urlscan.io logo urlscan.io
SecurityTrails logo

www.zaful.com Open in urlscan Pro
3.160.196.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://googlehomedepot.com/
Effective URL: https://www.zaful.com/?lkid=82659175&subid=b9d321cc99fd9a6ed81bf7c41e038e68
Submission: On September 11 via api from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 20 HTTP transactions. The main IP is 3.160.196.42, located in and belongs to . The main domain is www.zaful.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 10th 2023. Valid for: a year.
This is the only time www.zaful.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.178.53 61969 (TEAMINTER...)
1 54.230.104.144 16509 (AMAZON-02)
2 34.205.42.136 14618 (AMAZON-AES)
2 104.21.86.225 13335 (CLOUDFLAR...)
1 2 104.21.31.167 13335 (CLOUDFLAR...)
1 2 132.148.232.95 398101 (GO-DADDY-...)
1 3.160.196.42 ()
20 8
4    185.53.178.53 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
googlehomedepot.com
1    54.230.104.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-104-144.mrs52.r.cloudfront.net
d38psrni17bvxu.cloudfront.net
2    34.205.42.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-42-136.compute-1.amazonaws.com
phraa-lby.com
2    104.21.86.225 (None, )

ASN13335 (CLOUDFLARENET, US)
763538.popularcldfa.co
2    104.21.31.167 (None, )

ASN13335 (CLOUDFLARENET, US)
755401.moveyourdesk.co
2    132.148.232.95 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 95.232.148.132.host.secureserver.net
safewarns.com
1    3.160.196.42 (None, )

ASN- ()
www.zaful.com
Domain Requested by
4 googlehomedepot.com d38psrni17bvxu.cloudfront.net
googlehomedepot.com
2 safewarns.com 1 redirects
2 755401.moveyourdesk.co 1 redirects
2 763538.popularcldfa.co phraa-lby.com
2 phraa-lby.com googlehomedepot.com
phraa-lby.com
1 www.zaful.com
1 d38psrni17bvxu.cloudfront.net googlehomedepot.com
0 uidesign.zafcdn.com Failed www.zaful.com
0 geshopcss.logsss.com Failed www.zaful.com
0 css.zafcdn.com Failed www.zaful.com
20 10

This site contains no links.

Subject Issuer Validity Valid
popularcldfa.co
E1		 2023-09-10 -
2023-12-09		 3 months crt.sh
moveyourdesk.co
GTS CA 1P5		 2023-09-09 -
2023-12-08		 3 months crt.sh
safewarns.com
cPanel, Inc. Certification Authority		 2023-08-15 -
2023-11-13		 3 months crt.sh
*.zaful.com
Amazon RSA 2048 M02		 2023-06-10 -
2024-07-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.zaful.com/?lkid=82659175&subid=b9d321cc99fd9a6ed81bf7c41e038e68
Frame ID: E895F0F8DABFE8EB8F295C4C89D70927
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://googlehomedepot.com/ Page URL
  2. http://phraa-lby.com/zclkvisitor/04336762-50e3-11ee-b7a1-1208b6f857a7/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. http://phraa-lby.com/zclkredirect?visitid=04336762-50e3-11ee-b7a1-1208b6f857a7&type=js&browserWid... Page URL
  4. https://763538.popularcldfa.co/bdv_rd.dbm?ownid=tk3qc0l50e-ovn-vvpmzb&enparms2=1371%2C1921566%2C3866696%2C1... Page URL
  5. https://763538.popularcldfa.co/bdv_rd3.dbm?frdto=763538 Page URL
  6. https://755401.moveyourdesk.co/bdvfrd.dbm?gten=68747470732533412532462532463735353430312e6d6f7665796f757264... Page URL
  7. https://755401.moveyourdesk.co/yardr.dbm?subid=b9d321cc99fd9a6ed81bf7c41e038e68&ccd=SG&type=I-CHI1-I-CHI2-I... HTTP 302
    https://safewarns.com/reviews/zaful.php?sgt=JUYsbxl-CoVnV24k2hAaVAql6lh_IQVp-DyD7SBtMIdjLTy_5YlNnq... Page URL
  8. https://safewarns.com/reviews/zaful.php HTTP 302
    https://www.zaful.com/?lkid=82659175&subid=b9d321cc99fd9a6ed81bf7c41e038e68 Page URL

