URL: https://safetynews.uk.nf/
Submission: On October 24 via api from US — Scanned from GB

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 25 HTTP transactions. The main IP is 31.22.4.11, located in Leeds, United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is safetynews.uk.nf.
TLS certificate: Issued by R11 on October 22nd 2024. Valid for: 3 months.
This is the only time safetynews.uk.nf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 31.22.4.11 34119 (WILDCARD-...)
15 188.114.97.3 13335 (CLOUDFLAR...)
3 188.114.97.9 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 172.240.108.76 7979 (SERVERS-COM)
25 5
Domain Requested by
5 safetynews.uk.nf safetynews.uk.nf
3 ro-ash.apibrainly.my.id safetynews.uk.nf
ro-ash.apibrainly.my.id
3 pl.apibrainly.my.id safetynews.uk.nf
pl.apibrainly.my.id
3 ph.apibrainly.my.id safetynews.uk.nf
ph.apibrainly.my.id
3 id.apibrainly.my.id safetynews.uk.nf
id.apibrainly.my.id
3 fr.apibrainly.my.id safetynews.uk.nf
fr.apibrainly.my.id
3 en.apibrainly.my.id safetynews.uk.nf
en.apibrainly.my.id
1 endlesslynavel.com cdn.jasaorder.com
1 cdn.jasaorder.com safetynews.uk.nf
25 9

This site contains no links.

Subject Issuer Validity Valid
safetynews.uk.nf
R11
2024-10-22 -
2025-01-20
3 months crt.sh
apibrainly.my.id
WE1
2024-10-14 -
2025-01-12
3 months crt.sh
jasaorder.com
WE1
2024-09-11 -
2024-12-10
3 months crt.sh
endlesslynavel.com
R11
2024-08-31 -
2024-11-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://safetynews.uk.nf/
Frame ID: 2FF76E835F02D584065393025C3F66EE
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

Share your knowledge | Questions and answers about education

Page Statistics

25
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

9
Subdomains

5
IPs

3
Countries

249 kB
Transfer

1510 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
safetynews.uk.nf/
2 KB
1 KB
Document
General
Full URL
https://safetynews.uk.nf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.22.4.11 Leeds, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
sv11.byethost11.org
Software
nginx /
Resource Hash
9cb27544eed27bc0b80cbe7784fe9fbd181fcf7a2b94892bd0d250e0e1e77478

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

cache-control
max-age=500, public, proxy-revalidate
content-encoding
gzip
content-type
text/html
date
Thu, 24 Oct 2024 22:19:18 GMT
etag
W/"208dea41f-894-6253551322880"
expires
Thu, 24 Oct 2024 22:27:38 GMT
last-modified
Thu, 24 Oct 2024 09:06:26 GMT
server
nginx
vary
Accept-Encoding
style-guide.css
safetynews.uk.nf/assets/
128 KB
23 KB
Stylesheet
General
Full URL
https://safetynews.uk.nf/assets/style-guide.css
Requested by
Host: safetynews.uk.nf
URL: https://safetynews.uk.nf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.22.4.11 Leeds, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
sv11.byethost11.org
Software
nginx /
Resource Hash
861500dabdfd41c1897fb9b6e2585356328f76b840412c0d07aa20f8ddd22a11

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://safetynews.uk.nf/

Response headers

cache-control
max-age=2592000, public, proxy-revalidate
content-encoding
gzip
etag
W/"100e9c1b8-20167-624e36e5c9000"
expires
Sat, 23 Nov 2024 22:19:18 GMT
date
Thu, 24 Oct 2024 22:19:18 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Sun, 20 Oct 2024 07:24:48 GMT
moment-with-locales.min.js
safetynews.uk.nf/assets/
366 KB
91 KB
Script
General
Full URL
https://safetynews.uk.nf/assets/moment-with-locales.min.js
Requested by
Host: safetynews.uk.nf
URL: https://safetynews.uk.nf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.22.4.11 Leeds, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
sv11.byethost11.org
Software
nginx /
Resource Hash
a00370aaf9694806b2b51dbf1340a170ec976edb4dba660602f7fdddc2a27f90

