urlscan.io logo urlscan.io
SecurityTrails logo

safedownloadem.cf Open in urlscan Pro
2606:4700:3035::681b:9a93  Public Scan

Go To Rescan Add Verdict Report
URL: https://safedownloadem.cf/
Submission: On July 18 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 14 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3035::681b:9a93, located in United States and belongs to CLOUDFLARENET, US. The main domain is safedownloadem.cf.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2020. Valid for: a year.
This is the only time safedownloadem.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 151.101.112.193 54113 (FASTLY)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.111.231.191 16625 (AKAMAI-AS)
1 62.101.76.218 12874 (FASTWEB)
1 158.177.130.84 36351 (SOFTLAYER)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 3.95.19.239 14618 (AMAZON-AES)
1 185.56.218.227 202675 (KELIWEB)
1 46.101.68.187 14061 (DIGITALOC...)
18 14
3    2606:4700:3035::681b:9a93 (United States)

ASN13335 (CLOUDFLARENET, US)
safedownloadem.cf
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
stackpath.bootstrapcdn.com
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
youtube.com
1    2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.111.231.191 (Netherlands)

ASN16625 (AKAMAI-AS, US)
cdn0.matrimonio.com
1    62.101.76.218 (Turate, Italy)

ASN12874 (FASTWEB, IT)
www.fastweb.it
1    158.177.130.84 (United States)

ASN36351 (SOFTLAYER, US)
www.notizie.it
1    2606:4700:3037::6812:35ce (United States)

ASN13335 (CLOUDFLARENET, US)
hosonhouse.com
1    2606:4700:3031::681c:1cfd (United States)

ASN13335 (CLOUDFLARENET, US)
www.gromia.com
1    3.95.19.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
community.appinventor.mit.edu
1    185.56.218.227 (Ferrara, Italy)

ASN202675 (KELIWEB, IT)
www.mondomobileweb.it
1    46.101.68.187 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
www.valoreazioni.com
Domain Requested by
3 fonts.gstatic.com safedownloadem.cf
3 safedownloadem.cf safedownloadem.cf
1 www.valoreazioni.com
1 www.mondomobileweb.it
1 community.appinventor.mit.edu
1 www.gromia.com
1 hosonhouse.com
1 www.notizie.it
1 www.fastweb.it
1 cdn0.matrimonio.com
1 www.youtube.com safedownloadem.cf
1 youtube.com 1 redirects
1 i.imgur.com safedownloadem.cf
1 code.jquery.com safedownloadem.cf
1 stackpath.bootstrapcdn.com safedownloadem.cf
18 15

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-18 -
2021-07-18		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2020-01-15 -
2022-03-16		 2 years crt.sh
*.google.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
www.bodas.net
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2021-01-26		 a year crt.sh
*.fastweb.it
Thawte RSA CA 2018		 2019-06-13 -
2020-09-11		 a year crt.sh
*.notizie.it
AlphaSSL CA - SHA256 - G2		 2018-10-30 -
2020-12-24		 2 years crt.sh
community.appinventor.mit.edu
Let's Encrypt Authority X3		 2020-06-12 -
2020-09-10		 3 months crt.sh
mail.mondomobileweb.it
Let's Encrypt Authority X3		 2020-06-21 -
2020-09-19		 3 months crt.sh
valoreazioni.com
Let's Encrypt Authority X3		 2020-07-17 -
2020-10-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://safedownloadem.cf/
Frame ID: CC71AE5963AEE9C467179C2DDDAA1D83
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/vsuh8qieqV0?rel=0
Frame ID: 19E52D6EF56152A70341A7F2FB3B878A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

18
Requests

100 %
HTTPS

53 %
IPv6

14
Domains

15
Subdomains

14
IPs

4
Countries

774 kB
Transfer

972 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://youtube.com/embed/vsuh8qieqV0?rel=0 HTTP 301
  • https://www.youtube.com/embed/vsuh8qieqV0?rel=0

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
safedownloadem.cf/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safedownloadem.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:9a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
419226735446daf3ff8eaa633481ceb6e0d6d1d0d8178a9166b7d2285929bbb7