Page Statistics

20
Requests

25 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

8
IPs

3
Countries

22 kB
Transfer

115 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://googlehomedepot.com/ Page URL
  2. http://phraa-lby.com/zclkvisitor/04336762-50e3-11ee-b7a1-1208b6f857a7/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=043f4e43-50e3-11ee-b7a1-1208b6f857a7 Page URL
  3. http://phraa-lby.com/zclkredirect?visitid=04336762-50e3-11ee-b7a1-1208b6f857a7&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false Page URL
  4. https://763538.popularcldfa.co/bdv_rd.dbm?ownid=tk3qc0l50e-ovn-vvpmzb&enparms2=1371%2C1921566%2C3866696%2C1322%2C1322%2C2321%2C1500%2C0%2C0%2C1326%2C0%2C1926979%2C763538%2C205046%2C122242473579%2C246229126%2Cnlx.glkvwvnlsvotllt&u_agnt=aaf8e1c5fa6f2472e971350e5968c28c&skter=glkvw%20vnls%2Cglkvw%20vn0s%2Cglkvw%20vs%2Cw%20vnls%2Cnivgplmey&czero=-1&cstate=vilkztmrh&skwdb=MLI&ccntry=TH&cctid=109&chsh=b9d321cc99fd9a6ed81bf7c41e038e68&rn=30206104396&cf=1&dlt=0&da=493976&pbi=0&exids=750470&frdto=763538 Page URL
  5. https://763538.popularcldfa.co/bdv_rd3.dbm?frdto=763538 Page URL
  6. https://755401.moveyourdesk.co/bdvfrd.dbm?gten=68747470732533412532462532463735353430312e6d6f7665796f75726465736b2e636f25324679617264722e64626d25334673756269642533446239643332316363393966643961366564383162663763343165303338653638253236636364253344534725323674797065253344492d434849312d492d434849322d492d422d43484942542d4d4d4b253236646c74253344302532366c63696425334431393230323435&sgntmp=3VHUdIqhj4u7V0C4UPlA35Ta5FmCpHyjNQh9QdIK1WCV6a3vZqn4fe5xJtw42a%2FpixOFSVTANNjaKMCu39NjWWFZiwhQ6Sr99D7ow7%2FjJZcnV8BbSqcO1qImnycG6wPbK0LhlNEi9wL7SO%2F8%2ByunxEK6&subid=b9d321cc99fd9a6ed81bf7c41e038e68&ccd=SG&type=I-CHI1-I-CHI2-I-B-CHIBT-MMK&dlt=0&lcid=1920245&prn=ci85b74836558b3a3f3d1e19b2df34427a&bm=0 Page URL
  7. https://755401.moveyourdesk.co/yardr.dbm?subid=b9d321cc99fd9a6ed81bf7c41e038e68&ccd=SG&type=I-CHI1-I-CHI2-I-B-CHIBT-MMK&dlt=0&lcid=1920245 HTTP 302
    https://safewarns.com/reviews/zaful.php?sgt=JUYsbxl-CoVnV24k2hAaVAql6lh_IQVp-DyD7SBtMIdjLTy_5YlNnqPVsSsm&subid=b9d321cc99fd9a6ed81bf7c41e038e68&mk=1 Page URL
  8. https://safewarns.com/reviews/zaful.php HTTP 302
    https://www.zaful.com/?lkid=82659175&subid=b9d321cc99fd9a6ed81bf7c41e038e68 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://755401.moveyourdesk.co/yardr.dbm?subid=b9d321cc99fd9a6ed81bf7c41e038e68&ccd=SG&type=I-CHI1-I-CHI2-I-B-CHIBT-MMK&dlt=0&lcid=1920245 HTTP 302
  • https://safewarns.com/reviews/zaful.php?sgt=JUYsbxl-CoVnV24k2hAaVAql6lh_IQVp-DyD7SBtMIdjLTy_5YlNnqPVsSsm&subid=b9d321cc99fd9a6ed81bf7c41e038e68&mk=1

