urlscan.io logo urlscan.io
SecurityTrails logo

coresafari.com Open in urlscan Pro
2606:4700:3031::ac43:d338  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://getmorenows.myshopify.com/fuqij6
Effective URL: http://coresafari.com/aff_c?offer_id=437&aff_id=1506&source=nd&aff_sub=homedepot&aff_sub2=1184608104&aff_sub3=77473117...
Submission: On April 30 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 8 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3031::ac43:d338, located in United States and belongs to CLOUDFLARENET, US. The main domain is coresafari.com.
This is the only time coresafari.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 23.227.38.74 13335 (CLOUDFLAR...)
1 1 2606:4700:7::... 13335 (CLOUDFLAR...)
1 104.244.42.133 13414 (TWITTER)
1 2607:f8b0:400... 15169 (GOOGLE)
1 69.57.188.196 25653 (FORTRESSITX)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 52.85.61.98 16509 (AMAZON-02)
6 6
2    23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
getmorenows.myshopify.com
1    2606:4700:7::a29f:8955 (United States)

ASN13335 (CLOUDFLARENET, US)
zegsu.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    2607:f8b0:4006:80e::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)
firebasestorage.googleapis.com
1    69.57.188.196 (United States)

ASN25653 (FORTRESSITX, US)
naseeni.com
1    2606:4700:3031::ac43:d338 (United States)

ASN13335 (CLOUDFLARENET, US)
coresafari.com
2    52.85.61.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-98.ewr53.r.cloudfront.net
openfpcdn.io
Apex Domain
Subdomains		 Transfer
2 openfpcdn.io
openfpcdn.io — Cisco Umbrella Rank: 24877
13 KB
2 myshopify.com
getmorenows.myshopify.com
2 KB
1 coresafari.com
coresafari.com
2 KB
1 naseeni.com
naseeni.com — Cisco Umbrella Rank: 737789
446 B
1 googleapis.com
firebasestorage.googleapis.com — Cisco Umbrella Rank: 6134
838 B
1 t.co
t.co — Cisco Umbrella Rank: 485
714 B
1 zegsu.com
zegsu.com — Cisco Umbrella Rank: 162914
647 B
0 Failed
function sub() { [native code] }. Failed
6 8
Domain Requested by
2 openfpcdn.io 1 redirects coresafari.com
2 getmorenows.myshopify.com 2 redirects
1 coresafari.com naseeni.com
1 naseeni.com
1 firebasestorage.googleapis.com t.co
1 t.co
1 zegsu.com 1 redirects
0 127.0.0.1 Failed coresafari.com
6 8

This site contains no links.

Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.naseeni.com
Go Daddy Secure Certificate Authority - G2		 2021-11-15 -
2022-11-15		 a year crt.sh

This page contains 1 frames:

Frame: http://127.0.0.1/
Frame ID: FE359A9424C274E5ADB99F4D3DEB7D79
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://getmorenows.myshopify.com/fuqij6 HTTP 301
    https://getmorenows.myshopify.com/fuqij6 HTTP 301
    https://zegsu.com/s/cxi1p HTTP 302
    https://t.co/yjPHfuqij6?handle=fuqij6& Page URL
  2. https://firebasestorage.googleapis.com/v0/b/link-7351a.appspot.com/o/4.html?alt=media&token=cbc15fc2-74af-4775-9dfa... Page URL
  3. https://naseeni.com/1007a31d3b737ce8000 Page URL
  4. http://coresafari.com/aff_c?offer_id=437&aff_id=1506&source=nd&aff_sub=homedepot&aff_sub2=11846081... Page URL

