www.safetiq.com Open in urlscan Pro
104.203.222.39  Public Scan

50 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.safetiq.com/	794 KB 136 KB	7618ms 314ms	Document text/html	104.203.222.39 ENZUINC-
General Check archive.org Show headers Download Go to Full URL https://www.safetiq.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.203.222.39 Los Angeles, United States, ASN18978 (ENZUINC-, US), Reverse DNS Software nginx / Resource Hash 085e09a6419de4fe1d6f58be36933f9939dceaf74b7aa8bb990f1cbb2102735d Request headers Host www.safetiq.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers Server nginx Date Fri, 21 Feb 2020 16:32:12 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Content-Encoding gzip
GET H/1.1	200 OK	jquery.3.5.2.min.m.js Show response www.safetiq.com/js/	6 KB 7 KB	472ms 160ms	Script application/javascript	104.203.222.39 ENZUINC-
General Check archive.org Show headers Download Go to Full URL https://www.safetiq.com/js/jquery.3.5.2.min.m.js Requested by Host: www.safetiq.com URL: https://www.safetiq.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.203.222.39 Los Angeles, United States, ASN18978 (ENZUINC-, US), Reverse DNS Software nginx / Resource Hash e0eb190617647f22a79e88a435ee71b412df80b408d28e16cf918fd8e3be7eaf Request headers Referer https://www.safetiq.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Fri, 21 Feb 2020 16:32:12 GMT Last-Modified Fri, 21 Feb 2020 08:47:50 GMT Server nginx ETag "5e4f9936-197e" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 6526
GET H2	200	blog-296d30b7b2503f7365795e18177d3d05.css x.kinja-static.com/assets/stylesheets/	297 KB 48 KB	692ms 634ms	Stylesheet text/css	151.101.130.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/stylesheets/blog-296d30b7b2503f7365795e18177d3d05.css Requested by Host: www.safetiq.com URL: https://www.safetiq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 75a4cdc77a1c6653fb915d93eb66df406624d440c00153aacef41c19cb050a65 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.safetiq.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Fri, 21 Feb 2020 16:19:44 GMT content-encoding gzip x-content-type-options nosniff age 0 via 1.1 varnish x-cache MISS status 200 content-length 48765 x-amz-id-2 g2EV3Jp3plBKQ+gKeppG+ETesXcD+2G35z4N01X22r/wtbtIismG/0Gnm0X8FQ6Q8rtry05ua7g= x-served-by cache-ams21024-AMS last-modified Wed, 06 Mar 2019 13:01:05 GMT server AmazonS3 x-timer S1582301984.520608,VS0,VE611 etag "296d30b7b2503f7365795e18177d3d05" vary Accept-Encoding x-amz-request-id 731D7E75CDD6777D access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type text/css x-cache-hits 0
GET H2	200	insets-f81b7b139875e601096ec2d8bbb22a73.css x.kinja-static.com/assets/stylesheets/	17 KB 3 KB	403ms 346ms	Stylesheet text/css	151.101.130.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://x.kinja-static.com/assets/stylesheets/insets-f81b7b139875e601096ec2d8bbb22a73.css Requested by Host: www.safetiq.com URL: https://www.safetiq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 1148da22d181d4303dfb47d5de8188cb3b31ba6b9118314fff6ebed5b9503ca0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.safetiq.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Fri, 21 Feb 2020 16:19:43 GMT content-encoding gzip x-content-type-options nosniff age 0 via 1.1 varnish x-cache MISS status 200 content-length 2437 x-amz-id-2 q4fldEKNJwd+XJvRbLsP8rmAmRdFAdQ4/bQ6LgoEmCAZoUfbvsFwpX9gGVIdUJoaT1GxfhOm8Bg= x-served-by cache-ams21024-AMS last-modified Fri, 03 May 2019 19:07:52 GMT server AmazonS3 x-timer S1582301984.521154,VS0,VE322 etag "f81b7b139875e601096ec2d8bbb22a73" vary Accept-Encoding x-amz-request-id 0D7461E9BAF457EB access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type text/css x-cache-hits 0
