.blogspot.com — Cisco Umbrella Rank: 22468
1 MB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832
39 KB
2 pages.dev
safeupater.pages.dev
6 KB
1 bing.net
tse1.mm.bing.net — Cisco Umbrella Rank: 3687
2 KB
1 asunderfacilitydealt.com
asunderfacilitydealt.com
1 positivesolomon.com
shop.positivesolomon.com
148 KB
1 mytechquest.com
mytechquest.com
89 KB
1 medicineh.com
img.medicineh.com
64 KB
1 antivirus.my.id
antivirus.my.id
750 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
24 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
964 B
0 malekal.com Failed
www.malekal.com Failed
15 12
Domain Requested by
2 safeupater.pages.dev
1 tse1.mm.bing.net safeupater.pages.dev
1 asunderfacilitydealt.com antivirus.my.id
1 shop.positivesolomon.com safeupater.pages.dev
1 4.bp.blogspot.com safeupater.pages.dev
1 mytechquest.com safeupater.pages.dev
1 2.bp.blogspot.com safeupater.pages.dev
1 img.medicineh.com safeupater.pages.dev
1 antivirus.my.id safeupater.pages.dev
1 maxcdn.bootstrapcdn.com safeupater.pages.dev
1 code.jquery.com safeupater.pages.dev
1 fonts.googleapis.com safeupater.pages.dev
1 stackpath.bootstrapcdn.com safeupater.pages.dev
0 www.malekal.com Failed safeupater.pages.dev
15 14

This site contains no links.

Subject Issuer Validity Valid
safeupater.pages.dev
WE1
2024-08-11 -
2024-11-09
3 months crt.sh
bootstrapcdn.com
WE1
2024-07-23 -
2024-10-21
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
antivirus.my.id
E6
2024-06-30 -
2024-09-28
3 months crt.sh
medicineh.com
WE1
2024-07-27 -
2024-10-25
3 months crt.sh
misc-sni.blogspot.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
mytechquest.com
R10
2024-07-17 -
2024-10-15
3 months crt.sh
shop.positivesolomon.com
R11
2024-07-17 -
2024-10-15
3 months crt.sh
asunderfacilitydealt.com
R10
2024-07-24 -
2024-10-22
3 months crt.sh
*.mm.bing.net
Microsoft Azure RSA TLS Issuing CA 04
2024-07-30 -
2025-01-26
6 months crt.sh

This page contains 1 frames:

Primary Page: https://safeupater.pages.dev/
Frame ID: 38288B0D47F68EF8F48A8E0600E4FADD
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

Safe Updaters

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

93 %
HTTPS

50 %
IPv6

12
Domains

14
Subdomains

11
IPs

5
Countries

1435 kB
Transfer

1633 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
safeupater.pages.dev/
8 KB
3 KB
Document
General
Full URL
https://safeupater.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e97d3dc009c3f9e9412906791f101dcd77c8d6fbdab2ece3448f153b32a5141a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8b1c9d043d5366b5-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 12 Aug 2024 01:15:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZzQ0q6qsg5pw%2B0qzyXydft2ZnZpbJemZrjxjAFaFPme61lEFm0%2BZiBTKAMrsouXJJWz6r2XYzF9KWx4eh4efYsKQyQoQKChPmgJ0JKkivdxJp2RL5up5FjD5N2jqgl2mfmynqawpKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/
138 KB
25 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: safeupater.pages.dev
URL: https://safeupater.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://safeupater.pages.dev/
Origin
https://safeupater.pages.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 01:15:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
752
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
03/18/2024 12:28:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
5cd02feb0d00e2ed97e10da0669884c0
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8b1c9d05eaeb655c-AMS
cdn-requestpullsuccess
True
css
fonts.googleapis.com/
2 KB
964 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway
Requested by
Host: safeupater.pages.dev
URL: https://safeupater.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cdbcbb6ab7680b6f7ee6f09ff2a54b0e8e3eb6e758efb1c0a7fe5e71fb0da118
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://safeupater.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Aug 2024 01:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Aug 2024 00:28:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Aug 2024 01:15:16 GMT
jquery-3.2.1.slim.min.js
code.jquery.com/
68 KB
24 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: safeupater.pages.dev
URL: https://safeupater.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer
https://safeupater.pages.dev/
Origin
https://safeupater.pages.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 01:15:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2716965
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
23856
x-served-by
cache-lga21963-LGA, cache-bru1480064-BRU
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1723425317.842981,VS0,VE0
etag
W/"28feccc0-10fdd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
85, 8955
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/
48 KB
15 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: safeupater.pages.dev
URL: https://safeupater.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://safeupater.pages.dev/
Origin
https://safeupater.pages.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 01:15:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
1048
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
03/18/2024 12:46:36
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1ae0b8b7a89cb3d83152744a6ef512ab
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8b1c9d05eaec655c-AMS
cdn-requestpullsuccess
True
us.js
antivirus.my.id/
325 B
750 B
Script
General
Full URL
https://antivirus.my.id/us.js
Requested by
Host: safeupater.pages.dev
URL: https://safeupater.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
840146b920cd61cb8f6b000535206e6936a26f62ac229677b03bbcf7eb4dfeec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://safeupater.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 01:15:16 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5acc324dd904e0c7936604a2d95f7511"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uguy2qw2hgyUJ1xXGkJCaKT9U1TinhFKa4tzUCaEmcO8HgrTmVVUEhUbVVWFkT3Siq3h2jHrNcDsgOT4EjUEgx5mGyeTHtC6OzI%2B8abob4PeWyYligt4s5hVsyhu8EvdMjsYP%2Bu2lCZB47TAqto%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8b1c9d0639060b3a-AMS
alt-svc
h3=":443"; ma=86400
avast-secure-browser-1536x864.jpg
www.malekal.com/wp-content/uploads/
0
0

