urlscan.io logo urlscan.io
SecurityTrails logo

mes.safedatard.com Open in urlscan Pro
35.209.194.124  Public Scan

Go To Rescan Add Verdict Report
URL: https://mes.safedatard.com/
Submission: On March 29 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 18 HTTP transactions. The main IP is 35.209.194.124, located in Mountain View, United States and belongs to GOOGLE-2, US. The main domain is mes.safedatard.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 28th 2020. Valid for: 3 months.
This is the only time mes.safedatard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    35.209.194.124 (Mountain View, United States)

ASN19527 (GOOGLE-2, US)
PTR: 124.194.209.35.bc.googleusercontent.com
mes.safedatard.com
10    2606:4700:3035::6812:3f91 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.decuandoenmes.com.do
1    2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
10 cdn.decuandoenmes.com.do mes.safedatard.com
2 www.google-analytics.com www.googletagmanager.com
2 use.fontawesome.com mes.safedatard.com
1 fonts.gstatic.com mes.safedatard.com
1 fonts.googleapis.com mes.safedatard.com
1 www.googletagmanager.com mes.safedatard.com
1 mes.safedatard.com
18 7

This site contains links to these domains. Also see Links.

Domain
cdn.decuandoenmes.com.do
Subject Issuer Validity Valid
mes.safedatard.com
Let's Encrypt Authority X3		 2020-03-28 -
2020-06-26		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-30 -
2020-10-09		 8 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mes.safedatard.com/
Frame ID: FB00B965985D32572F91E82B3C38AB14
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /addthis\.com\/js\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /select2(?:\.min|\.full)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /select2(?:\.min|\.full)?\.js/i

Page Statistics

18
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

427 kB
Transfer

538 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mes.safedatard.com/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mes.safedatard.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.194.124 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
124.194.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4cc2f73e416148fe17bac1cc12362855279ec07b455c4f35f5cc4d697380da44

Request headers

:method
GET
:authority
mes.safedatard.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
server
nginx
date
Sun, 29 Mar 2020 01:00:48 GMT
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=86400; v="43,39"
host-header
b7440e60b07ee7b8044761568fab26e8
x-proxy-cache
MISS
background.jpg
cdn.decuandoenmes.com.do/img/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.decuandoenmes.com.do/img/background.jpg
Requested by
Host: mes.safedatard.com
URL: https://mes.safedatard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:3f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f9d0049e4204c9a34316c92006c3ff6742695e44a2b9f7f1a07a256ae8ad06

Request headers

Referer
https://mes.safedatard.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 29 Mar 2020 01:00:48 GMT
cf-cache-status
HIT
last-modified
Fri, 31 Jan 2020 17:10:32 GMT
server
cloudflare
age
64
etag
"22175-59d72a6b6f692"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
accept-ranges
bytes
host-header
b7440e60b07ee7b8044761568fab26e8
cf-ray
57b5a7f11df11772-FRA
content-length
139637
x-proxy-cache
MISS
mes.logo.png
cdn.decuandoenmes.com.do/img/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.decuandoenmes.com.do/img/mes.logo.png
Requested by
Host: mes.safedatard.com
URL: https://mes.safedatard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:3f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77c59ee878eb15ada3b4e51de341db1e73e56cb70840e30324d96532d8b701b9

Request headers

Referer
https://mes.safedatard.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 29 Mar 2020 01:00:48 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Jan 2020 03:09:32 GMT
server
cloudflare
age
64
etag
"1289f-59d3eab659f29"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
accept-ranges
bytes
host-header
b7440e60b07ee7b8044761568fab26e8
cf-ray
57b5a7f11df21772-FRA
content-length
75935
x-proxy-cache
MISS
mes.premios.png
cdn.decuandoenmes.com.do/img/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.decuandoenmes.com.do/img/mes.premios.png
Requested by
Host: mes.safedatard.com
URL: https://mes.safedatard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:3f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2e447434b52a25fe866f22e16b70f12f284d9802e2ceaaaa554a96ce477ec0

Request headers

Referer
https://mes.safedatard.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 29 Mar 2020 01:00:48 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Jan 2020 03:24:43 GMT
server
cloudflare
age
63
etag
"d398-59d3ee1ad3257"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
accept-ranges
bytes
host-header
b7440e60b07ee7b8044761568fab26e8
cf-ray
57b5a7f13e131772-FRA
content-length
54168
x-proxy-cache
MISS
js
www.googletagmanager.com/gtag/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-118285112-1
Requested by
Host: mes.safedatard.com
URL: https://mes.safedatard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b28c4b90ae61b312321b03050b7c58db5f3332c34521a1c4aafcc0c8a17b9509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://mes.safedatard.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 29 Mar 2020 01:00:48 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28642
x-xss-protection
0
last-modified
Sun, 29 Mar 2020 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 29 Mar 2020 01:00:48 GMT
javascript.js
cdn.decuandoenmes.com.do/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.decuandoenmes.com.do/javascript.js
Requested by
Host: mes.safedatard.com
URL: https://mes.safedatard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:3f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adccbbc9053a60a4667151b1cd7767b0ebb349e8e8895126afdce20417b8521