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://safetynews.uk.nf/

Response headers

cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
content-encoding
gzip
etag
W/"100b3b382-5b8db-62498c54c3a00"
expires
Sat, 23 Nov 2024 22:19:18 GMT
date
Thu, 24 Oct 2024 22:19:18 GMT
content-type
text/javascript
vary
Accept-Encoding
server
nginx
last-modified
Wed, 16 Oct 2024 14:20:24 GMT
moment-timezone-with-data.min.js
safetynews.uk.nf/assets/
719 KB
48 KB
Script
General
Full URL
https://safetynews.uk.nf/assets/moment-timezone-with-data.min.js
Requested by
Host: safetynews.uk.nf
URL: https://safetynews.uk.nf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.22.4.11 Leeds, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
sv11.byethost11.org
Software
nginx /
Resource Hash
841048af54bda7e255160dc05c6b1d527c2454a4a7aab021e71330c9486822cf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://safetynews.uk.nf/

Response headers

cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
content-encoding
gzip
etag
W/"1008059cd-b3d49-62498bfeeef80"
expires
Sat, 23 Nov 2024 22:19:18 GMT
date
Thu, 24 Oct 2024 22:19:18 GMT
content-type
text/javascript
vary
Accept-Encoding
server
nginx
last-modified
Wed, 16 Oct 2024 14:18:54 GMT
front.js
en.apibrainly.my.id/
38 KB
9 KB
Script
General
Full URL
https://en.apibrainly.my.id/front.js?v=999
Requested by
Host: safetynews.uk.nf
URL: https://safetynews.uk.nf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9788e5fee2d7f152d6fc7d31b0d087301c2f64fc828ad7b1a780611a0dfe3e8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://safetynews.uk.nf/

Response headers

server
cloudflare
cache-control
public, max-age=120
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"9637-192b28aecb0"
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
cf-ray
8d7d59025e6218dc-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42869&sent=43&recv=28&lost=0&retrans=0&sent_bytes=33807&recv_bytes=6254&delivery_rate=210212&cwnd=21600&unsent_bytes=0&cid=5c7d23280872ee40&ts=382&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 22:19:19 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 22 Oct 2024 04:45:02 GMT
vary
Accept-Encoding
priority
u=1,i=?0
front.js
fr.apibrainly.my.id/
38 KB
10 KB
Script
General
Full URL
https://fr.apibrainly.my.id/front.js?v=999
Requested by
Host: safetynews.uk.nf
URL: https://safetynews.uk.nf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5a4f81ad57299b09fbbb5d189b8ed1f6f6eddb7503fb6675b0f4e174390a564

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://safetynews.uk.nf/

Response headers

server
cloudflare
cache-control
public, max-age=120
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"99d7-192bd4e6ed8"
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
cf-ray
8d7d59032f0618dc-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42759&sent=53&recv=34&lost=0&retrans=0&sent_bytes=43711&recv_bytes=6519&delivery_rate=176775&cwnd=21600&unsent_bytes=0&cid=5c7d23280872ee40&ts=503&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 22:19:19 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 24 Oct 2024 06:54:47 GMT
vary
Accept-Encoding
priority
u=1,i=?0
front.js
id.apibrainly.my.id/
37 KB
9 KB
Script
General
Full URL
https://id.apibrainly.my.id/front.js?v=999
Requested by
Host: safetynews.uk.nf
URL: https://safetynews.uk.nf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22634885aa9605501259464d8af126e72b830865998054f083215a1ace6b76b0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://safetynews.uk.nf/

Response headers

server
cloudflare
cache-control
public, max-age=120
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"93aa-192a7a8edd8"
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
cf-ray
8d7d59033f1318dc-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43462&sent=34&recv=23&lost=0&retrans=0&sent_bytes=24056&recv_bytes=6038&delivery_rate=97624&cwnd=21600&unsent_bytes=0&cid=5c7d23280872ee40&ts=325&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 22:19:19 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sun, 20 Oct 2024 02:01:59 GMT
vary
Accept-Encoding
priority
u=1,i=?0
front.js
ph.apibrainly.my.id/
37 KB
9 KB
Script
General
Full URL
https://ph.apibrainly.my.id/front.js?v=999
Requested by
Host: safetynews.uk.nf
URL: https://safetynews.uk.nf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
402b0f7176f8762f1e1d727e7e05ef07099a1eaf4ee299706d9389eeab2f249f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://safetynews.uk.nf/