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
googlehomedepot.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://googlehomedepot.com/
Protocol
HTTP/1.1
Server
185.53.178.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
a49dbf49454f6e6e7fa1365d4bce3bd59ce71a66755b9479428c49602a85672d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 11 Sep 2023 20:37:25 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_lcE1bLwNuJwinSf9iymHro5NojYaOXOR4C4pyVWFv0BE/3a+n9DLahhGzKp+COH9LrrbhamQQtJNU5PYrSTbow==
X-Buckets
bucket011
X-Domain
googlehomedepot.com
X-Language
english
X-Redirect
zeropark_zeroclick
X-Subdomain
X-Template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: googlehomedepot.com
URL: http://googlehomedepot.com/
Protocol
HTTP/1.1
Server
54.230.104.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-104-144.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://googlehomedepot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 05:55:41 GMT
Via
1.1 b610872a8a74821c40e2fbd7aa11d1c0.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 11:12:07 GMT
Server
nginx
X-Amz-Cf-Pop
MRS52-C1
Age
52905
ETag
"63ce6b87-448"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1096
X-Amz-Cf-Id
Dme3rO4bxaNKMnuJLutfxStFEh0fW6654jaiOb1nMufjRFSl8V-TBw==
track.php
googlehomedepot.com/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://googlehomedepot.com/track.php?domain=googlehomedepot.com&toggle=browserjs&uid=MTY5NDQ2NDY0NS4xNzE3OjE4ODE3ZmEzZmQzNTNhOThmMDBlMGJhOTlmZjY2Y2VmMDcyZjkwNzBiN2Y5YmMxOWE0ODFlMTIzZDNlZDc0ZmQ6NjRmZjdhODUyOWVhMA%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.178.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://googlehomedepot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 20:37:27 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive
ls.php
googlehomedepot.com/ 		16 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://googlehomedepot.com/ls.php?t=64ff7a85&token=b077bcd8cc355fc15720d671ef48fde7b1cbeaa1
Requested by
Host: googlehomedepot.com
URL: http://googlehomedepot.com/
Protocol
HTTP/1.1
Server
185.53.178.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://googlehomedepot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 20:37:27 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, OPTIONS
Charset
utf-8
Access-Control-Max-Age
86400
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_NDECFxhPaYyvcEdUBaXyili4JM086ILJU2VBC7u5RplJzEHHyI+Dys6+d6GkcETF5qwAAxzdD0LtUecw+4lqvA==
Connection
keep-alive
X-Log-Success
64ff7a87401d5659876cea10
track.php
googlehomedepot.com/ 		0
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://googlehomedepot.com/track.php?click=a811068826b20fbb29b5bcf830c05d8d0ba3569c&domain=googlehomedepot.com&uid=MTY5NDQ2NDY0NS4xNzE3OjE4ODE3ZmEzZmQzNTNhOThmMDBlMGJhOTlmZjY2Y2VmMDcyZjkwNzBiN2Y5YmMxOWE0ODFlMTIzZDNlZDc0ZmQ6NjRmZjdhODUyOWVhMA%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NGZmN2E4NTI5ZTcwfHx8MTY5NDQ2NDY0NS40NzU4fDIxNmZkNWNmMjc1NzE3Y2MzN2Q2MjRmY2RlMDBlNmNmZGZmYzE2N2R8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxiMDc3YmNkOGNjMzU1ZmMxNTcyMGQ2NzFlZjQ4ZmRlN2IxY2JlYWExfDB8fDB8MHw%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.178.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://googlehomedepot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 20:37:28 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
X-View-Match
true
Connection
keep-alive
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
phraa-lby.com/zclkvisitor/04336762-50e3-11ee-b7a1-1208b6f857a7/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://phraa-lby.com/zclkvisitor/04336762-50e3-11ee-b7a1-1208b6f857a7/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=043f4e43-50e3-11ee-b7a1-1208b6f857a7
Requested by
Host: googlehomedepot.com
URL: http://googlehomedepot.com/
Protocol
HTTP/1.1
Server
34.205.42.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-42-136.compute-1.amazonaws.com
Software
GpLNBfOs /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://googlehomedepot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Mon, 11 Sep 2023 20:37:29 GMT
Server
GpLNBfOs
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
zclkredirect
phraa-lby.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://phraa-lby.com/zclkredirect?visitid=04336762-50e3-11ee-b7a1-1208b6f857a7&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Requested by
Host: phraa-lby.com
URL: http://phraa-lby.com/zclkvisitor/04336762-50e3-11ee-b7a1-1208b6f857a7/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=043f4e43-50e3-11ee-b7a1-1208b6f857a7
Protocol
HTTP/1.1
Server
34.205.42.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-42-136.compute-1.amazonaws.com
Software
fYmWlSrt /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://phraa-lby.com/zclkvisitor/04336762-50e3-11ee-b7a1-1208b6f857a7/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=043f4e43-50e3-11ee-b7a1-1208b6f857a7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Mon, 11 Sep 2023 20:37:29 GMT
Server
fYmWlSrt
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
bdv_rd.dbm
763538.popularcldfa.co/ 		40 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://763538.popularcldfa.co/bdv_rd.dbm?ownid=tk3qc0l50e-ovn-vvpmzb&enparms2=1371%2C1921566%2C3866696%2C1322%2C1322%2C2321%2C1500%2C0%2C0%2C1326%2C0%2C1926979%2C763538%2C205046%2C122242473579%2C246229126%2Cnlx.glkvwvnlsvotllt&u_agnt=aaf8e1c5fa6f2472e971350e5968c28c&skter=glkvw%20vnls%2Cglkvw%20vn0s%2Cglkvw%20vs%2Cw%20vnls%2Cnivgplmey&czero=-1&cstate=vilkztmrh&skwdb=MLI&ccntry=TH&cctid=109&chsh=b9d321cc99fd9a6ed81bf7c41e038e68&rn=30206104396&cf=1&dlt=0&da=493976&pbi=0&exids=750470&frdto=763538
Requested by
Host: phraa-lby.com
URL: http://phraa-lby.com/zclkredirect?visitid=04336762-50e3-11ee-b7a1-1208b6f857a7&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.86.225 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bf07a59992dc83726b5e2853eae1cf02877368ec20ebe21c830705ef1ba48c3