Request headers

Referer
https://mes.safedatard.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 29 Mar 2020 01:00:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Feb 2020 13:42:27 GMT
server
cloudflare
age
64
etag
W/"1181-59dd453c6c9e6-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
host-header
b7440e60b07ee7b8044761568fab26e8
cf-ray
57b5a7f11df01772-FRA
x-proxy-cache
MISS
style.css
cdn.decuandoenmes.com.do/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.decuandoenmes.com.do/style.css
Requested by
Host: mes.safedatard.com
URL: https://mes.safedatard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:3f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90c0b1acbb3d1ed6cb75fc65afcc1097371104160895a8bcb3f6cf80356dc521

Request headers

Referer
https://mes.safedatard.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 29 Mar 2020 01:00:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 31 Jan 2020 20:54:16 GMT
server
cloudflare
age
64
etag
W/"10b2-59d75c6d98688-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
b7440e60b07ee7b8044761568fab26e8
cf-ray
57b5a7f11de61772-FRA
x-proxy-cache
MISS
style_small.css
cdn.decuandoenmes.com.do/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.decuandoenmes.com.do/style_small.css
Requested by
Host: mes.safedatard.com
URL: https://mes.safedatard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:3f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93ffcfe9518bbd927ff370a33e94fb81d4bd2912db0fd1d01f813f26341ef4ee

Request headers

Referer
https://mes.safedatard.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 29 Mar 2020 01:00:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Feb 2020 20:12:17 GMT
server
cloudflare
age
64
etag
W/"158b-59dd9c5e35653-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
b7440e60b07ee7b8044761568fab26e8
cf-ray
57b5a7f11dea1772-FRA
x-proxy-cache
MISS
style_medium.css
cdn.decuandoenmes.com.do/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.decuandoenmes.com.do/style_medium.css
Requested by
Host: mes.safedatard.com
URL: https://mes.safedatard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:3f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc3923fe3646bdb63e52c5f0396e32f61bfd2d0de00cec1fb20cfeff0c91750

Request headers

Referer
https://mes.safedatard.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 29 Mar 2020 01:00:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Feb 2020 20:08:37 GMT
server
cloudflare
age
64
etag
W/"f29-59dd9b8c7f53f-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
b7440e60b07ee7b8044761568fab26e8
cf-ray
57b5a7f11dec1772-FRA
x-proxy-cache
MISS
style_big.css
cdn.decuandoenmes.com.do/ 		839 B
407 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.decuandoenmes.com.do/style_big.css
Requested by
Host: mes.safedatard.com
URL: https://mes.safedatard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:3f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd4b27b3022618594f8ee49e0242dd7d5331e63a88c8bcec51ea5bdb99fbf766

Request headers

Referer
https://mes.safedatard.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 29 Mar 2020 01:00:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Feb 2020 13:19:12 GMT
server
cloudflare
age
64
etag
W/"347-59dd400a0804c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
host-header
b7440e60b07ee7b8044761568fab26e8
cf-ray
57b5a7f11ded1772-FRA
x-proxy-cache
MISS
css
fonts.googleapis.com/ 		1 KB
575 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans&display=swap
Requested by
Host: mes.safedatard.com
URL: https://mes.safedatard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99cec257e3bb0bac2b8116d4d1f89aec287cb259b4f8026a6f84fcb8d840fcad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mes.safedatard.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 29 Mar 2020 01:00:48 GMT
server
ESF
date
Sun, 29 Mar 2020 01:00:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 29 Mar 2020 01:00:48 GMT
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: mes.safedatard.com
URL: https://mes.safedatard.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Referer
https://mes.safedatard.com/
Origin
https://mes.safedatard.com
Sec-Fetch-Dest
style
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 29 Mar 2020 01:00:48 GMT
content-encoding
gzip
last-modified
Tue, 10 Apr 2018 23:10:22 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
logo_cortes.png
cdn.decuandoenmes.com.do/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.decuandoenmes.com.do/img/logo_cortes.png
Requested by
Host: mes.safedatard.com
URL: https://mes.safedatard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:3f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd97b3301cc8a897c64d22bd16e7a14e6571ea380da845b12d3a59f3677160de