Page Statistics

6
Requests

50 %
HTTPS

43 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

16 kB
Transfer

34 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://getmorenows.myshopify.com/fuqij6 HTTP 301
    https://getmorenows.myshopify.com/fuqij6 HTTP 301
    https://zegsu.com/s/cxi1p HTTP 302
    https://t.co/yjPHfuqij6?handle=fuqij6& Page URL
  2. https://firebasestorage.googleapis.com/v0/b/link-7351a.appspot.com/o/4.html?alt=media&token=cbc15fc2-74af-4775-9dfa-0fcd83c3e5f5 Page URL
  3. https://naseeni.com/1007a31d3b737ce8000 Page URL
  4. http://coresafari.com/aff_c?offer_id=437&aff_id=1506&source=nd&aff_sub=homedepot&aff_sub2=1184608104&aff_sub3=77473117&aff_sub4= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://getmorenows.myshopify.com/fuqij6 HTTP 301
  • https://getmorenows.myshopify.com/fuqij6 HTTP 301
  • https://zegsu.com/s/cxi1p HTTP 302
  • https://t.co/yjPHfuqij6?handle=fuqij6&
Request Chain 3
  • https://openfpcdn.io/fingerprintjs/v3 HTTP 302
  • https://openfpcdn.io/fingerprintjs/v3.3.3/esm.min.js
Request Chain 4
  • http://coresafari.com/aff_c?offer_id=437&aff_id=1506&source=nd&aff_sub=homedepot&aff_sub2=1184608104&aff_sub3=77473117&aff_sub4=&view=ce191e43db2bdc6555b29a74bd089339 HTTP 302
  • http://127.0.0.1/

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
yjPHfuqij6
t.co/
Redirect Chain
  • http://getmorenows.myshopify.com/fuqij6
  • https://getmorenows.myshopify.com/fuqij6
  • https://zegsu.com/s/cxi1p
  • https://t.co/yjPHfuqij6?handle=fuqij6&
551 B
714 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/yjPHfuqij6?handle=fuqij6&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
272
content-type
text/html; charset=utf-8
date
Sat, 30 Apr 2022 11:37:51 GMT
expires
Sat, 30 Apr 2022 11:42:51 GMT
server
tsa_b
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
47e48922ecda49ed25b78cfdf60a85fdfd0534b5ae7b05ab79d6bf2641514e93
x-response-time
12
x-xss-protection
0

Redirect headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
703ffce1f62a7144-YUL
content-length
128
content-type
text/html; charset=utf-8
date
Sat, 30 Apr 2022 11:37:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://t.co/yjPHfuqij6?handle=fuqij6&
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0SujEt5wzvDM4ZOMwcNAVC1jnOv5%2BGK5RCJqzuRibxg8ecDomeP7%2FQa26hZIjBbHMi6pqSPG5ZcnAbw0YgqOGHxYan9CVKzEG38gaLHXWVuAPH%2BzEcd4d5NHs8lcXTrOqRsj6V6oJM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4.html
firebasestorage.googleapis.com/v0/b/link-7351a.appspot.com/o/ 		170 B
838 B 		Document
General
Check archive.org
Download Go to
Full URL
https://firebasestorage.googleapis.com/v0/b/link-7351a.appspot.com/o/4.html?alt=media&token=cbc15fc2-74af-4775-9dfa-0fcd83c3e5f5
Requested by
Host: t.co
URL: https://t.co/yjPHfuqij6?handle=fuqij6&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
da708d2d05bc8a41e0f5180437b62f8fc2e3291f4cfd8a90be7e3d3841dfbc09