Response headers

server
cloudflare
cache-control
public, max-age=120
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"93b2-192a4134fb0"
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
cf-ray
8d7d590318d1d9ce-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43376&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4221&recv_bytes=4414&delivery_rate=407&cwnd=12000&unsent_bytes=0&cid=1dea63bb5e024b27&ts=186&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 22:19:19 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sat, 19 Oct 2024 09:19:42 GMT
vary
Accept-Encoding
priority
u=1,i=?0
front.js
pl.apibrainly.my.id/
37 KB
9 KB
Script
General
Full URL
https://pl.apibrainly.my.id/front.js?v=999
Requested by
Host: safetynews.uk.nf
URL: https://safetynews.uk.nf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc5234b0ce9665d581ebbf45ef44e563acb715d19d7e4535b6e0da9c958815ce

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://safetynews.uk.nf/

Response headers

server
cloudflare
cache-control
public, max-age=120
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"9390-1929d084d60"
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
cf-ray
8d7d5902ae9d18dc-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42737&sent=16&recv=14&lost=0&retrans=0&sent_bytes=4317&recv_bytes=5650&delivery_rate=412&cwnd=12000&unsent_bytes=0&cid=5c7d23280872ee40&ts=235&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 22:19:18 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 18 Oct 2024 00:30:20 GMT
vary
Accept-Encoding
priority
u=1,i=?0
front.js
ro-ash.apibrainly.my.id/
38 KB
9 KB
Script
General
Full URL
https://ro-ash.apibrainly.my.id/front.js?v=999
Requested by
Host: safetynews.uk.nf
URL: https://safetynews.uk.nf/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5e00455f6c7254e560a8ebceedeafbbc73adb752971843c40d30267d5530a7e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://safetynews.uk.nf/

Response headers

server
cloudflare
cache-control
public, max-age=120
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"962e-192b3462660"
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
cf-ray
8d7d59025e6518dc-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42737&sent=25&recv=14&lost=0&retrans=0&sent_bytes=14116&recv_bytes=5650&delivery_rate=412&cwnd=12000&unsent_bytes=0&cid=5c7d23280872ee40&ts=243&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 22:19:18 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 22 Oct 2024 08:09:32 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cp.js
cdn.jasaorder.com/tri/
12 KB
5 KB
Script
General
Full URL
https://cdn.jasaorder.com/tri/cp.js
Requested by
Host: safetynews.uk.nf
URL: https://safetynews.uk.nf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5a01720bb95d92fe3e41fb970c5b91ee821cf3183f57ef6f2a236d3239ddcd9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://safetynews.uk.nf/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"2e5c-67188848-827d0;br"
age
78
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pX5nPTC5YwwRjQfqkF2PdLGpzzGKLI9cilQvpQNP8fLi2sJeRJkbCdJ7ZzadhlrxRcsBdXhaIlPCbDmtZ5NPZ%2BdZCkKxTQXh%2FiLY3CbK8GDoJemJAIPfgYfdA%2BLhHNg2%2BykwHly9yzxUntfzxjV5cw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Oct 2024 22:18:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=54163&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3989&recv_bytes=2165&delivery_rate=71648&cwnd=136&unsent_bytes=0&cid=fe2bc439006cbe94&ts=72&x=0"
date
Thu, 24 Oct 2024 22:19:18 GMT
content-type
application/x-javascript
last-modified
Wed, 23 Oct 2024 05:23:20 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7d59015faa0163-CDG
server
cloudflare
api
en.apibrainly.my.id/
11 KB
4 KB
Fetch
General
Full URL
https://en.apibrainly.my.id/api
Requested by
Host: en.apibrainly.my.id
URL: https://en.apibrainly.my.id/front.js?v=999
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4f528e0e299bc144e138a3bdbb02e7ed20f17d6665f04f9ba8c197511ee12a5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Content-Type
application/json
Referer
https://safetynews.uk.nf/