GET H/1.1	200 OK	index.html Show response www.safetiq.com/gg/188bet/ Frame B210	973 B 1 KB	161ms 160ms	Document text/html	104.203.222.39 ENZUINC-
General Check archive.org Show headers Download Go to Full URL https://www.safetiq.com/gg/188bet/index.html Requested by Host: www.safetiq.com URL: https://www.safetiq.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.203.222.39 Los Angeles, United States, ASN18978 (ENZUINC-, US), Reverse DNS Software nginx / Resource Hash d6d0455bfed7cf3da5b0e1223b8af1413893f832643c666161e8476efeddb957 Request headers Host www.safetiq.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-origin Sec-Fetch-Mode navigate Referer https://www.safetiq.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://www.safetiq.com/ Response headers Server nginx Date Fri, 21 Feb 2020 16:32:12 GMT Content-Type text/html Content-Length 973 Last-Modified Fri, 21 Feb 2020 08:47:50 GMT Connection keep-alive ETag "5e4f9936-3cd" Accept-Ranges bytes
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	37 KB 14 KB	7973ms 333ms	Script application/javascript	103.235.46.191 CNNIC-BAIDU-AP Be...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?0f203c4517203805d75d02036cd6d835 Requested by Host: www.safetiq.com URL: https://www.safetiq.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 06cc04a876732326a2df123573a9785729098f91333b4995bf908acaadb4a8a6 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers Referer https://www.safetiq.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Fri, 21 Feb 2020 16:19:51 GMT Content-Encoding gzip Server apache Etag 02fdf24d9f9845baa14707480ff688f8 Strict-Transport-Security max-age=172800 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control max-age=0, must-revalidate Content-Type application/javascript Content-Length 13505
GET H2	200	push.js Show response zz.bdstatic.com/linksubmit/	308 B 499 B	3309ms 1063ms	Script application/javascript	119.188.176.48 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://zz.bdstatic.com/linksubmit/push.js Requested by Host: www.safetiq.com URL: https://www.safetiq.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 119.188.176.48 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software JSP3/2.0.14 / Resource Hash c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212 Request headers Referer https://www.safetiq.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 21 Feb 2020 16:19:46 GMT ohc-cache-hit jn2un91 [4], xzuncache124 [4] ohc-response-time 1 0 0 0 0 0 last-modified Thu, 03 Jan 2019 07:01:54 GMT server JSP3/2.0.14 age 15 etag W/"384b81a-134-57e88566a1c80" vary Accept-Encoding,User-Agent content-type application/javascript status 200 content-encoding gzip
GET DATA	200 OK	truncated /	37 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	proxima_nova_cond_reg-webfont.woff2 f.kinja-static.com/assets/fonts/proxima/	27 KB 28 KB	3155ms 53ms	Font binary/octet-stream	151.101.66.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_reg-webfont.woff2?08252015 Requested by Host: www.safetiq.com URL: https://www.safetiq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.safetiq.com/ Origin https://www.safetiq.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 21 Feb 2020 16:19:46 GMT via 1.1 varnish x-content-type-options nosniff age 71 x-cache HIT status 200 content-length 28044 x-amz-id-2 1MjQ3SmQQUn4AXogtVINgZbyrlApyMBJkr5NepzKCV2Ayh81GX9yN/f8aTkSihileVLmLqFdm0w= x-served-by cache-ams21023-AMS last-modified Fri, 07 Feb 2020 20:25:04 GMT server AmazonS3 x-timer S1582301987.682810,VS0,VE1 etag "94cbaf403b2922fd6858c812dae091fb" x-amz-request-id 738E48D658EBDB93 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type binary/octet-stream x-cache-hits 1
