safewarns.com
Open in
urlscan Pro
132.148.232.95
Public Scan
Effective URL: https://safewarns.com/reviews/zaful.php?sgt=BOruGxbLJFRsE5Np8ZamVd67PxxNwEwrlLQ-qb9EltcCzoXlnA2Ib0TJOLTO&subid=d390b25...
Submission: On September 14 via api from SG — Scanned from SG
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 15th 2023. Valid for: 3 months.
This is the only time safewarns.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 146.148.34.125 146.148.34.125 | 15169 (GOOGLE) (GOOGLE) | |
4 | 75.2.122.238 75.2.122.238 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 13.33.100.30 13.33.100.30 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 34.205.42.136 34.205.42.136 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 104.21.86.225 104.21.86.225 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 104.21.31.167 104.21.31.167 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 132.148.232.95 132.148.232.95 | () () | |
11 | 6 |
ASN15169 (GOOGLE, US)
PTR: 125.34.148.146.bc.googleusercontent.com
favwbook.com |
ASN16509 (AMAZON-02, US)
PTR: ae2e29254fe717bf6.awsglobalaccelerator.com
ww11.favwbook.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-33-100-30.sin2.r.cloudfront.net
d38psrni17bvxu.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-42-136.compute-1.amazonaws.com
takhm-ylj.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
favwbook.com
1 redirects
favwbook.com ww11.favwbook.com |
4 KB |
2 |
moveyourdesk.co
1 redirects
769432.moveyourdesk.co |
1 KB |
2 |
popularcldfa.co
777569.popularcldfa.co |
11 KB |
2 |
takhm-ylj.com
takhm-ylj.com |
4 KB |
1 |
safewarns.com
safewarns.com |
354 B |
1 |
cloudfront.net
d38psrni17bvxu.cloudfront.net |
2 KB |
11 | 6 |
Domain | Requested by | |
---|---|---|
4 | ww11.favwbook.com |
d38psrni17bvxu.cloudfront.net
ww11.favwbook.com |
2 | 769432.moveyourdesk.co | 1 redirects |
2 | 777569.popularcldfa.co |
takhm-ylj.com
|
2 | takhm-ylj.com |
ww11.favwbook.com
takhm-ylj.com |
1 | safewarns.com | |
1 | d38psrni17bvxu.cloudfront.net |
ww11.favwbook.com
|
1 | favwbook.com | 1 redirects |
11 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
popularcldfa.co E1 |
2023-09-10 - 2023-12-09 |
3 months | crt.sh |
moveyourdesk.co GTS CA 1P5 |
2023-09-09 - 2023-12-08 |
3 months | crt.sh |
safewarns.com cPanel, Inc. Certification Authority |
2023-08-15 - 2023-11-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://safewarns.com/reviews/zaful.php?sgt=BOruGxbLJFRsE5Np8ZamVd67PxxNwEwrlLQ-qb9EltcCzoXlnA2Ib0TJOLTO&subid=d390b254883c87481baa2c389be118d9&mk=1
Frame ID: CDFF150AC617F30A9FB811732EA5723B
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://favwbook.com/
HTTP 302
http://ww11.favwbook.com/ Page URL
- http://takhm-ylj.com/zclkvisitor/36452ea6-5340-11ee-931d-12561c4fd3ff/85aefdc2-9ed0-48aa-922d-60f... Page URL
- http://takhm-ylj.com/zclkredirect?visitid=36452ea6-5340-11ee-931d-12561c4fd3ff&type=js&browserWid... Page URL
- https://777569.popularcldfa.co/bdv_rd.dbm?ownid=0jn83aqad1-vbv-fofa&enparms2=1331%2C2067973%2C3880863%2C128... Page URL
- https://777569.popularcldfa.co/bdv_rd3.dbm?frdto=777569 Page URL
- https://769432.moveyourdesk.co/bdvfrd.dbm?gten=68747470732533412532462532463736393433322e6d6f7665796f757264... Page URL
-
https://769432.moveyourdesk.co/yardr.dbm?subid=d390b254883c87481baa2c389be118d9&ccd=SG&type=I-CHI1-I-CHI2-I...
HTTP 302
https://safewarns.com/reviews/zaful.php?sgt=BOruGxbLJFRsE5Np8ZamVd67PxxNwEwrlLQ-qb9EltcCzoXlnA2Ib0... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://favwbook.com/
HTTP 302
http://ww11.favwbook.com/ Page URL
- http://takhm-ylj.com/zclkvisitor/36452ea6-5340-11ee-931d-12561c4fd3ff/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=36535f76-5340-11ee-931d-12561c4fd3ff Page URL
- http://takhm-ylj.com/zclkredirect?visitid=36452ea6-5340-11ee-931d-12561c4fd3ff&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false Page URL
- https://777569.popularcldfa.co/bdv_rd.dbm?ownid=0jn83aqad1-vbv-fofa&enparms2=1331%2C2067973%2C3880863%2C1282%2C1332%2C52281%2C1460%2C0%2C0%2C1286%2C0%2C2073426%2C777569%2C206215%2C121544684159%2C140494662%2Cnlx.pllydezu&u_agnt=2e6de925b83fb1ba2705210ba8c28c4b&skter=vtzk%20mrtlo%20pllyvxzu%2Civtmvhhvn%20pllyvxzu%2Cvtzk%20vnls%20pllyvxzu%2Cmr%20mtrh%20pllyvxzu%2Cmr%20tlo%20pllyvxzu%2Cvero%20pllyvxzu%2Cpllyvxzu%2Cpllyvxzu%2Cpllyvxzu%2Cnivgplmey&czero=-1&cstate=vilkztmrh&skwdb=MLI&ccntry=TH&cctid=109&chsh=d390b254883c87481baa2c389be118d9&rn=102036811178&cf=8&dlt=0&da=894046&pbi=0&exids=&frdto=777569 Page URL
- https://777569.popularcldfa.co/bdv_rd3.dbm?frdto=777569 Page URL
- https://769432.moveyourdesk.co/bdvfrd.dbm?gten=68747470732533412532462532463736393433322e6d6f7665796f75726465736b2e636f25324679617264722e64626d25334673756269642533446433393062323534383833633837343831626161326333383962653131386439253236636364253344534725323674797065253344492d434849312d492d434849322d492d422d43484942542d4d4d4b253236646c74253344302532366c63696425334432303636363932253236637a65726f2533442d31&sgntmp=tZVUQ0AGgaKe7KBCguqVDrPz%2BK%2FJqREnqwvLlwPoVhuPk1lIPRT3QyU3jC3QSFVArHGuTsC5I4yTZG5xJNEVUL3CH5p5Nzs4it9WRMKS%2ByaRxGOLnd2bWRbGjItPFJr6ka2J%2Bl920jwqgPGEJasajzCiMa4%3D&subid=d390b254883c87481baa2c389be118d9&ccd=SG&type=I-CHI1-I-CHI2-I-B-CHIBT-MMK&dlt=0&lcid=2066692&prn=ci8090c4b5666852d3dcb3007493ae0b54&bm=0 Page URL
-
https://769432.moveyourdesk.co/yardr.dbm?subid=d390b254883c87481baa2c389be118d9&ccd=SG&type=I-CHI1-I-CHI2-I-B-CHIBT-MMK&dlt=0&lcid=2066692&czero=-1
HTTP 302
https://safewarns.com/reviews/zaful.php?sgt=BOruGxbLJFRsE5Np8ZamVd67PxxNwEwrlLQ-qb9EltcCzoXlnA2Ib0TJOLTO&subid=d390b254883c87481baa2c389be118d9&mk=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://favwbook.com/ HTTP 302
- http://ww11.favwbook.com/
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
ww11.favwbook.com/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
track.php
ww11.favwbook.com/ |
0 608 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ls.php
ww11.favwbook.com/ |
16 B 906 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
track.php
ww11.favwbook.com/ |
0 601 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
takhm-ylj.com/zclkvisitor/36452ea6-5340-11ee-931d-12561c4fd3ff/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zclkredirect
takhm-ylj.com/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bdv_rd.dbm
777569.popularcldfa.co/ |
40 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
bdv_rd3.dbm
777569.popularcldfa.co/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bdvfrd.dbm
769432.moveyourdesk.co/ |
493 B 848 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
zaful.php
safewarns.com/reviews/ Redirect Chain
|
190 B 354 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
777569.popularcldfa.co/ | Name: ci8090c4b5666852d3dcb3007493ae0b54 Value: 1694724632 |
|
777569.popularcldfa.co/ | Name: ci8090c4b5666852d3dcb3007493ae0b54_js Value: 1694724638705 |
|
777569.popularcldfa.co/ | Name: CF8-10a6acdc14670d5717a793dd8bb1e6077 Value: 1694750972 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
769432.moveyourdesk.co
777569.popularcldfa.co
d38psrni17bvxu.cloudfront.net
favwbook.com
safewarns.com
takhm-ylj.com
ww11.favwbook.com
104.21.31.167
104.21.86.225
13.33.100.30
132.148.232.95
146.148.34.125
34.205.42.136
75.2.122.238
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
2d800255ea5590992dbda692ea09f2c8a79df742e0ce26cbb2791f74b615eea9
48bbb4ee176e8280c71543e03005968c45f81cf437d87dfd4c9f021976df7eec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855