Request headers

:method
GET
:authority
safedownloadem.cf
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sat, 18 Jul 2020 13:17:08 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de753adc18811514346b58f30cdba71091595078227; expires=Mon, 17-Aug-20 13:17:07 GMT; path=/; domain=.safedownloadem.cf; HttpOnly; SameSite=Lax
expires
Tue, 28 Jul 2020 13:17:07 GMT
cache-control
max-age=864000
cf-cache-status
MISS
cf-request-id
0403ab4fc200003248f5361200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5b4c7b2c6f593248-FRA
content-encoding
br
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/3.3.5/css/ 		120 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Requested by
Host: safedownloadem.cf
URL: https://safedownloadem.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://safedownloadem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:17:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19879
style.css
safedownloadem.cf/ 		108 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safedownloadem.cf/style.css
Requested by
Host: safedownloadem.cf
URL: https://safedownloadem.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:9a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c9bb93ec296cafa200389741db6f573455cb9d9ca12f92e0291525565ad4c52

Request headers

Referer
https://safedownloadem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:17:08 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
status
200
cache-control
max-age=864000
cf-ray
5b4c7b2e2b373248-FRA
cf-request-id
0403ab50d600003248f5374200000001
expires
Tue, 28 Jul 2020 13:17:07 GMT
jquery-1.12.4
code.jquery.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.4
Requested by
Host: safedownloadem.cf
URL: https://safedownloadem.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://safedownloadem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
jquery.min.js
safedownloadem.cf/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safedownloadem.cf/js/jquery.min.js
Requested by
Host: safedownloadem.cf
URL: https://safedownloadem.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:9a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce233f3ca4f57ce3121b28179c177f0009ec9a5e263d2813ebee3fc2e4c4574c

Request headers

Referer
https://safedownloadem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jul 2020 13:17:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 18 Jul 2020 13:17:07GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=864000
cf-ray
5b4c7b2e2b393248-FRA
cf-request-id
0403ab50d600003248f5375200000001
expires
Tue, 28 Jul 2020 13:17:07 GMT
W7I1KA1.gif
i.imgur.com/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/W7I1KA1.gif
Requested by
Host: safedownloadem.cf
URL: https://safedownloadem.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
88d99dfa644c8b1739d293400b58dcd2bd155b0fcd3fc3dea13a9f49f09994c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://safedownloadem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:17:08 GMT
x-content-type-options
nosniff
age
3180338
x-cache
HIT, HIT
status
200
content-length
16770
x-served-by
cache-bwi5144-BWI, cache-hhn4035-HHN
last-modified
Wed, 31 Oct 2018 22:46:18 GMT
server
cat factory 1.0
x-timer
S1595078228.294727,VS0,VE1
etag
"a3e34b4775ae5409b5b84ff56f7676c0"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
vsuh8qieqV0
www.youtube.com/embed/ Frame 19E5
Redirect Chain
  • https://youtube.com/embed/vsuh8qieqV0?rel=0
  • https://www.youtube.com/embed/vsuh8qieqV0?rel=0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/vsuh8qieqV0?rel=0
Requested by
Host: safedownloadem.cf
URL: https://safedownloadem.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/vsuh8qieqV0?rel=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://safedownloadem.cf/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://safedownloadem.cf/

Response headers

status
200
cache-control
no-cache
content-length
11519
accept-ch
DPR
strict-transport-security
max-age=31536000
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-type
text/html; charset=utf-8
accept-ch-lifetime
2592000
x-content-type-options
nosniff
date
Sat, 18 Jul 2020 13:17:08 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=mR2qv45mLko; path=/; domain=.youtube.com; secure; expires=Thu, 14-Jan-2021 13:17:08 GMT; httponly; samesite=None YSC=UU2pOJ0JGfM; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sat, 18-Jul-2020 13:47:08 GMT VISITOR_INFO1_LIVE=mR2qv45mLko; path=/; domain=.youtube.com; secure; expires=Thu, 14-Jan-2021 13:17:08 GMT; httponly; samesite=None
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
301
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
0
location
https://www.youtube.com/embed/vsuh8qieqV0?rel=0
date
Sat, 18 Jul 2020 13:17:08 GMT
content-type
text/html
server
YouTube Frontend Proxy
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v19/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: safedownloadem.cf
URL: https://safedownloadem.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://safedownloadem.cf/style.css
Origin
https://safedownloadem.cf

Response headers

date
Thu, 11 Jun 2020 08:54:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:12 GMT
server
sffe
age
3212576
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15872
x-xss-protection
0
expires
Fri, 11 Jun 2021 08:54:12 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: safedownloadem.cf
URL: https://safedownloadem.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://safedownloadem.cf/style.css
Origin
https://safedownloadem.cf