GET H2	200	proxima_nova_cond_sbold-webfont.woff2 f.kinja-static.com/assets/fonts/proxima/	27 KB 28 KB	3192ms 90ms	Font binary/octet-stream	151.101.66.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold-webfont.woff2?08252015 Requested by Host: www.safetiq.com URL: https://www.safetiq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.safetiq.com/ Origin https://www.safetiq.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 21 Feb 2020 16:19:46 GMT via 1.1 varnish x-content-type-options nosniff age 87 x-cache HIT status 200 content-length 28136 x-amz-id-2 H5Q1E4TLpY+b94NxhBzMbuIEOcK7pB9Qv4nOIaZJDPsCTvUULKDb3Wiu89yTnWp25h4OwJurwvM= x-served-by cache-ams21023-AMS last-modified Mon, 10 Feb 2020 21:50:11 GMT server AmazonS3 x-timer S1582301987.682790,VS0,VE1 etag "7ac1e4b7ab03f256e831e00e3b5618a6" x-amz-request-id 944EC3CEC5D502B1 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type binary/octet-stream x-cache-hits 1
GET H2	200	elizabethserif-light-webfont.woff2 f.kinja-static.com/assets/fonts/elizabeth-serif/	30 KB 31 KB	3214ms 112ms	Font binary/octet-stream	151.101.66.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.kinja-static.com/assets/fonts/elizabeth-serif/elizabethserif-light-webfont.woff2?09162015 Requested by Host: www.safetiq.com URL: https://www.safetiq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 99486805226925c8956af4060209f84d8069fae36333d280a88afa276aecdd97 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.safetiq.com/ Origin https://www.safetiq.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 21 Feb 2020 16:19:46 GMT via 1.1 varnish x-content-type-options nosniff age 71 x-cache HIT status 200 content-length 31076 x-amz-id-2 P+Fltll2ZzDpJYHWQsCU2S6gpEMpm9wSUO8eULOpnsfTMKm8hfwkc6TGWuBs8zAobxW9MBwZF7E= x-served-by cache-ams21023-AMS last-modified Thu, 20 Feb 2020 19:59:59 GMT server AmazonS3 x-timer S1582301987.683125,VS0,VE1 etag "acb4f13c9cdae79df0e584c0a18e6ab3" x-amz-request-id 2753A6B8D736CB8C access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type binary/octet-stream x-cache-hits 1
GET H2	200	proxima_nova_cond_sbold_it-webfont.woff2 f.kinja-static.com/assets/fonts/proxima/	30 KB 30 KB	3172ms 90ms	Font binary/octet-stream	151.101.66.166 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold_it-webfont.woff2?08252015 Requested by Host: www.safetiq.com URL: https://www.safetiq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 8e8d2c867ae480b6b318900eb4168d5645f635420bdb1626976c9c0af71c45eb Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.safetiq.com/ Origin https://www.safetiq.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 21 Feb 2020 16:19:46 GMT via 1.1 varnish x-content-type-options nosniff age 13 x-cache HIT status 200 content-length 30232 x-amz-id-2 Tzggh5qK9VysOyjKAjYUQyfuI2QV4GOpjmJacKvtece1FTQYITqNajTnJYN+2Vsa2AkUrn8tjfc= x-served-by cache-ams21023-AMS last-modified Tue, 18 Feb 2020 19:24:53 GMT server AmazonS3 x-timer S1582301987.682848,VS0,VE1 etag "6d0ce198b25710fd5d0a2c0fb863b22c" x-amz-request-id 0BEBDD915A758D97 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-type binary/octet-stream x-cache-hits 1
GET H2	200	/ insight.adsrvr.org/track/evnt/	70 B 260 B	384ms 43ms	Image image/gif	99.81.228.121 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3 Requested by Host: www.safetiq.com URL: https://www.safetiq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.81.228.121 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-228-121.eu-west-1.compute.amazonaws.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://www.safetiq.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 pragma no-cache date Fri, 21 Feb 2020 16:19:43 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" content-type image/gif