Request headers

Referer
https://t.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-disposition
inline; filename*=utf-8''4.html
content-length
170
content-type
text/html
date
Sat, 30 Apr 2022 11:37:52 GMT
etag
"9e892d2cb6f3265793b4a1d1a1c8dd7d"
expires
Sat, 30 Apr 2022 11:37:52 GMT
last-modified
Fri, 29 Apr 2022 18:34:39 GMT
server
UploadServer
x-goog-generation
1651257279247760
x-goog-hash
crc32c=eY5/yA== md5=noktLLbzJleTtKHRocjdfQ==
x-goog-meta-firebasestoragedownloadtokens
cbc15fc2-74af-4775-9dfa-0fcd83c3e5f5
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
170
x-guploader-uploadid
ADPycdszjixXiPsLj90AfxGoJN03X4-5x-eol2rF9HUY5J_PwDA-YZk7UC9FkuOdUxRqrpoIvLWhMRZKp_F6FbkO256bDGO_CrVJ
1007a31d3b737ce8000
naseeni.com/ 		191 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://naseeni.com/1007a31d3b737ce8000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.57.188.196 , United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://firebasestorage.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
191
Content-Type
text/html; charset=UTF-8
Date
Sat, 30 Apr 2022 11:37:53 GMT
Server
Apache
Primary Request aff_c
coresafari.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://coresafari.com/aff_c?offer_id=437&aff_id=1506&source=nd&aff_sub=homedepot&aff_sub2=1184608104&aff_sub3=77473117&aff_sub4=
Requested by
Host: naseeni.com
URL: https://naseeni.com/1007a31d3b737ce8000
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:d338 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a668f6df3dc50496cd6e7fe095e48b632914b0cf6273f95c250f70a18d4f8af7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
703ffceadfa8713c-YUL
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 30 Apr 2022 11:37:53 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2FBkXZrfDVKXo%2FLtk4EE%2B2VwYRQsKER8LiAT%2BfTz3aminpDKvxRNXLHUsHKJihgdgDXvhthK4195Zq4MZ%2BxmsTONjh2OStPhfEbBob9bM9KBqXpbHKO9gYRBkYPIWprJa9zYBVNeqxKTARGXw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
esm.min.js
openfpcdn.io/fingerprintjs/v3.3.3/
Redirect Chain
  • https://openfpcdn.io/fingerprintjs/v3
  • https://openfpcdn.io/fingerprintjs/v3.3.3/esm.min.js
31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3.3.3/esm.min.js
Requested by
Host: coresafari.com
URL: http://coresafari.com/aff_c?offer_id=437&aff_id=1506&source=nd&aff_sub=homedepot&aff_sub2=1184608104&aff_sub3=77473117&aff_sub4=
Protocol
H2
Server
52.85.61.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-98.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
66ca1643eabf887594645c58317ad8c2d37b8cb7e9266a9a7a0f54dd826162c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://coresafari.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 14:57:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
CloudFront
age
2752845
etag
W/"okl+saWiuE9FSJqFFzOOURi4+hA"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30035659
x-amz-cf-pop
EWR53-P1
vary
Accept-Encoding
x-amz-cf-id
MxN4nywdyMmf6N8pfWoInK_Y_DPNEt9e7iM9DwNeZ-_dKF1SI0BwxA==
via
1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)

Redirect headers

date
Sat, 30 Apr 2022 10:59:53 GMT
via
1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
server
CloudFront
age
2280
location
/fingerprintjs/v3.3.3/esm.min.js
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
public, max-age=588944, s-maxage=3535
x-amz-cf-pop
EWR53-P1
content-length
0
x-amz-cf-id
B8xFIqzinnM3YQOKuxU0UWWsHvvRyg9oJQPVcMblnSjnuW2m5F_1wg==
/
127.0.0.1/
Redirect Chain
  • http://coresafari.com/aff_c?offer_id=437&aff_id=1506&source=nd&aff_sub=homedepot&aff_sub2=1184608104&aff_sub3=77473117&aff_sub4=&view=ce191e43db2bdc6555b29a74bd089339
  • http://127.0.0.1/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
127.0.0.1
URL
http://127.0.0.1/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
getmorenows.myshopify.com/ Name: keep_alive
Value: 0c9786b5-087b-46b9-9405-1faa1d29732e
zegsu.com/ Name: connect.sid
Value: s%3AEg9o1ksYrGUEUuTsGZQKTJULMBggYTZH.VW5pwVTjxHXry76NA7QFWulLm1tzU8oHvIsMh42y3y0
.t.co/ Name: muc
Value: 9cf22fc1-13de-410d-993c-764536575d22
.t.co/ Name: muc_ads
Value: 9cf22fc1-13de-410d-993c-764536575d22
naseeni.com/ Name: uid15344
Value: 1184608104-20220430063753-9b012c1f585fe328af1a3b74e2de7568-

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0