Request headers

Referer
http://phraa-lby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8052b583e8f94021-SIN
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 20:37:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nllsuewWY%2B6mnDwDNndF8hjjv2qRSpRxR3oayUcO2Gq5fZNT%2FEuWAk6WFRzpnmoQX8qbBhDK1Bo%2B44222C%2FawF0gS4K4evXftXnJ1HsCCm7eNPCxgX9mGLxypzxtXWxasGSFo2GIkMl"}],"group":"cf-nel","max_age":604800}
server
cloudflare
bdv_rd3.dbm
763538.popularcldfa.co/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://763538.popularcldfa.co/bdv_rd3.dbm?frdto=763538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.86.225 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://763538.popularcldfa.co
Referer
https://763538.popularcldfa.co/bdv_rd.dbm?ownid=tk3qc0l50e-ovn-vvpmzb&enparms2=1371%2C1921566%2C3866696%2C1322%2C1322%2C2321%2C1500%2C0%2C0%2C1326%2C0%2C1926979%2C763538%2C205046%2C122242473579%2C246229126%2Cnlx.glkvwvnlsvotllt&u_agnt=aaf8e1c5fa6f2472e971350e5968c28c&skter=glkvw%20vnls%2Cglkvw%20vn0s%2Cglkvw%20vs%2Cw%20vnls%2Cnivgplmey&czero=-1&cstate=vilkztmrh&skwdb=MLI&ccntry=TH&cctid=109&chsh=b9d321cc99fd9a6ed81bf7c41e038e68&rn=30206104396&cf=1&dlt=0&da=493976&pbi=0&exids=750470&frdto=763538
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8052b5878ad94021-SIN
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 11 Sep 2023 20:37:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJyBfaVewJVXLi62qtzXUIo82RmMsm%2BEReLzz4ZWm9vgQIcMF%2ByjmpR8vjzrA24L%2Fkf2GBJSAVUguif7B8JEfCuK7X3plo92GBIlcpkpoMxUiUe%2BY8G%2Fvdy%2FHEKVdZ0s0pjfieGVBFdM"}],"group":"cf-nel","max_age":604800}
server
cloudflare
bdvfrd.dbm
755401.moveyourdesk.co/ 		484 B
826 B 		Document
General
Check archive.org
Download Go to
Full URL
https://755401.moveyourdesk.co/bdvfrd.dbm?gten=68747470732533412532462532463735353430312e6d6f7665796f75726465736b2e636f25324679617264722e64626d25334673756269642533446239643332316363393966643961366564383162663763343165303338653638253236636364253344534725323674797065253344492d434849312d492d434849322d492d422d43484942542d4d4d4b253236646c74253344302532366c63696425334431393230323435&sgntmp=3VHUdIqhj4u7V0C4UPlA35Ta5FmCpHyjNQh9QdIK1WCV6a3vZqn4fe5xJtw42a%2FpixOFSVTANNjaKMCu39NjWWFZiwhQ6Sr99D7ow7%2FjJZcnV8BbSqcO1qImnycG6wPbK0LhlNEi9wL7SO%2F8%2ByunxEK6&subid=b9d321cc99fd9a6ed81bf7c41e038e68&ccd=SG&type=I-CHI1-I-CHI2-I-B-CHIBT-MMK&dlt=0&lcid=1920245&prn=ci85b74836558b3a3f3d1e19b2df34427a&bm=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.31.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8052b58efa38407c-SIN
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 20:37:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvrRY3UGI1gaxZbLeUUOOty8NMWBVFVdOv4XqHSGPH2ywwfh3aGe8OIJwcDs1%2BqPzOsG%2FrGkQv2BgsLPXxg9uuRr%2B3oElcVtwitua%2BaFELDv6EtFMYOpjBT0BwouCFwYdcwK6SgxpE9g"}],"group":"cf-nel","max_age":604800}
server
cloudflare
zaful.php
safewarns.com/reviews/
Redirect Chain
  • https://755401.moveyourdesk.co/yardr.dbm?subid=b9d321cc99fd9a6ed81bf7c41e038e68&ccd=SG&type=I-CHI1-I-CHI2-I-B-CHIBT-MMK&dlt=0&lcid=1920245
  • https://safewarns.com/reviews/zaful.php?sgt=JUYsbxl-CoVnV24k2hAaVAql6lh_IQVp-DyD7SBtMIdjLTy_5YlNnqPVsSsm&subid=b9d321cc99fd9a6ed81bf7c41e038e68&mk=1
190 B
353 B 		Document
General
Check archive.org
Download Go to
Full URL
https://safewarns.com/reviews/zaful.php?sgt=JUYsbxl-CoVnV24k2hAaVAql6lh_IQVp-DyD7SBtMIdjLTy_5YlNnqPVsSsm&subid=b9d321cc99fd9a6ed81bf7c41e038e68&mk=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
132.148.232.95 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
95.232.148.132.host.secureserver.net
Software
Apache / PHP/7.4.33
Resource Hash
12368831f07831701c1e9a5a88869d504c16408cca1e6a5baec2e495fc0a30c9