GET H2	200	a01flecdtkebbircy6d7.png i.kinja-img.com/gawker-media/image/upload/s--m17nH8GJ--/c_fill,f_auto,fl_progressive,g_center,h_180,q_80,w_320/	14 KB 14 KB	172ms 170ms	Image image/webp	151.101.130.166 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.kinja-img.com/gawker-media/image/upload/s--m17nH8GJ--/c_fill,f_auto,fl_progressive,g_center,h_180,q_80,w_320/a01flecdtkebbircy6d7.png Requested by Host: www.safetiq.com URL: https://www.safetiq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software kinja / Resource Hash ec57075450f039d59636951900e84ff42cf9caede3843c2381818677806cd54b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.safetiq.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 21 Feb 2020 16:19:43 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 0 edge-cache-tag 485323588483410955922946217413502655417,386003156108976826256451972097433673131,e658e1d7ab596d92a7343d60946f3015 status 200 x-image-request-allowed safetiq.com no content-disposition inline; filename="a01flecdtkebbircy6d7.webp" content-length 13856 x-served-by cache-jfk8123-JFK, cache-jfk8120-JFK, cache-ams21024-AMS x-cache MISS, MISS, MISS last-modified Sat, 08 Feb 2020 22:57:30 GMT server kinja x-timer S1582301984.669201,VS0,VE135 etag "c0d631edc4a83338bd322ae4016ff7dd" vary User-Agent content-type image/webp access-control-allow-origin * cache-control public, s-max-age=0, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 0, 0
GET H2	200	ii1vf4r2yymfq7nfxddq.jpg i.kinja-img.com/gawker-media/image/upload/s--pAH7m-n0--/c_fill,f_auto,fl_progressive,g_center,h_180,q_80,w_320/	5 KB 6 KB	221ms 219ms	Image image/webp	151.101.130.166 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.kinja-img.com/gawker-media/image/upload/s--pAH7m-n0--/c_fill,f_auto,fl_progressive,g_center,h_180,q_80,w_320/ii1vf4r2yymfq7nfxddq.jpg Requested by Host: www.safetiq.com URL: https://www.safetiq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software kinja / Resource Hash a3b8ba23471e33857b70b1ae56251403d409b0862b426589ee3bdd5b8e902c9b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.safetiq.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 21 Feb 2020 16:19:43 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 0 edge-cache-tag 327074227279410995799393766939019840130,560640171946679862542432648411263896659,e658e1d7ab596d92a7343d60946f3015 status 200 x-image-request-allowed safetiq.com no content-disposition inline; filename="ii1vf4r2yymfq7nfxddq.webp" content-length 5566 x-served-by cache-jfk8136-JFK, cache-jfk8143-JFK, cache-ams21024-AMS x-cache MISS, MISS, MISS last-modified Wed, 29 Jan 2020 13:58:33 GMT server kinja x-timer S1582301984.667656,VS0,VE196 etag "94edac91f7e76f9324eb242bd2683666" vary User-Agent content-type image/webp access-control-allow-origin * cache-control public, s-max-age=0, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 0, 0
GET H2	200	ysc5y2cpd8eblq9vhrcx.jpg i.kinja-img.com/gawker-media/image/upload/s--6lnglrsg--/c_fill,f_auto,fl_progressive,g_center,h_180,q_80,w_320/	4 KB 4 KB	196ms 195ms	Image image/webp	151.101.130.166 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.kinja-img.com/gawker-media/image/upload/s--6lnglrsg--/c_fill,f_auto,fl_progressive,g_center,h_180,q_80,w_320/ysc5y2cpd8eblq9vhrcx.jpg Requested by Host: www.safetiq.com URL: https://www.safetiq.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.166 , United States, ASN54113 (FASTLY, US), Reverse DNS Software kinja / Resource Hash 57c234a7c4f22028da89bc5d022a96352d3f273ce435a932d50f717c2e432c2a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.safetiq.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 21 Feb 2020 16:19:43 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 0 edge-cache-tag 382497042662697177783688069207586130686,560640171946679862542432648411263896659,e658e1d7ab596d92a7343d60946f3015 status 200 x-image-request-allowed safetiq.com no content-disposition inline; filename="ysc5y2cpd8eblq9vhrcx.webp" content-length 4134 x-served-by cache-jfk8142-JFK, cache-jfk8147-JFK, cache-ams21024-AMS x-cache MISS, MISS, MISS last-modified Wed, 29 Jan 2020 13:58:33 GMT server kinja x-timer S1582301984.669189,VS0,VE167 etag "db109c6af284901980354ae7d3c2a68b" vary User-Agent content-type image/webp access-control-allow-origin * cache-control public, s-max-age=0, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 0, 0