Response headers

date
Fri, 12 Jun 2020 20:29:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:01 GMT
server
sffe
age
3084474
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Sat, 12 Jun 2021 20:29:14 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v19/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: safedownloadem.cf
URL: https://safedownloadem.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://safedownloadem.cf/style.css
Origin
https://safedownloadem.cf

Response headers

date
Wed, 10 Jun 2020 14:45:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:46 GMT
server
sffe
age
3277873
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
expires
Thu, 10 Jun 2021 14:45:55 GMT
cfb_1077554.jpg
cdn0.matrimonio.com/usr/0/0/3/2/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn0.matrimonio.com/usr/0/0/3/2/cfb_1077554.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.231.191 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
1da58ed3e050db3310e9ecf0c0ca6c67f5b37d927ad9bd43c4d86bb9a0c55a2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://safedownloadem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 09 Jul 2020 17:00:49 GMT
server
Apache
etag
"6c86e2cc23e91cc413a8d7922302fa94"
imageserver
true
content-type
image/jpeg
status
200
cache-control
max-age=2592000, public
date
Sat, 18 Jul 2020 13:17:09 GMT
content-length
35379
expires
Mon, 17 Aug 2020 15:17:08 GMT
webcam-smartphone.jpg
www.fastweb.it/var/storage_feeds/CMS/articoli/9c1/9c17ee01480a6b3411147548f33e72d1/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fastweb.it/var/storage_feeds/CMS/articoli/9c1/9c17ee01480a6b3411147548f33e72d1/webcam-smartphone.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
62.101.76.218 Turate, Italy, ASN12874 (FASTWEB, IT),
Reverse DNS
Software
/
Resource Hash
494beb205667a062b55d11f53e158205a72419f7ebd24623335f3bc412c7cad6

Request headers

Referer
https://safedownloadem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 18 Jul 2020 13:17:08 GMT
Last-Modified
Thu, 02 Jul 2020 12:19:24 GMT
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=6, max=500
Content-Length
71553
Expires
Tue, 16 Jul 2030 13:17:08 GMT
fastweb-768x366.png
www.notizie.it/wp-content/uploads/2016/09/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notizie.it/wp-content/uploads/2016/09/fastweb-768x366.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.177.130.84 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
Apache/2.4.35 (IUS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
b1bde7d254e6b2d3e4ce87067427ac80c069a5cf1c0f82d185cd3581e5d5a67a

Request headers

Referer
https://safedownloadem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:17:08 GMT
last-modified
Tue, 13 Sep 2016 09:45:50 GMT
server
Apache/2.4.35 (IUS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
etag
"1ab1e-53c607a4dcf80"
content-type
image/png
status
200
cache-control
public
accept-ranges
bytes
content-length
109342
expires
Mon, 17 Aug 2020 13:17:08 GMT
non-riesco-a-scaricare-gli-allegati-dalle-mail-2.jpg
hosonhouse.com/img/ 		144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hosonhouse.com/img/non-riesco-a-scaricare-gli-allegati-dalle-mail-2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:35ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
57a76f3938911f0168499d709327c4eed1654f21b92f222d7553f99ff2b1591e

Request headers

Referer
https://safedownloadem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:17:09 GMT
cf-cache-status
MISS
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
cf-ray
5b4c7b3228e26509-FRA
cf-request-id
0403ab53550000650955bfb200000001
non-riesco-a-vendere-casa-365x330.jpg
www.gromia.com/blog/wp-content/uploads/2019/06/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gromia.com/blog/wp-content/uploads/2019/06/non-riesco-a-vendere-casa-365x330.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1cfd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3727a3db9df5dcf2c19acd358454068ac7598084a55bd1d5de3e5657f9808dd

Request headers

Referer
https://safedownloadem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:17:08 GMT
cf-cache-status
HIT
last-modified
Thu, 20 Jun 2019 15:50:00 GMT
server
cloudflare
age
625
etag
"5d0bab28-3c4d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
accept-ranges
bytes
cf-ray
5b4c7b3239f5d6b5-FRA
content-length
15437
cf-request-id
0403ab535e0000d6b513b37200000001
8c9f60ba8145a6cc3991078e0ae22d8b729a750a_2_666x500.png
community.appinventor.mit.edu/uploads/default/optimized/2X/8/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.appinventor.mit.edu/uploads/default/optimized/2X/8/8c9f60ba8145a6cc3991078e0ae22d8b729a750a_2_666x500.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.95.19.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
aedb2437fcbe6def836c20b1862ae327f8e1151b0fde24dd9b35f7cba7c41e7a