Request headers

Referer
https://mes.safedatard.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 29 Mar 2020 01:00:48 GMT
cf-cache-status
HIT
last-modified
Wed, 05 Feb 2020 20:10:59 GMT
server
cloudflare
age
63
etag
"2e26-59dd9c14292f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
accept-ranges
bytes
host-header
b7440e60b07ee7b8044761568fab26e8
cf-ray
57b5a7f13e141772-FRA
content-length
11814
x-proxy-cache
MISS
mes.always.png
cdn.decuandoenmes.com.do/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.decuandoenmes.com.do/img/mes.always.png
Requested by
Host: mes.safedatard.com
URL: https://mes.safedatard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:3f91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7892db5ea9de468146bff3a454693423274082188eb3d220bf9c31bfd096e366

Request headers

Referer
https://mes.safedatard.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 29 Mar 2020 01:00:48 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Jan 2020 01:57:11 GMT
server
cloudflare
age
63
etag
"5064-59d3da8a20b79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
accept-ranges
bytes
host-header
b7440e60b07ee7b8044761568fab26e8
cf-ray
57b5a7f13e151772-FRA
content-length
20580
x-proxy-cache
MISS
QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoI3ZKyHaQQ.woff
fonts.gstatic.com/s/worksans/v7/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v7/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoI3ZKyHaQQ.woff
Requested by
Host: mes.safedatard.com
URL: https://mes.safedatard.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f26252a27d65771e45a4d4fc81d604a55e6f0d6357ba085cf8b9b77aefaabe15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Work+Sans&display=swap
Origin
https://mes.safedatard.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 06:46:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 19 Mar 2020 18:25:12 GMT
server
sffe
age
65654
content-type
font/woff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
21184
x-xss-protection
0
expires
Sun, 28 Mar 2021 06:46:34 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.10/webfonts/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/webfonts/fa-solid-900.woff2
Requested by
Host: mes.safedatard.com
URL: https://mes.safedatard.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Origin
https://mes.safedatard.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 29 Mar 2020 01:00:48 GMT
last-modified
Tue, 10 Apr 2018 23:10:38 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"84f351b3972185aed620f78489e48b2d"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
44068
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118285112-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mes.safedatard.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
1636
date
Sun, 29 Mar 2020 00:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Sun, 29 Mar 2020 02:33:32 GMT
collect
www.google-analytics.com/r/ 		35 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2015315672&t=pageview&_s=1&dl=https%3A%2F%2Fmes.safedatard.com%2F&ul=en-us&de=UTF-8&dt=De%20cuando%20en%20mes%20-%20Registra%20tu%20c%C3%B3digo%20promocional&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=177987694&gjid=494422496&cid=1608578306.1585443648&tid=UA-118285112-1&_gid=1271344237.1585443648&_r=1&gtm=2ou3i0&z=571454977
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mes.safedatard.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sun, 29 Mar 2020 01:00:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer function| checkEmail function| checkName function| validate function| validatecode function| findGetParameter function| makeid object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.decuandoenmes.com.do
fonts.googleapis.com
fonts.gstatic.com
mes.safedatard.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
23.111.9.35
2606:4700:3035::6812:3f91
2a00:1450:4001:808::2003
2a00:1450:4001:816::2008
2a00:1450:4001:81f::200e
2a00:1450:4001:824::200a
35.209.194.124
1fc3923fe3646bdb63e52c5f0396e32f61bfd2d0de00cec1fb20cfeff0c91750
2adccbbc9053a60a4667151b1cd7767b0ebb349e8e8895126afdce20417b8521
3d2e447434b52a25fe866f22e16b70f12f284d9802e2ceaaaa554a96ce477ec0
4cc2f73e416148fe17bac1cc12362855279ec07b455c4f35f5cc4d697380da44
66f9d0049e4204c9a34316c92006c3ff6742695e44a2b9f7f1a07a256ae8ad06
77c59ee878eb15ada3b4e51de341db1e73e56cb70840e30324d96532d8b701b9
7892db5ea9de468146bff3a454693423274082188eb3d220bf9c31bfd096e366
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90c0b1acbb3d1ed6cb75fc65afcc1097371104160895a8bcb3f6cf80356dc521
93ffcfe9518bbd927ff370a33e94fb81d4bd2912db0fd1d01f813f26341ef4ee
99cec257e3bb0bac2b8116d4d1f89aec287cb259b4f8026a6f84fcb8d840fcad
b28c4b90ae61b312321b03050b7c58db5f3332c34521a1c4aafcc0c8a17b9509
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a
cd97b3301cc8a897c64d22bd16e7a14e6571ea380da845b12d3a59f3677160de
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae
dd4b27b3022618594f8ee49e0242dd7d5331e63a88c8bcec51ea5bdb99fbf766
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f26252a27d65771e45a4d4fc81d604a55e6f0d6357ba085cf8b9b77aefaabe15