GET H/1.1	200 OK	1.jpg www.wlovebaidu.com/188bet/images/ Frame B210	288 KB 288 KB	4678ms 600ms	Image image/jpeg	27.255.64.13 KIXS-AS-KR Korea ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.wlovebaidu.com/188bet/images/1.jpg Requested by Host: www.safetiq.com URL: https://www.safetiq.com/gg/188bet/index.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 27.255.64.13 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR), Reverse DNS Software nginx / Resource Hash ec2a8ddd7c412285cbdb7806f9b08857826ac0ab3a3f8314d7f57a5c293fbe3e Request headers Referer https://www.safetiq.com/gg/188bet/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Fri, 21 Feb 2020 16:18:44 GMT Last-Modified Sat, 02 Nov 2019 01:52:55 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 294777 Content-Type image/jpeg
GET H/1.1	200 OK	2.jpg www.wlovebaidu.com/188bet/images/ Frame B210	123 KB 123 KB	4781ms 578ms	Image image/jpeg	27.255.64.13 KIXS-AS-KR Korea ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.wlovebaidu.com/188bet/images/2.jpg Requested by Host: www.safetiq.com URL: https://www.safetiq.com/gg/188bet/index.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 27.255.64.13 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR), Reverse DNS Software nginx / Resource Hash 2b17eca72f0de30fecde7ca466ca3b593c694dea2617ea9cd0443dd7013728bb Request headers Referer https://www.safetiq.com/gg/188bet/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Fri, 21 Feb 2020 16:18:44 GMT Last-Modified Sat, 02 Nov 2019 01:53:26 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 125733 Content-Type image/jpeg
GET H/1.1	200 OK	3.jpg www.wlovebaidu.com/188bet/images/ Frame B210	315 KB 315 KB	6209ms 307ms	Image image/jpeg	27.255.64.13 KIXS-AS-KR Korea ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.wlovebaidu.com/188bet/images/3.jpg Requested by Host: www.safetiq.com URL: https://www.safetiq.com/gg/188bet/index.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 27.255.64.13 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR), Reverse DNS Software nginx / Resource Hash b12f6f20da1e61cfdad4efee50a7ee7b0b489f7679f134e2a57d7f218ac05b81 Request headers Referer https://www.safetiq.com/gg/188bet/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Fri, 21 Feb 2020 16:18:45 GMT Last-Modified Sat, 02 Nov 2019 01:53:41 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 322405 Content-Type image/jpeg
GET H/1.1	200 OK	4.jpg www.wlovebaidu.com/188bet/images/ Frame B210	177 KB 178 KB	6745ms 314ms	Image image/jpeg	27.255.64.13 KIXS-AS-KR Korea ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.wlovebaidu.com/188bet/images/4.jpg Requested by Host: www.safetiq.com URL: https://www.safetiq.com/gg/188bet/index.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 27.255.64.13 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR), Reverse DNS Software nginx / Resource Hash 6eafc7c7dbc411e7287323c34c5cb933206ac8db9a3b49d97f10ec14efbec489 Request headers Referer https://www.safetiq.com/gg/188bet/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Fri, 21 Feb 2020 16:18:46 GMT Last-Modified Sat, 02 Nov 2019 01:51:33 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 181703 Content-Type image/jpeg
GET H/1.1	200 OK	s.gif sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/	0 116 B	2078ms 350ms	Image text/plain	103.235.46.39 CNNIC-BAIDU-AP Be...