Request headers

Referer
https://safedownloadem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:17:09 GMT
last-modified
Wed, 29 Jan 2020 10:39:54 GMT
server
nginx
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,immutable
accept-ranges
bytes
content-length
54607
expires
Sun, 18 Jul 2021 13:17:09 GMT
Fastweb.jpg
www.mondomobileweb.it/wp-content/uploads/2018/01/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mondomobileweb.it/wp-content/uploads/2018/01/Fastweb.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.56.218.227 Ferrara, Italy, ASN202675 (KELIWEB, IT),
Reverse DNS
Software
Apache /
Resource Hash
48acce1ee75038f17d8432ba25511a5099223b5640e04e8e235c3249316d4a34

Request headers

Referer
https://safedownloadem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:17:08 GMT
last-modified
Sun, 10 Mar 2019 00:43:26 GMT
server
Apache
content-type
image/jpeg
status
200
cache-control
max-age=10368000
accept-ranges
bytes
content-length
65088
expires
max-age=A10368000, public
disdetta-fastweb-per-recesso-..png
www.valoreazioni.com/wp-content/uploads/2014/10/ 		173 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.valoreazioni.com/wp-content/uploads/2014/10/disdetta-fastweb-per-recesso-..png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
46.101.68.187 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9f0583bfe47614318d8b13fc805ea1cee1030c2bd7c233c062e761166e2e3c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://safedownloadem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 18 Jul 2020 13:17:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Feb 2019 12:22:43 GMT
server
nginx
etag
"5c5c2313-2b4df"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
177375
x-xss-protection
1; mode=block
expires
Sun, 18 Jul 2021 13:17:08 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| q string| t string| s object| c2F string| ref

4 Cookies

Domain/Path Name / Value
.youtube.com/ Name: GPS
Value: 1
.youtube.com/ Name: YSC
Value: UU2pOJ0JGfM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: mR2qv45mLko
.safedownloadem.cf/ Name: __cfduid
Value: de753adc18811514346b58f30cdba71091595078227

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn0.matrimonio.com
code.jquery.com
community.appinventor.mit.edu
fonts.gstatic.com
hosonhouse.com
i.imgur.com
safedownloadem.cf
stackpath.bootstrapcdn.com
www.fastweb.it
www.gromia.com
www.mondomobileweb.it
www.notizie.it
www.valoreazioni.com
www.youtube.com
youtube.com
104.111.231.191
151.101.112.193
158.177.130.84
185.56.218.227
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:2a
2606:4700:3031::681c:1cfd
2606:4700:3035::681b:9a93
2606:4700:3037::6812:35ce
2a00:1450:4001:815::200e
2a00:1450:4001:818::2003
2a00:1450:4001:818::200e
3.95.19.239
46.101.68.187
62.101.76.218
1c9bb93ec296cafa200389741db6f573455cb9d9ca12f92e0291525565ad4c52
1da58ed3e050db3310e9ecf0c0ca6c67f5b37d927ad9bd43c4d86bb9a0c55a2b
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
419226735446daf3ff8eaa633481ceb6e0d6d1d0d8178a9166b7d2285929bbb7
48acce1ee75038f17d8432ba25511a5099223b5640e04e8e235c3249316d4a34
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
494beb205667a062b55d11f53e158205a72419f7ebd24623335f3bc412c7cad6
57a76f3938911f0168499d709327c4eed1654f21b92f222d7553f99ff2b1591e
88d99dfa644c8b1739d293400b58dcd2bd155b0fcd3fc3dea13a9f49f09994c5
9f0583bfe47614318d8b13fc805ea1cee1030c2bd7c233c062e761166e2e3c09
aedb2437fcbe6def836c20b1862ae327f8e1151b0fde24dd9b35f7cba7c41e7a
b1bde7d254e6b2d3e4ce87067427ac80c069a5cf1c0f82d185cd3581e5d5a67a
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
ce233f3ca4f57ce3121b28179c177f0009ec9a5e263d2813ebee3fc2e4c4574c
d3727a3db9df5dcf2c19acd358454068ac7598084a55bd1d5de3e5657f9808dd