Response headers

cache-control
public, max-age=3600, s-maxage=3600, stale-if-error=21600, stale-while-revalidate=21600, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
cf-ray
8d7d590bc8809366-SEA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
3748
server-timing
cfL4;desc="?proto=QUIC&rtt=228597&sent=34&recv=22&lost=0&retrans=0&sent_bytes=15589&recv_bytes=7944&delivery_rate=20852&cwnd=12000&unsent_bytes=0&cid=fdbb453e256043c0&ts=1321&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 22:19:20 GMT
content-type
application/json; charset=UTF-8
vary
accept-encoding
server
cloudflare
priority
u=1,i
api
en.apibrainly.my.id/
0
0
Preflight
General
Full URL
https://en.apibrainly.my.id/api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://safetynews.uk.nf
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d7d59081eca9366-SEA
date
Thu, 24 Oct 2024 22:19:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=205529&sent=15&recv=12&lost=0&retrans=0&sent_bytes=4782&recv_bytes=6063&delivery_rate=2386&cwnd=12000&unsent_bytes=0&cid=fdbb453e256043c0&ts=855&x=1" cfExtPri cfHdrFlush;dur=0
api
fr.apibrainly.my.id/
0
0
Preflight
General
Full URL
https://fr.apibrainly.my.id/api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://safetynews.uk.nf
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d7d59081ecb9366-SEA
date
Thu, 24 Oct 2024 22:19:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=205529&sent=16&recv=12&lost=0&retrans=0&sent_bytes=5261&recv_bytes=6063&delivery_rate=2386&cwnd=12000&unsent_bytes=0&cid=fdbb453e256043c0&ts=864&x=1" cfExtPri cfHdrFlush;dur=0
api
fr.apibrainly.my.id/
12 KB
5 KB
Fetch
General
Full URL
https://fr.apibrainly.my.id/api
Requested by
Host: fr.apibrainly.my.id
URL: https://fr.apibrainly.my.id/front.js?v=999
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81fc859506ddc9f72c2b1ffa663dae45ebd69b811ed4d9128f528f10353c58ff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Content-Type
application/json
Referer
https://safetynews.uk.nf/

Response headers

cache-control
public, max-age=3600, s-maxage=3600, stale-if-error=21600, stale-while-revalidate=21600, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
cf-ray
8d7d590bd8909366-SEA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
4395
server-timing
cfL4;desc="?proto=QUIC&rtt=228597&sent=29&recv=22&lost=0&retrans=0&sent_bytes=10524&recv_bytes=7944&delivery_rate=20852&cwnd=12000&unsent_bytes=0&cid=fdbb453e256043c0&ts=1307&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 22:19:20 GMT
content-type
application/json; charset=UTF-8
vary
accept-encoding
server
cloudflare
priority
u=1,i
api
id.apibrainly.my.id/
0
0
Preflight
General
Full URL
https://id.apibrainly.my.id/api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://safetynews.uk.nf
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d7d59081ece9366-SEA
date
Thu, 24 Oct 2024 22:19:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=205529&sent=17&recv=12&lost=0&retrans=0&sent_bytes=5740&recv_bytes=6063&delivery_rate=2386&cwnd=12000&unsent_bytes=0&cid=fdbb453e256043c0&ts=994&x=1" cfExtPri cfHdrFlush;dur=0
api
ph.apibrainly.my.id/
0
0
Preflight
General
Full URL
https://ph.apibrainly.my.id/api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://safetynews.uk.nf
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d7d5905cd60d2a2-FRA
date
Thu, 24 Oct 2024 22:19:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=46944&sent=11&recv=10&lost=0&retrans=0&sent_bytes=2677&recv_bytes=4338&delivery_rate=410&cwnd=12000&unsent_bytes=0&cid=fdb7293cdaa01fb7&ts=292&x=1" cfExtPri cfHdrFlush;dur=0
api
pl.apibrainly.my.id/
0
0
Preflight
General
Full URL
https://pl.apibrainly.my.id/api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://safetynews.uk.nf
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d7d59081ecf9366-SEA
date
Thu, 24 Oct 2024 22:19:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=205529&sent=18&recv=12&lost=0&retrans=0&sent_bytes=6219&recv_bytes=6063&delivery_rate=2386&cwnd=12000&unsent_bytes=0&cid=fdbb453e256043c0&ts=996&x=1" cfExtPri cfHdrFlush;dur=0
api
ro-ash.apibrainly.my.id/
0
0
Preflight
General
Full URL
https://ro-ash.apibrainly.my.id/api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://safetynews.uk.nf
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d7d59067dec9366-SEA
date
Thu, 24 Oct 2024 22:19:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=202814&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4221&recv_bytes=5567&delivery_rate=3105&cwnd=12000&unsent_bytes=0&cid=fdbb453e256043c0&ts=585&x=1" cfExtPri cfHdrFlush;dur=0
api
id.apibrainly.my.id/
7 KB
3 KB
Fetch
General
Full URL
https://id.apibrainly.my.id/api
Requested by
Host: id.apibrainly.my.id
URL: https://id.apibrainly.my.id/front.js?v=999
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306f823ea1efd9ec118513c73cefc2dcc69dbad36c61788c88723c0a17be0232