avastin-vial-2.jpg
img.medicineh.com/img/drugs-medications/
63 KB
64 KB
Image
General
Full URL
https://img.medicineh.com/img/drugs-medications/avastin-vial-2.jpg
Requested by
Host: safeupater.pages.dev
URL: https://safeupater.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
988bb224ef44252d34c11444266f4a4d2820adcfc9f2cc413c4adac876293530

Request headers

Referer
https://safeupater.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 01:15:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
64511
last-modified
Fri, 21 Feb 2020 05:31:19 GMT
server
cloudflare
etag
"fbff-59f0f54d28840"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1BqM11EstE102xXPpkdDgrsIL2V3JX%2FN%2BhxOf3f9Cm09mhwV5jpaT%2FYZNxlENybCOY%2FiNHm7xJCEL8B7Ye7lQrC9G5C1F0m8ecH11bfZbNt4VXSUyOx5WVuv4WchFauCaHjAEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8b1c9d090a271c86-AMS
expires
Tue, 12 Aug 2025 01:15:17 GMT
Avastupdates.com%2B-%2BAvast%2B2019%2BSetup%2BOffline%2BInstaller.png
2.bp.blogspot.com/-xyMf69kIvUM/W2DxIMJ9UiI/AAAAAAAAIsc/DKHqn_5DbnstoQZjdvnxRYwPt_pbgNYxQCLcBGAs/s1600/
908 KB
909 KB
Image
General
Full URL
https://2.bp.blogspot.com/-xyMf69kIvUM/W2DxIMJ9UiI/AAAAAAAAIsc/DKHqn_5DbnstoQZjdvnxRYwPt_pbgNYxQCLcBGAs/s1600/Avastupdates.com%2B-%2BAvast%2B2019%2BSetup%2BOffline%2BInstaller.png
Requested by
Host: safeupater.pages.dev
URL: https://safeupater.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d46bc04d95261a71a0a15bc075ddec222f4c557aa164303483fc660c1d658822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safeupater.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 01:15:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v22c9"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Avastupdates.com - Avast 2019 Setup Offline Installer.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
929745
x-xss-protection
0
expires
Tue, 13 Aug 2024 01:15:18 GMT
Avast-Uninstall-Tool.jpg
mytechquest.com/blog/wp-content/uploads/2014/10/
89 KB
89 KB
Image
General
Full URL
https://mytechquest.com/blog/wp-content/uploads/2014/10/Avast-Uninstall-Tool.jpg
Requested by
Host: safeupater.pages.dev
URL: https://safeupater.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.232.218.200 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-232-218-200.unifiedlayer.com
Software
Apache /
Resource Hash
f0c9665f0a0f43199ef8bc41cadda1098570ab4369a4db3d7052a60aa55cba77

