portal.safeboda.io Open in urlscan Pro
52.17.188.166 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://portal.safeboda.io/
Submission: On March 06 via automatic, source certstream-suspicious (March 6th 2020, 1:27:31 am UTC)

Summary HTTP 9 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 52.17.188.166, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is portal.safeboda.io.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 1st 2020. Valid for: 3 months.

This is the only time portal.safeboda.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
6	52.17.188.166 52.17.188.166		16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81f::200a		15169 (GOOGLE) (GOOGLE)
2	104.111.215.74 104.111.215.74		16625 (AKAMAI-AS) (AKAMAI-AS)
9	3

6 52.17.188.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-188-166.eu-west-1.compute.amazonaws.com

portal.safeboda.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.74 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-74.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	safeboda.io portal.safeboda.io	980 KB
2	typekit.net use.typekit.net p.typekit.net	1 KB
1	googleapis.com fonts.googleapis.com	942 B
9	3

	Domain	Requested by
6	portal.safeboda.io	portal.safeboda.io
1	p.typekit.net	portal.safeboda.io
1	use.typekit.net	portal.safeboda.io
1	fonts.googleapis.com	portal.safeboda.io
9	4

This site contains no links.

Subject Issuer	Validity	Valid
portal.safeboda.io Let's Encrypt Authority X3	`2020-02-01` - `2020-05-01`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://portal.safeboda.io/
Frame ID: D6A099255BD5A5B3D8B32B86F557E2E2
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Amazon ECS (IaaS) Expand

Overall confidence: 100%
Detected patterns

headers server /^ECS/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers server /^ECS/i

Docker (Containers) Expand

Overall confidence: 100%
Detected patterns

headers server /^ECS/i

Azure CDN (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:ECAcc|ECS|ECD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

9
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

982 kB
Transfer

5162 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
portal.safeboda.io/ 890 B
789 B 158ms
43ms Document
text/html 52.17.188.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.safeboda.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.188.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-188-166.eu-west-1.compute.amazonaws.com
Software: ecstatic-3.3.2 /
Resource Hash: 8b80e226da946035d9ffdacd8ae8c2e09a3dccf5f57bdf04a156bbea69ea2520

Request headers

Host: portal.safeboda.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Connection: keep-alive
Server: ecstatic-3.3.2
Content-Encoding: gzip
Cache-Control: max-age=3600
Last-Modified: Thu, 05 Mar 2020 11:28:59 GMT
Etag: W/"4852537-476-2020-03-05T11:28:59.000Z"
Content-Length: 476
Content-Type: text/html
Date: Fri, 06 Mar 2020 01:27:11 GMT
Via: 1.1 vegur

GET
H2 200 css
fonts.googleapis.com/ 6 KB
942 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Asap:300,400,500,600,700,400italic|Material+Icons

Requested by

Host: portal.safeboda.io
URL: https://portal.safeboda.io/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

965968968504f0ab570edd37de3ba6b8c517b93698901bfc49038d25f9f30b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portal.safeboda.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 06 Mar 2020 01:27:11 GMT
server: ESF
date: Fri, 06 Mar 2020 01:27:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Mar 2020 01:27:11 GMT

GET
H2 200 cnq6uvt.css
use.typekit.net/ 3 KB
919 B 188ms
139ms Stylesheet
text/css 104.111.215.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/cnq6uvt.css

Requested by

Host: portal.safeboda.io
URL: https://portal.safeboda.io/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-74.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

81dc1ab482b651e10ff3626a95883319c4a0cb8f70775a33a6ff80764ac63078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://portal.safeboda.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
access-control-allow-origin: *
date: Fri, 06 Mar 2020 01:27:12 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
status: 200
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 719

GET
H/1.1 200
OK vendors.3500ef045b2645a0a12a.css
portal.safeboda.io/ 148 KB
19 KB 66ms
65ms Stylesheet
text/css 52.17.188.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.safeboda.io/vendors.3500ef045b2645a0a12a.css
Requested by: Host: portal.safeboda.io
URL: https://portal.safeboda.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.188.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-188-166.eu-west-1.compute.amazonaws.com
Software: ecstatic-3.3.2 /
Resource Hash: 38e973e5a113f48d9cfa8a3b706ae07d6d736a89012e45495b9153b22d2fdc3d

Request headers

Referer: https://portal.safeboda.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 06 Mar 2020 01:27:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Mar 2020 11:28:59 GMT
Server: ecstatic-3.3.2
Etag: W/"4852669-19623-2020-03-05T11:28:59.000Z"
Content-Type: text/css
Via: 1.1 vegur
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 19623

GET
H/1.1 200
OK main.3500ef045b2645a0a12a.css
portal.safeboda.io/ 2 MB
244 KB 108ms
41ms Stylesheet
text/css 52.17.188.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.safeboda.io/main.3500ef045b2645a0a12a.css
Requested by: Host: portal.safeboda.io
URL: https://portal.safeboda.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.188.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-188-166.eu-west-1.compute.amazonaws.com
Software: ecstatic-3.3.2 /
Resource Hash: bffdcfc0fd5a383249c7058dd01a30fd44d28585c7e0ed8f245407a0672218d1