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Content-Type
application/json
Referer
https://safetynews.uk.nf/

Response headers

cache-control
public, max-age=3600, s-maxage=3600, stale-if-error=21600, stale-while-revalidate=21600, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
cf-ray
8d7d590ca8e79366-SEA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
2506
server-timing
cfL4;desc="?proto=QUIC&rtt=228597&sent=41&recv=22&lost=0&retrans=0&sent_bytes=22524&recv_bytes=7944&delivery_rate=20852&cwnd=12000&unsent_bytes=0&cid=fdbb453e256043c0&ts=1509&x=1", cfExtPri, cfHdrFlush;dur=1
date
Thu, 24 Oct 2024 22:19:20 GMT
content-type
application/json; charset=UTF-8
vary
accept-encoding
server
cloudflare
priority
u=1,i
api
ph.apibrainly.my.id/
9 KB
4 KB
Fetch
General
Full URL
https://ph.apibrainly.my.id/api
Requested by
Host: ph.apibrainly.my.id
URL: https://ph.apibrainly.my.id/front.js?v=999
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
682e876104fa3a2a6a81ec49947a088d2cd57b5b9075ace4d506914599367e9b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Content-Type
application/json
Referer
https://safetynews.uk.nf/

Response headers

cache-control
public, max-age=3600, s-maxage=3600, stale-if-error=21600, stale-while-revalidate=21600, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
cf-ray
8d7d590798c6d2a2-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
3682
server-timing
cfL4;desc="?proto=QUIC&rtt=46513&sent=13&recv=12&lost=0&retrans=0&sent_bytes=3214&recv_bytes=4786&delivery_rate=11527&cwnd=12000&unsent_bytes=0&cid=fdb7293cdaa01fb7&ts=499&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 22:19:19 GMT
content-type
application/json; charset=UTF-8
vary
accept-encoding
server
cloudflare
priority
u=1,i
api
pl.apibrainly.my.id/
9 KB
4 KB
Fetch
General
Full URL
https://pl.apibrainly.my.id/api
Requested by
Host: pl.apibrainly.my.id
URL: https://pl.apibrainly.my.id/front.js?v=999
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aebae2318249a3916c550fe2db018561b8ac4900fbfc8a976db42bf327efa20

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Content-Type
application/json
Referer
https://safetynews.uk.nf/

Response headers

cache-control
public, max-age=3600, s-maxage=3600, stale-if-error=21600, stale-while-revalidate=21600, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
cf-ray
8d7d590ca8ea9366-SEA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
3228
server-timing
cfL4;desc="?proto=QUIC&rtt=228597&sent=38&recv=22&lost=0&retrans=0&sent_bytes=19983&recv_bytes=7944&delivery_rate=20852&cwnd=12000&unsent_bytes=0&cid=fdbb453e256043c0&ts=1502&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 22:19:20 GMT
content-type
application/json; charset=UTF-8
vary
accept-encoding
server
cloudflare
priority
u=1,i
api
ro-ash.apibrainly.my.id/
8 KB
4 KB
Fetch
General
Full URL
https://ro-ash.apibrainly.my.id/api
Requested by
Host: ro-ash.apibrainly.my.id
URL: https://ro-ash.apibrainly.my.id/front.js?v=999
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aae9d5d62980549eb2018dd29727f775c00032ed6bab67d8f843dc5e4b0ac57

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Content-Type
application/json
Referer
https://safetynews.uk.nf/