Request headers

Referer
https://755401.moveyourdesk.co/bdvfrd.dbm?gten=68747470732533412532462532463735353430312e6d6f7665796f75726465736b2e636f25324679617264722e64626d25334673756269642533446239643332316363393966643961366564383162663763343165303338653638253236636364253344534725323674797065253344492d434849312d492d434849322d492d422d43484942542d4d4d4b253236646c74253344302532366c63696425334431393230323435&sgntmp=3VHUdIqhj4u7V0C4UPlA35Ta5FmCpHyjNQh9QdIK1WCV6a3vZqn4fe5xJtw42a%2FpixOFSVTANNjaKMCu39NjWWFZiwhQ6Sr99D7ow7%2FjJZcnV8BbSqcO1qImnycG6wPbK0LhlNEi9wL7SO%2F8%2ByunxEK6&subid=b9d321cc99fd9a6ed81bf7c41e038e68&ccd=SG&type=I-CHI1-I-CHI2-I-B-CHIBT-MMK&dlt=0&lcid=1920245&prn=ci85b74836558b3a3f3d1e19b2df34427a&bm=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
br
content-length
125
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 20:37:34 GMT
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8052b590cb2b407c-SIN
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 20:37:32 GMT
location
https://safewarns.com/reviews/zaful.php?sgt=JUYsbxl-CoVnV24k2hAaVAql6lh_IQVp-DyD7SBtMIdjLTy_5YlNnqPVsSsm&subid=b9d321cc99fd9a6ed81bf7c41e038e68&mk=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1QDr90w%2BdnCMqBHW6v7k5uT0%2F70McRU1uUs2cgHHgkw%2BWiqSe5BLwAKhXuHcRWnXYkbFpeQq8Ocp75N%2BBFo1jafwCFNJkIsOKg37GYyO89VbXh%2Bv7hn9pNNgHdz8Nm1qD%2BwWKBCjF1e"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request /
www.zaful.com/
Redirect Chain
  • https://safewarns.com/reviews/zaful.php
  • https://www.zaful.com/?lkid=82659175&subid=b9d321cc99fd9a6ed81bf7c41e038e68
67 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zaful.com/?lkid=82659175&subid=b9d321cc99fd9a6ed81bf7c41e038e68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.196.42 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash

Request headers

Referer
https://safewarns.com/reviews/zaful.php?sgt=JUYsbxl-CoVnV24k2hAaVAql6lh_IQVp-DyD7SBtMIdjLTy_5YlNnqPVsSsm&subid=b9d321cc99fd9a6ed81bf7c41e038e68&mk=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
4
cache-control
public, max-age=0, s-maxage=14400
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 11 Sep 2023 20:37:32 GMT
etag
W/"ab1b47bfaf4c64b1167eeeaded6fe72d"
last-modified
Mon, 11 Sep 2023 06:34:26 GMT
server
CloudFront
via
1.1 6aa902d7f791c28076db0d3748ab0eba.cloudfront.net (CloudFront)
x-amz-cf-id
rvm6C792Je3_uwgQtQEf0vHA9S24R0--Dw8FGGscLoabcuhF7HFYLw==
x-amz-cf-pop
MRS52-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront

Redirect headers

content-encoding
br
content-length
1
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 20:37:34 GMT
location
https://www.zaful.com/?lkid=82659175&subid=b9d321cc99fd9a6ed81bf7c41e038e68
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
PlusJakartaSans-Regular.woff2
css.zafcdn.com/imagecache/ZF_EN/fonts/ 		0
0
PlusJakartaSans-Bold.woff2
css.zafcdn.com/imagecache/ZF_EN/fonts/ 		0
0
PlusJakartaSans-SemiBold.woff2
css.zafcdn.com/imagecache/ZF_EN/fonts/ 		0
0
common_min.css
css.zafcdn.com/imagecache/ZF_EN/mincss/ 		0
0
jquery.1.9.1-LAB.2.0.3.min.js
css.zafcdn.com/imagecache/ZF_EN/minjs/ 		0
0
e5ea04b41e8a92f9d15972736001ab20.css
geshopcss.logsss.com/imagecache/geshop/statics/zf-pc/ZF-en/ 		0
0
0904W-PC-US_01.jpg
uidesign.zafcdn.com/ZF/image/12639/ 		0
0
logo_2x.png
css.zafcdn.com/imagecache/ZF_EN/images/pageimg/2023/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
css.zafcdn.com
URL
https://css.zafcdn.com/imagecache/ZF_EN/fonts/PlusJakartaSans-Regular.woff2
Domain
css.zafcdn.com
URL
https://css.zafcdn.com/imagecache/ZF_EN/fonts/PlusJakartaSans-Bold.woff2
Domain
css.zafcdn.com
URL
https://css.zafcdn.com/imagecache/ZF_EN/fonts/PlusJakartaSans-SemiBold.woff2
Domain
css.zafcdn.com
URL
https://css.zafcdn.com/imagecache/ZF_EN/mincss/common_min.css?v=691b601a30?v=20230509175450
Domain
css.zafcdn.com
URL
https://css.zafcdn.com/imagecache/ZF_EN/minjs/jquery.1.9.1-LAB.2.0.3.min.js?v=d01984c8df
Domain
geshopcss.logsss.com
URL
https://geshopcss.logsss.com/imagecache/geshop/statics/zf-pc/ZF-en/e5ea04b41e8a92f9d15972736001ab20.css?version=20221110104439
Domain
uidesign.zafcdn.com
URL
https://uidesign.zafcdn.com/ZF/image/12639/0904W-PC-US_01.jpg
Domain
css.zafcdn.com
URL
https://css.zafcdn.com/imagecache/ZF_EN/images/pageimg/2023/logo_2x.png

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

5 Cookies

Domain/Path Name / Value
safewarns.com/reviews Name: subid
Value: b9d321cc99fd9a6ed81bf7c41e038e68
safewarns.com/reviews Name: mk
Value: 1
763538.popularcldfa.co/ Name: ci85b74836558b3a3f3d1e19b2df34427a
Value: 1694464708
763538.popularcldfa.co/ Name: ci85b74836558b3a3f3d1e19b2df34427a_js
Value: 1694464711213
763538.popularcldfa.co/ Name: CF1-1aa1549c1c864d0e5e0f130d438b62c00
Value: 1694467949