General Check archive.org Show headers Download Go to Show image Full URL https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.safetiq.com/ Requested by Host: www.safetiq.com URL: https://www.safetiq.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.39 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.safetiq.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Fri, 21 Feb 2020 16:19:48 GMT Content-Length 0 Content-Type text/plain; charset=utf-8
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	331ms 331ms	Image image/gif	103.235.46.191 CNNIC-BAIDU-AP Be...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=336138394&si=0f203c4517203805d75d02036cd6d835&v=1.2.68&lv=1&sn=24952&ct=!!&tt=%E9%87%91%E5%AE%9D%E6%90%8F%20%E5%AE%98%E7%BD%91%7C188bet%E9%87%91%E5%AE%9D%E5%8D%9A%E4%BD%93%E8%82%B2%E6%8A%95%E6%B3%A8%7C188bet%E4%BA%9A%E6%B4%B2%E6%BB%9A%E7%90%83%E4%B8%8E%E6%8A%95%E6%B3%A8 Requested by Host: www.safetiq.com URL: https://www.safetiq.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers Referer https://www.safetiq.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Pragma no-cache Date Fri, 21 Feb 2020 16:19:51 GMT X-Content-Type-Options nosniff Server apache Strict-Transport-Security max-age=172800 Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| a object| b string| c string| useragent object| _hmt boolean| _bdhm_loaded_0f203c4517203805d75d02036cd6d835 object| mini_tangram_log_lkl83a

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.safetiq.com/	1969-12-31 23:59:59	Name: Hm_lpvt_0f203c4517203805d75d02036cd6d835 Value: 1582301992
			.www.safetiq.com/	1970-01-19 16:17:17	Name: Hm_lvt_0f203c4517203805d75d02036cd6d835 Value: 1582301992

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

f.kinja-static.com
hm.baidu.com
i.kinja-img.com
insight.adsrvr.org
sp0.baidu.com
www.safetiq.com
www.wlovebaidu.com
x.kinja-static.com
zz.bdstatic.com
103.235.46.191
103.235.46.39
104.203.222.39
119.188.176.48
151.101.130.166
151.101.66.166
27.255.64.13
99.81.228.121
06cc04a876732326a2df123573a9785729098f91333b4995bf908acaadb4a8a6
085e09a6419de4fe1d6f58be36933f9939dceaf74b7aa8bb990f1cbb2102735d
1148da22d181d4303dfb47d5de8188cb3b31ba6b9118314fff6ebed5b9503ca0
2b17eca72f0de30fecde7ca466ca3b593c694dea2617ea9cd0443dd7013728bb
57c234a7c4f22028da89bc5d022a96352d3f273ce435a932d50f717c2e432c2a
63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad
6eafc7c7dbc411e7287323c34c5cb933206ac8db9a3b49d97f10ec14efbec489
75a4cdc77a1c6653fb915d93eb66df406624d440c00153aacef41c19cb050a65
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8d2c867ae480b6b318900eb4168d5645f635420bdb1626976c9c0af71c45eb
8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81
99486805226925c8956af4060209f84d8069fae36333d280a88afa276aecdd97
a3b8ba23471e33857b70b1ae56251403d409b0862b426589ee3bdd5b8e902c9b
b12f6f20da1e61cfdad4efee50a7ee7b0b489f7679f134e2a57d7f218ac05b81
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6d0455bfed7cf3da5b0e1223b8af1413893f832643c666161e8476efeddb957
e0eb190617647f22a79e88a435ee71b412df80b408d28e16cf918fd8e3be7eaf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec2a8ddd7c412285cbdb7806f9b08857826ac0ab3a3f8314d7f57a5c293fbe3e
ec57075450f039d59636951900e84ff42cf9caede3843c2381818677806cd54b