Response headers

cache-control
public, max-age=3600, s-maxage=3600, stale-if-error=21600, stale-while-revalidate=21600, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"maskoding.com"}],"group": "maskoding","max_age": 604800}
cf-ray
8d7d590a1fb49366-SEA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
3042
server-timing
cfL4;desc="?proto=QUIC&rtt=205529&sent=19&recv=12&lost=0&retrans=0&sent_bytes=6698&recv_bytes=6063&delivery_rate=2386&cwnd=12000&unsent_bytes=0&cid=fdbb453e256043c0&ts=1058&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 22:19:20 GMT
content-type
application/json; charset=UTF-8
vary
accept-encoding
server
cloudflare
priority
u=1,i
invoke.js
endlesslynavel.com/a49752dcde88f4fde5987d25efbb7168/
0
0
Script
General
Full URL
https://endlesslynavel.com/a49752dcde88f4fde5987d25efbb7168/invoke.js
Requested by
Host: cdn.jasaorder.com
URL: https://cdn.jasaorder.com/tri/cp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://safetynews.uk.nf/

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Thu, 24 Oct 2024 22:19:19 GMT
Content-Type
application/javascript
Host
endlesslynavel.com
Server
nginx/1.21.6
favicon.ico
safetynews.uk.nf/
1 KB
1 KB
Other
General
Full URL
https://safetynews.uk.nf/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.22.4.11 Leeds, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
sv11.byethost11.org
Software
nginx /
Resource Hash
20150bbfbfda0049de93360682acd7c7d6abc74a66d555c5bc5e3eb0cdda5e25

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://safetynews.uk.nf/

Response headers

cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"208dea41d-45d-623b18e122000"
pragma
public
expires
Fri, 25 Oct 2024 00:19:19 GMT
date
Thu, 24 Oct 2024 22:19:19 GMT
content-type
image/x-icon
vary
Accept-Encoding
server
nginx
last-modified
Sat, 05 Oct 2024 02:29:20 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| moment function| afterLoadedData function| referer_se function| referer_sm function| referer_empty function| referer_not_empty function| str_contains function| setInnerHTML function| inject function| create_pu object| atOptions function| dpu object| pu function| strftime

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://endlesslynavel.com/a49752dcde88f4fde5987d25efbb7168/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jasaorder.com
en.apibrainly.my.id
endlesslynavel.com
fr.apibrainly.my.id
id.apibrainly.my.id
ph.apibrainly.my.id
pl.apibrainly.my.id
ro-ash.apibrainly.my.id
safetynews.uk.nf
172.240.108.76
188.114.97.3
188.114.97.9
2a06:98c1:3120::3
31.22.4.11
20150bbfbfda0049de93360682acd7c7d6abc74a66d555c5bc5e3eb0cdda5e25
22634885aa9605501259464d8af126e72b830865998054f083215a1ace6b76b0
306f823ea1efd9ec118513c73cefc2dcc69dbad36c61788c88723c0a17be0232
402b0f7176f8762f1e1d727e7e05ef07099a1eaf4ee299706d9389eeab2f249f
4aae9d5d62980549eb2018dd29727f775c00032ed6bab67d8f843dc5e4b0ac57
5aebae2318249a3916c550fe2db018561b8ac4900fbfc8a976db42bf327efa20
682e876104fa3a2a6a81ec49947a088d2cd57b5b9075ace4d506914599367e9b
81fc859506ddc9f72c2b1ffa663dae45ebd69b811ed4d9128f528f10353c58ff
841048af54bda7e255160dc05c6b1d527c2454a4a7aab021e71330c9486822cf
861500dabdfd41c1897fb9b6e2585356328f76b840412c0d07aa20f8ddd22a11
9cb27544eed27bc0b80cbe7784fe9fbd181fcf7a2b94892bd0d250e0e1e77478
a00370aaf9694806b2b51dbf1340a170ec976edb4dba660602f7fdddc2a27f90
a5a4f81ad57299b09fbbb5d189b8ed1f6f6eddb7503fb6675b0f4e174390a564
a5e00455f6c7254e560a8ebceedeafbbc73adb752971843c40d30267d5530a7e
b4f528e0e299bc144e138a3bdbb02e7ed20f17d6665f04f9ba8c197511ee12a5
b9788e5fee2d7f152d6fc7d31b0d087301c2f64fc828ad7b1a780611a0dfe3e8
bc5234b0ce9665d581ebbf45ef44e563acb715d19d7e4535b6e0da9c958815ce
e5a01720bb95d92fe3e41fb970c5b91ee821cf3183f57ef6f2a236d3239ddcd9