Request headers

Referer: https://portal.safeboda.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 06 Mar 2020 01:27:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Mar 2020 11:28:59 GMT
Server: ecstatic-3.3.2
Etag: W/"4852653-249765-2020-03-05T11:28:59.000Z"
Content-Type: text/css
Via: 1.1 vegur
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 249765

GET
H/1.1 200
OK runtime.8ac2aaa866f8214cbe21.js Show response
portal.safeboda.io/ 1 KB
1 KB 122ms
42ms Script
application/javascript 52.17.188.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.safeboda.io/runtime.8ac2aaa866f8214cbe21.js
Requested by: Host: portal.safeboda.io
URL: https://portal.safeboda.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.188.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-188-166.eu-west-1.compute.amazonaws.com
Software: ecstatic-3.3.2 /
Resource Hash: 7276188879573b84be3fe4cddaef4c99dfdf5fa47bf848e57375218dd045f3d7

Request headers

Referer: https://portal.safeboda.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 06 Mar 2020 01:27:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Mar 2020 11:28:59 GMT
Server: ecstatic-3.3.2
Etag: W/"4852677-718-2020-03-05T11:28:59.000Z"
Content-Type: application/javascript
Via: 1.1 vegur
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 718

GET
H/1.1 200
OK vendors.af236d49d7016b777af0.js Show response
portal.safeboda.io/ 2 MB
619 KB 125ms
44ms Script
application/javascript 52.17.188.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.safeboda.io/vendors.af236d49d7016b777af0.js
Requested by: Host: portal.safeboda.io
URL: https://portal.safeboda.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.188.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-188-166.eu-west-1.compute.amazonaws.com
Software: ecstatic-3.3.2 /
Resource Hash: 002b7b3dbea28686d10a383d0f16c8af7db3a69701276fb080e919a31440419f

Request headers

Referer: https://portal.safeboda.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 06 Mar 2020 01:27:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Mar 2020 11:28:59 GMT
Server: ecstatic-3.3.2
Etag: W/"4852605-633685-2020-03-05T11:28:59.000Z"
Content-Type: application/javascript
Via: 1.1 vegur
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 633685

GET
H/1.1 200
OK main.3ff5336d485609d805f4.js Show response
portal.safeboda.io/ 536 KB
95 KB 128ms
46ms Script
application/javascript 52.17.188.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.safeboda.io/main.3ff5336d485609d805f4.js
Requested by: Host: portal.safeboda.io
URL: https://portal.safeboda.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.188.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-188-166.eu-west-1.compute.amazonaws.com
Software: ecstatic-3.3.2 /
Resource Hash: 7833f707ef894d8ecb58cf233636160d8e80f2bb3ac862b69442059d4d589f02

Request headers

Referer: https://portal.safeboda.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 06 Mar 2020 01:27:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Mar 2020 11:28:59 GMT
Server: ecstatic-3.3.2
Etag: W/"4852716-97303-2020-03-05T11:28:59.000Z"
Content-Type: application/javascript
Via: 1.1 vegur
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 97303

GET
H2 200 p.css
p.typekit.net/ 5 B
168 B 36ms
24ms Stylesheet
text/css 104.111.215.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=cnq6uvt&ht=tk&f=15910.15911.15912.15913&a=21947384&app=typekit&e=css
Requested by: Host: portal.safeboda.io
URL: https://portal.safeboda.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://portal.safeboda.io/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 06 Mar 2020 01:27:12 GMT
last-modified: Mon, 21 Oct 2019 19:51:00 GMT
server: nginx
access-control-allow-origin: *
etag: "5dae0c24-5"
content-type: text/css
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5
expires: Wed, 30 Oct 2019 04:50:36 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
p.typekit.net
portal.safeboda.io
use.typekit.net
104.111.215.74
2a00:1450:4001:81f::200a
52.17.188.166
002b7b3dbea28686d10a383d0f16c8af7db3a69701276fb080e919a31440419f
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
38e973e5a113f48d9cfa8a3b706ae07d6d736a89012e45495b9153b22d2fdc3d
7276188879573b84be3fe4cddaef4c99dfdf5fa47bf848e57375218dd045f3d7
7833f707ef894d8ecb58cf233636160d8e80f2bb3ac862b69442059d4d589f02
81dc1ab482b651e10ff3626a95883319c4a0cb8f70775a33a6ff80764ac63078
8b80e226da946035d9ffdacd8ae8c2e09a3dccf5f57bdf04a156bbea69ea2520
965968968504f0ab570edd37de3ba6b8c517b93698901bfc49038d25f9f30b13
bffdcfc0fd5a383249c7058dd01a30fd44d28585c7e0ed8f245407a0672218d1