Request headers

Referer
https://safeupater.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 01:15:18 GMT
last-modified
Mon, 28 Dec 2015 16:10:15 GMT
server
Apache
accept-ranges
bytes
content-length
90907
vary
User-Agent
content-type
image/jpeg
Avast%2521+Free+Antivirus+7.0.1473.jpg
4.bp.blogspot.com/-8OqBu_mrM3E/UIqzjOUSX9I/AAAAAAAABb8/5p-PV8gISIw/s1600/
153 KB
153 KB
Image
General
Full URL
https://4.bp.blogspot.com/-8OqBu_mrM3E/UIqzjOUSX9I/AAAAAAAABb8/5p-PV8gISIw/s1600/Avast%2521+Free+Antivirus+7.0.1473.jpg
Requested by
Host: safeupater.pages.dev
URL: https://safeupater.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6bdc77579e3b1d8dda57373d79d9e3138990ab9843cc76472578ce9d9a009fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safeupater.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 01:15:17 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="Avast! Free Antivirus 7.0.1473.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
156194
x-xss-protection
0
server
fife
etag
"v5bf"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 13 Aug 2024 01:15:17 GMT
avast.jpg
shop.positivesolomon.com/eshop/wp-content/uploads/2020/10/
148 KB
148 KB
Image
General
Full URL
https://shop.positivesolomon.com/eshop/wp-content/uploads/2020/10/avast.jpg
Requested by
Host: safeupater.pages.dev
URL: https://safeupater.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.106.49.55 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
cjg.nz
Software
/
Resource Hash
f40696190df5008204c6dcb396362dbb89f84022e38ad78ff4fecd679af1ccff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://safeupater.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 01:15:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 14 Sep 2021 18:07:31 GMT
etag
"06140e4e3-0;;;"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=1333600, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
151197
expires
Mon, 19 Aug 2024 01:15:17 GMT
c6116bb4fa94c47a69cf6b888ff3f897.js
asunderfacilitydealt.com/c6/11/6b/
0
0
Script
General
Full URL
https://asunderfacilitydealt.com/c6/11/6b/c6116bb4fa94c47a69cf6b888ff3f897.js
Requested by
Host: antivirus.my.id
URL: https://antivirus.my.id/us.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Referer
https://safeupater.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 12 Aug 2024 01:15:17 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
th
tse1.mm.bing.net/
1 KB
2 KB
Image
General
Full URL
https://tse1.mm.bing.net/th?id=OIP.Pib8dMiwgh45YvIaRvB6qwHaEK&pid=15.1
Requested by
Host: safeupater.pages.dev
URL: https://safeupater.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
36cbc8edf63260b8b3d9a827aee5ac721de768306c5231e22498de2c1232d358

Request headers

Referer
https://safeupater.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 01:15:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 28EDD142BE2F4FA48A04E5C645E9D7D2 Ref B: AMS231020512019 Ref C: 2024-08-12T01:15:17Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
cache-control
no-cache
timing-allow-origin
*
access-control-allow-headers
*
content-length
1192
expires
-1
favicon.ico
safeupater.pages.dev/
8 KB
3 KB
Other
General
Full URL
https://safeupater.pages.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e97d3dc009c3f9e9412906791f101dcd77c8d6fbdab2ece3448f153b32a5141a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://safeupater.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 01:15:18 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ch9zo3sspHXRVHxFEIT48iuKP%2BgUE4aewJNjARQZ7CSRsBByve7SaIbeGu93HPwr%2BVgmZSOM%2BH%2Fs3qh13rZ1nObehXXIRsEUEgxx%2FUNSlmA%2BZ9q7L3ywUWl65sgoJKfMzp6nEGQq3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8b1c9d129b4d66b5-AMS
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.malekal.com
URL
https://www.malekal.com/wp-content/uploads/avast-secure-browser-1536x864.jpg

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap function| loadExternalScript

1 Cookies

Domain/Path Name / Value
.malekal.com/ Name: __cf_bm
Value: PPtb76mEA86KjPNPt1XTrzm6MiW7Okw5P4TecSn1pAs-1723425317-1.0.1.1-aPLLn2jpwNfnXbDJZzTCRIQD9_bx0nyzjZYhSqq_7QAptjaRMOcqWpKtF3nUW7szk1da4C6bd43bTsK6TcMvcw

7 Console Messages

Source Level URL
Text
security warning URL: https://safeupater.pages.dev/
Message:
Mixed Content: The page at 'https://safeupater.pages.dev/' was loaded over HTTPS, but requested an insecure element 'http://mytechquest.com/blog/wp-content/uploads/2014/10/Avast-Uninstall-Tool.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safeupater.pages.dev/
Message:
Mixed Content: The page at 'https://safeupater.pages.dev/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-8OqBu_mrM3E/UIqzjOUSX9I/AAAAAAAABb8/5p-PV8gISIw/s1600/Avast%2521+Free+Antivirus+7.0.1473.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safeupater.pages.dev/(Line 120)
Message:
Mixed Content: The page at 'https://safeupater.pages.dev/' was loaded over HTTPS, but requested an insecure element 'http://mytechquest.com/blog/wp-content/uploads/2014/10/Avast-Uninstall-Tool.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://safeupater.pages.dev/(Line 120)
Message:
Mixed Content: The page at 'https://safeupater.pages.dev/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/-8OqBu_mrM3E/UIqzjOUSX9I/AAAAAAAABb8/5p-PV8gISIw/s1600/Avast%2521+Free+Antivirus+7.0.1473.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://www.malekal.com/wp-content/uploads/avast-secure-browser-1536x864.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://tse1.mm.bing.net/th?id=OIP.Pib8dMiwgh45YvIaRvB6qwHaEK&pid=15.1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://asunderfacilitydealt.com/c6/11/6b/c6116bb4fa94c47a69cf6b888ff3f897.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff