safechromeaddons.com
Open in
urlscan Pro
2606:4700:3034::ac43:d6cd
Public Scan
Submitted URL: https://shop2dayhd.co/
Effective URL: https://safechromeaddons.com/verified/update-v2.9/?cep=vTjv29ASeciSxhuJHm55GstfMTnRlZi7pa1lnNKgcGKmyIhQ16jhPIoCD-WItH1933ujCj...
Submission: On December 21 via api from US — Scanned from DE
Effective URL: https://safechromeaddons.com/verified/update-v2.9/?cep=vTjv29ASeciSxhuJHm55GstfMTnRlZi7pa1lnNKgcGKmyIhQ16jhPIoCD-WItH1933ujCj...
Submission: On December 21 via api from US — Scanned from DE
Summary
This website contacted 8 IPs
in 2 countries
across 6 domains to perform 17 HTTP transactions.
The main IP is 2606:4700:3034::ac43:d6cd, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is safechromeaddons.com.
TLS certificate: Issued by WE1 on December 18th 2024. Valid for: 3 months.
This is the only time safechromeaddons.com was scanned on urlscan.io!
TLS certificate: Issued by WE1 on December 18th 2024. Valid for: 3 months.
This is the only time safechromeaddons.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 4 | 70.32.1.32 70.32.1.32 | 32181 (ASN-GIGENET) (ASN-GIGENET) | |
| 1 4 | 103.224.182.206 103.224.182.206 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
| 2 2 | 2600:9000:235... 2600:9000:235a:e000:1c:40fc:d500:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2606:4700:303... 2606:4700:3034::ac43:d6cd | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 2 | 35.209.47.14 35.209.47.14 | 15169 (GOOGLE) (GOOGLE) | |
| 1 7 | 172.67.214.205 172.67.214.205 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2606:4700::68... 2606:4700::6810:5049 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2600:9000:235... 2600:9000:235a:aa00:1c:40fc:d500:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 17 | 8 |
4
70.32.1.32
(Ashburn, United States)
ASN32181 (ASN-GIGENET, US)
PTR: ip-70.32.1.32.hosted.by.gigenet.com
ASN32181 (ASN-GIGENET, US)
PTR: ip-70.32.1.32.hosted.by.gigenet.com
| shop2dayhd.co |
4
103.224.182.206
(Australia)
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
| cibago.com |
2
2600:9000:235a:e000:1c:40fc:d500:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| track.ads-analytix.com |
2
35.209.47.14
(Council Bluffs, United States)
ASN15169 (GOOGLE, US)
PTR: 14.47.209.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 14.47.209.35.bc.googleusercontent.com
| textune.us |
1
2600:9000:235a:aa00:1c:40fc:d500:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| track.ads-analytix.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 8 |
safechromeaddons.com
1 redirects
safechromeaddons.com |
373 KB |
| 4 |
cibago.com
1 redirects
cibago.com — Cisco Umbrella Rank: 350584 |
3 KB |
| 4 |
shop2dayhd.co
1 redirects
shop2dayhd.co |
17 KB |
| 3 |
ads-analytix.com
2 redirects
track.ads-analytix.com |
5 KB |
| 2 |
textune.us
1 redirects
textune.us |
1 KB |
| 1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617 |
7 KB |
| 17 | 6 |
| Domain | Requested by | |
|---|---|---|
| 8 | safechromeaddons.com |
1 redirects
cibago.com
safechromeaddons.com static.cloudflareinsights.com |
| 4 | cibago.com |
1 redirects
shop2dayhd.co
cibago.com |
| 4 | shop2dayhd.co |
1 redirects
shop2dayhd.co
|
| 3 | track.ads-analytix.com |
2 redirects
shop2dayhd.co
|
| 2 | textune.us |
1 redirects
safechromeaddons.com
|
| 1 | static.cloudflareinsights.com |
safechromeaddons.com
|
| 17 | 6 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| track.ads-analytix.com |
| textune.us |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| qn169.com R10 |
2024-11-17 - 2025-02-15 |
3 months | crt.sh |
| mauricehomes.com R10 |
2024-10-22 - 2025-01-20 |
3 months | crt.sh |
| safechromeaddons.com WE1 |
2024-12-18 - 2025-03-18 |
3 months | crt.sh |
| cloudflareinsights.com WE1 |
2024-11-01 - 2025-01-30 |
3 months | crt.sh |
| track.ads-analytix.com Amazon RSA 2048 M02 |
2024-09-18 - 2025-10-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://safechromeaddons.com/verified/update-v2.9/?cep=vTjv29ASeciSxhuJHm55GstfMTnRlZi7pa1lnNKgcGKmyIhQ16jhPIoCD-WItH1933ujCjzUWK22ObDcdRes0gjBuFgVXqbH2YEXC1OTQa0p6AjSR-pEf58gIVEH8QyRE6xkEBRCr3_UqKKGH_eUwooWzS4DXlXfvkcxkE4xc9HRl4dz3TqdL-yYiucbsgoMjmhvHU6JneSwGnauy48bUJfZ7HNHoz-x5HyBYZGq097xwZoyHEukC2p5J6IvHEMPkFfcmFhE53TNQCwYoEfOw38pn4EkBxINE9vkTag5KUJ80T1jlCNwuJFRP_E1vF21HYd3b0yPUBp46aolFezhFCfYtu62dkKQUtVL_Jabnvqs9Irl7y0uI56MfflFATi9FLu1Si35cBq_KG3LxxwE6ShCsg0aeH9ujRxOVJiV0qbLUMy7oSNIsrsNhShR78MKe5UDTl6AcLxXasbdc-H0NlBO-rRyDCy7NBXlylJW3Ic&lptoken=17d23467804518ce37af&subid=1681344032&kw=.de.01.desktop.chrome&cpv=0.010&sid=2024122203535477ac1797025fb5cbe4
Frame ID: 8E4EFB639F6F25BB4C0B89E709A7D5A8
Requests: 17 HTTP requests in this frame
Frame:
https://safechromeaddons.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: F425B27929281B33DF98717C651E49CB
Requests: 3 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://shop2dayhd.co/ Page URL
-
http://shop2dayhd.co/?fp=b5023d434259bd13c22cdb0803ba25da
HTTP 307
https://shop2dayhd.co/?fp=b5023d434259bd13c22cdb0803ba25da HTTP 302
http://cibago.com/xr.php?e=etdF%2B6hmdI%2B%2B%2BBl6xdFq7n49fnhkc2ZuUENBNDNYQlZkczNOUmxjbXdCRWV... HTTP 307
https://cibago.com/xr.php?e=etdF%2B6hmdI%2B%2B%2BBl6xdFq7n49fnhkc2ZuUENBNDNYQlZkczNOUmxjbXdCRWV... Page URL
-
https://cibago.com/r.php?u=https%3A%2F%2Ftrack.ads-analytix.com%2F73811a33-be9c-451d-ab39-b5c1d...
HTTP 302
https://track.ads-analytix.com/73811a33-be9c-451d-ab39-b5c1d3c6bc93?subid=1681344032&kw=.de.01.desktop.chro... HTTP 307
https://track.ads-analytix.com/73811a33-be9c-451d-ab39-b5c1d3c6bc93/2?subid=1681344032&kw=.de.01.desktop.ch... HTTP 302
https://safechromeaddons.com/verified/update-v2.9/?cep=vTjv29ASeciSxhuJHm55GstfMTnRlZi7pa1lnNKgcGKmyIhQ16... Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
Cloudflare Browser Insights
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
URL: https://track.ads-analytix.com/click/1?cep=OFGGInnly5MQy8UqSQ6SkWB03jb_jMG7CMh5kq1icR4AK1rGPcDtPK6guV3c0yNBDfxJae_ryr4rfVW-Abp5qAKVmN_85Q9yPK8aLgwtdSTDFjmf6kpspegg4AI4Mcm4KPOe0O1yOQYEOLdVl6myXdSqLNMXJvHiLptZSDB8Ek_4oabwv_BkRwrCLybYrfVjmDCZEtdxs-RoWAzij7WVJyGaa-pyrAhEmqBx_7dUbzi9UUZQ-Pbb1iDDwOaNVxSk7FtQAK6xpyc1IjqEevxwPSv_ZSA-ny0OOWS1cEE8H5GhC5EdbwB2T83HIg7xnOq4WCnC15_8sbp7YjLTxCU-fLE73CCh9TQTdjgHqeyH1j1pq8eF4YVF25hWdqghpy4KeCAiO5G1G5k-N_LPh5PEc5adf5Q9RJf6HCHaY7uZHn7tfK5OsM4kx3uMZIo1DS9g_HPnq4mwnuVKOftsJqhkgQ
Title: Add Extension
Title: Add Extension
Search URL Search Domain Scan URL
URL: https://textune.us/terms-of-use
Title: Terms
Title: Terms
Search URL Search Domain Scan URL
URL: https://textune.us/privacy-policy
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
URL: https://textune.us/contact-us/
Title: Contact Us
Title: Contact Us
Search URL Search Domain Scan URL
URL: https://textune.us/
Title: About Us
Title: About Us
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://shop2dayhd.co/ Page URL
-
http://shop2dayhd.co/?fp=b5023d434259bd13c22cdb0803ba25da
HTTP 307
https://shop2dayhd.co/?fp=b5023d434259bd13c22cdb0803ba25da HTTP 302
http://cibago.com/xr.php?e=etdF%2B6hmdI%2B%2B%2BBl6xdFq7n49fnhkc2ZuUENBNDNYQlZkczNOUmxjbXdCRWVQUzRWOHhPRVY0cUZrQUlMaXQvMzRFNWFoUmQxbXgwaGxSM0dCaEZCYUtXNmZ6b3JMZ2h2Snp3VTErWnJ1aTFKTHVKbjZ3YlpIRG9qYkVWcHI0bFg2RHpSNGVYTWJEaDBoeFhrUks1SFRvUFhaSFVXR0t0bThCMU5BK0FWb2UveVl1M0JCOWFBQkliMnExMUFMRm9qbTN6eGFqVkhKd3lFTkdrZVFYR28xNUdkTk5CWHBaclZwQStmTEc4RlJTeEVjNFVjUkRnNWNzYzdtdkt2K0ZLVUVISEFIWWg0SHVQMXBUTHIvbjhicnlONWZUSWMzdFY3cFJSY2pDTmhZa25DZWZNdk9BTVowaEVxYmlXS2c5ZU9DSE9oQlphdGlrZ2JDcWpqcHV1NUJoWlcxMlpydWltMUNNWHppVXYzeHRrVFpkeU5MOEFMdVlpN0pQZkJMZE83NGpSSGtoN2hmZTgweGl2bUpmd2g1RXpubnIvUDJNVjRmU1VmMUJKT1FHcXVrQTZNL0JvNkY4S1h0dTN3bmp4TXd3T1EyL0NzaWd1Q3FSUG8zV0syQTk0RkVCT0U5cVN2RjllWjJlMTlJSFYzRWpHbHovY3VPUXo5dVd4RndiL1FyMXhZMWV3Z2kyZ29FRnJvaHhPMmFqVmNia2gwSFk5U2xrVFdBZ3lTanJucHJML1AzVzFTbjI4WmN3QWNuRUg1enpITXlEbzdZc05aNmVRSHBkTmMyM0FwTXdjMHd3anE2MG1NUHFWZGtHcXNTVXhRQlBuYXQ2MDhCWkpyVzN0cDUrQmNDdyttQ0xQOGZ2ZVB1ajl4WEd4a2gvUTFlYkhncmNYUHhRNTRNRUUzSThyMzljY0xEdXcxZ1NpcUprQmVwVTZxdUc4Z2p5L0ZRZG1YcWhLQk5VT3Z4RHl2Ni9MTlkwUHUyUCt5N1pqU2NBQVVVOW01UWZqK2VVODUvazRuV3B2ZWI4Ti8zTlp5TFB6amNxUzRxeU9DQlpISXZFM2Q5MHdzcFNQd2RzcnhHUE16djRrMk8wa0FRTWdwNG5wTG0yR3VNNWR1ZjBEWHNmNkVzSFE1RWppd0E5SDJZa2JkNDRoRExEcU41ZGVSbFNJcDlPSVNHSkg4MGo5L05PMXd5T2xnV0E3WHhWZmxad0l1L2lXVjJyUzZ4QlJ2QVNTQUZiMC9Ec0hXTXN0ZDdTTThIQUcwWFBpSS9zeTBYU2ZjbjVWMi8xSDhqS1lVWTduMllFZm0xTlZSMnNVd0hEdTBwQ2xRNzlQYWYwUlUyb2lkUVFUTkxiSVhjWkt3bG89 HTTP 307
https://cibago.com/xr.php?e=etdF%2B6hmdI%2B%2B%2BBl6xdFq7n49fnhkc2ZuUENBNDNYQlZkczNOUmxjbXdCRWVQUzRWOHhPRVY0cUZrQUlMaXQvMzRFNWFoUmQxbXgwaGxSM0dCaEZCYUtXNmZ6b3JMZ2h2Snp3VTErWnJ1aTFKTHVKbjZ3YlpIRG9qYkVWcHI0bFg2RHpSNGVYTWJEaDBoeFhrUks1SFRvUFhaSFVXR0t0bThCMU5BK0FWb2UveVl1M0JCOWFBQkliMnExMUFMRm9qbTN6eGFqVkhKd3lFTkdrZVFYR28xNUdkTk5CWHBaclZwQStmTEc4RlJTeEVjNFVjUkRnNWNzYzdtdkt2K0ZLVUVISEFIWWg0SHVQMXBUTHIvbjhicnlONWZUSWMzdFY3cFJSY2pDTmhZa25DZWZNdk9BTVowaEVxYmlXS2c5ZU9DSE9oQlphdGlrZ2JDcWpqcHV1NUJoWlcxMlpydWltMUNNWHppVXYzeHRrVFpkeU5MOEFMdVlpN0pQZkJMZE83NGpSSGtoN2hmZTgweGl2bUpmd2g1RXpubnIvUDJNVjRmU1VmMUJKT1FHcXVrQTZNL0JvNkY4S1h0dTN3bmp4TXd3T1EyL0NzaWd1Q3FSUG8zV0syQTk0RkVCT0U5cVN2RjllWjJlMTlJSFYzRWpHbHovY3VPUXo5dVd4RndiL1FyMXhZMWV3Z2kyZ29FRnJvaHhPMmFqVmNia2gwSFk5U2xrVFdBZ3lTanJucHJML1AzVzFTbjI4WmN3QWNuRUg1enpITXlEbzdZc05aNmVRSHBkTmMyM0FwTXdjMHd3anE2MG1NUHFWZGtHcXNTVXhRQlBuYXQ2MDhCWkpyVzN0cDUrQmNDdyttQ0xQOGZ2ZVB1ajl4WEd4a2gvUTFlYkhncmNYUHhRNTRNRUUzSThyMzljY0xEdXcxZ1NpcUprQmVwVTZxdUc4Z2p5L0ZRZG1YcWhLQk5VT3Z4RHl2Ni9MTlkwUHUyUCt5N1pqU2NBQVVVOW01UWZqK2VVODUvazRuV3B2ZWI4Ti8zTlp5TFB6amNxUzRxeU9DQlpISXZFM2Q5MHdzcFNQd2RzcnhHUE16djRrMk8wa0FRTWdwNG5wTG0yR3VNNWR1ZjBEWHNmNkVzSFE1RWppd0E5SDJZa2JkNDRoRExEcU41ZGVSbFNJcDlPSVNHSkg4MGo5L05PMXd5T2xnV0E3WHhWZmxad0l1L2lXVjJyUzZ4QlJ2QVNTQUZiMC9Ec0hXTXN0ZDdTTThIQUcwWFBpSS9zeTBYU2ZjbjVWMi8xSDhqS1lVWTduMllFZm0xTlZSMnNVd0hEdTBwQ2xRNzlQYWYwUlUyb2lkUVFUTkxiSVhjWkt3bG89 Page URL
-
https://cibago.com/r.php?u=https%3A%2F%2Ftrack.ads-analytix.com%2F73811a33-be9c-451d-ab39-b5c1d3c6bc93%3Fsubid%3D1681344032%26kw%3D.de.01.desktop.chrome%26cpv%3D0.010%26sid%3D2024122203535477ac1797025fb5cbe4&s=j&enc=5yb9brzAXNQmC8hjdKSwUH49fm1hUDNCQ3M0REpRQXl4MW5iQzlYSVA3NDJ2TG52L0ZXZnFVZ0pLYzVOM3NRWEhuSzNNOS9TM24rOTJTaDUySFRjYWM5NHRScklvb3Z3ZXV5ZEwwUWxGNEFoMkJSdituMEdYN1FZaHVjMmRYY21hQnJnNlFhekFDdDQ3NEZmc0xkNm9LaWtQZnpNL3JEMTF4WFloYzhzRzVZWUhSVUdRNUxiQm5uZG0xREtXWUNHZjRyVi9vZTdQYmxJNFpVMWc1WFhrR09KTWRVc3ZPc09mQ1NaR0NuSXNOcnhoRm84NUFmMFZycW1TWE44b0Q0clY0SFpxc0dnZDV2dytZSTRZV25LRVZnZmxuZk5YZ3FZNDFweHhlV3FTZ0hvVHJmbXZjaUJmODR2OWdWcTNqSFhHK3JGcm1ic0FXL3ZySzBzdE1uNTJzUWRwaWwrYXRxRFVqYndvM0hicFZQSEludFZxN20zUGxOdUZmdFZkWGVYVlZGSUdpTWNTYkRJWVhnYkltajVsUXJjOFBLQ1pNTzFjd21OOTYwNlVtaXkwWnBQd0huN3JScmo1elNDcWR3Z0NCOUZiV0lSVTg1SXZzd281QlRUUTFpL3FKSGRwVmxlaVR1Wkdob2VMeVV4Sm5RUzNGTlhFRmlYWlRKbWtSelVCL3dudkhLUTY5Kzltc0JrSjJMWUVTdFNPK0JnbFllZjdLRy9aeW5hcG9VL3c1QVVUcU9UbVBBUzdwYy80eWZqNHRZM1VUMGI0MW15OFB3Z3d2SlZUaUF2NGNTS24vZUVHQ3d2VHgvTFNqUzNGaUxISlNjb0tOdFlHRURQMXVFMkpDMXBMNFhvV1pFRGtOTWNneVNSUkZBOU1aaDJRcTVQWURCR2xZRXlNaWE4N0hFbVNpMFE1SzFENlNvZXVLRE5KQnJFanFvUU5jSFhXVFQyRGRJSTQxakNFcUVabU41MURRWVNDNGZ3R2pVMnRjVWcwY0FiOHhIaW16MFNJT0U2bDJVV3BDZzMzMVBoNnVPMkoxaEE5YUJKa0VWMXc0V0pNK2VDN1dNWCt1U2QvRXZ5WjVhV1RjWWZ3dDlJdkRiTWxjaUpwSEtQVHV1Y1diLzZVVFAwbTRSbWJ5cXdZbUdVOURUMVd3aFZHV1QxUklxYlZwM2ZxbUxTWGtZaGRwZHlPVkorWkFvdmxoa0xhOTB4amxJSjdOSFlMbzRzblNJeXJCR3dhM3E2dXIrMTlRYUdxMjY3ODYwZk9WRW1EaDZuNFJQVWh3bTdBSFNBU0RvZ3RrUzRjN3ZzNzN1SWhxVVNUME1ySWQ1c0lRWm1vaWdBOHI3VVY1aXhmdEd5c29lajZ0eGV4a1JnYW8vdnBhVDJlMVB2NzdvdkpkMi9GSlZJbll0VnlBaEdkeHQrdGxldWlNN2J5U3d2QU51V0p6N1d0QlhhQTU2ek9GZEZyUHpjRERE&vs=1600:1200&ds=1600:1200&sl=160:160&os=f&nos=f&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=b5023d434259bd13c22cdb0803ba25da
HTTP 302
https://track.ads-analytix.com/73811a33-be9c-451d-ab39-b5c1d3c6bc93?subid=1681344032&kw=.de.01.desktop.chrome&cpv=0.010&sid=2024122203535477ac1797025fb5cbe4 HTTP 307
https://track.ads-analytix.com/73811a33-be9c-451d-ab39-b5c1d3c6bc93/2?subid=1681344032&kw=.de.01.desktop.chrome&cpv=0.010&sid=2024122203535477ac1797025fb5cbe4 HTTP 302
https://safechromeaddons.com/verified/update-v2.9/?cep=vTjv29ASeciSxhuJHm55GstfMTnRlZi7pa1lnNKgcGKmyIhQ16jhPIoCD-WItH1933ujCjzUWK22ObDcdRes0gjBuFgVXqbH2YEXC1OTQa0p6AjSR-pEf58gIVEH8QyRE6xkEBRCr3_UqKKGH_eUwooWzS4DXlXfvkcxkE4xc9HRl4dz3TqdL-yYiucbsgoMjmhvHU6JneSwGnauy48bUJfZ7HNHoz-x5HyBYZGq097xwZoyHEukC2p5J6IvHEMPkFfcmFhE53TNQCwYoEfOw38pn4EkBxINE9vkTag5KUJ80T1jlCNwuJFRP_E1vF21HYd3b0yPUBp46aolFezhFCfYtu62dkKQUtVL_Jabnvqs9Irl7y0uI56MfflFATi9FLu1Si35cBq_KG3LxxwE6ShCsg0aeH9ujRxOVJiV0qbLUMy7oSNIsrsNhShR78MKe5UDTl6AcLxXasbdc-H0NlBO-rRyDCy7NBXlylJW3Ic&lptoken=17d23467804518ce37af&subid=1681344032&kw=.de.01.desktop.chrome&cpv=0.010&sid=2024122203535477ac1797025fb5cbe4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- http://shop2dayhd.co/?fp=b5023d434259bd13c22cdb0803ba25da HTTP 307
- https://shop2dayhd.co/?fp=b5023d434259bd13c22cdb0803ba25da HTTP 302
- http://cibago.com/xr.php?e=etdF%2B6hmdI%2B%2B%2BBl6xdFq7n49fnhkc2ZuUENBNDNYQlZkczNOUmxjbXdCRWVQUzRWOHhPRVY0cUZrQUlMaXQvMzRFNWFoUmQxbXgwaGxSM0dCaEZCYUtXNmZ6b3JMZ2h2Snp3VTErWnJ1aTFKTHVKbjZ3YlpIRG9qYkVWcHI0bFg2RHpSNGVYTWJEaDBoeFhrUks1SFRvUFhaSFVXR0t0bThCMU5BK0FWb2UveVl1M0JCOWFBQkliMnExMUFMRm9qbTN6eGFqVkhKd3lFTkdrZVFYR28xNUdkTk5CWHBaclZwQStmTEc4RlJTeEVjNFVjUkRnNWNzYzdtdkt2K0ZLVUVISEFIWWg0SHVQMXBUTHIvbjhicnlONWZUSWMzdFY3cFJSY2pDTmhZa25DZWZNdk9BTVowaEVxYmlXS2c5ZU9DSE9oQlphdGlrZ2JDcWpqcHV1NUJoWlcxMlpydWltMUNNWHppVXYzeHRrVFpkeU5MOEFMdVlpN0pQZkJMZE83NGpSSGtoN2hmZTgweGl2bUpmd2g1RXpubnIvUDJNVjRmU1VmMUJKT1FHcXVrQTZNL0JvNkY4S1h0dTN3bmp4TXd3T1EyL0NzaWd1Q3FSUG8zV0syQTk0RkVCT0U5cVN2RjllWjJlMTlJSFYzRWpHbHovY3VPUXo5dVd4RndiL1FyMXhZMWV3Z2kyZ29FRnJvaHhPMmFqVmNia2gwSFk5U2xrVFdBZ3lTanJucHJML1AzVzFTbjI4WmN3QWNuRUg1enpITXlEbzdZc05aNmVRSHBkTmMyM0FwTXdjMHd3anE2MG1NUHFWZGtHcXNTVXhRQlBuYXQ2MDhCWkpyVzN0cDUrQmNDdyttQ0xQOGZ2ZVB1ajl4WEd4a2gvUTFlYkhncmNYUHhRNTRNRUUzSThyMzljY0xEdXcxZ1NpcUprQmVwVTZxdUc4Z2p5L0ZRZG1YcWhLQk5VT3Z4RHl2Ni9MTlkwUHUyUCt5N1pqU2NBQVVVOW01UWZqK2VVODUvazRuV3B2ZWI4Ti8zTlp5TFB6amNxUzRxeU9DQlpISXZFM2Q5MHdzcFNQd2RzcnhHUE16djRrMk8wa0FRTWdwNG5wTG0yR3VNNWR1ZjBEWHNmNkVzSFE1RWppd0E5SDJZa2JkNDRoRExEcU41ZGVSbFNJcDlPSVNHSkg4MGo5L05PMXd5T2xnV0E3WHhWZmxad0l1L2lXVjJyUzZ4QlJ2QVNTQUZiMC9Ec0hXTXN0ZDdTTThIQUcwWFBpSS9zeTBYU2ZjbjVWMi8xSDhqS1lVWTduMllFZm0xTlZSMnNVd0hEdTBwQ2xRNzlQYWYwUlUyb2lkUVFUTkxiSVhjWkt3bG89 HTTP 307
- https://cibago.com/xr.php?e=etdF%2B6hmdI%2B%2B%2BBl6xdFq7n49fnhkc2ZuUENBNDNYQlZkczNOUmxjbXdCRWVQUzRWOHhPRVY0cUZrQUlMaXQvMzRFNWFoUmQxbXgwaGxSM0dCaEZCYUtXNmZ6b3JMZ2h2Snp3VTErWnJ1aTFKTHVKbjZ3YlpIRG9qYkVWcHI0bFg2RHpSNGVYTWJEaDBoeFhrUks1SFRvUFhaSFVXR0t0bThCMU5BK0FWb2UveVl1M0JCOWFBQkliMnExMUFMRm9qbTN6eGFqVkhKd3lFTkdrZVFYR28xNUdkTk5CWHBaclZwQStmTEc4RlJTeEVjNFVjUkRnNWNzYzdtdkt2K0ZLVUVISEFIWWg0SHVQMXBUTHIvbjhicnlONWZUSWMzdFY3cFJSY2pDTmhZa25DZWZNdk9BTVowaEVxYmlXS2c5ZU9DSE9oQlphdGlrZ2JDcWpqcHV1NUJoWlcxMlpydWltMUNNWHppVXYzeHRrVFpkeU5MOEFMdVlpN0pQZkJMZE83NGpSSGtoN2hmZTgweGl2bUpmd2g1RXpubnIvUDJNVjRmU1VmMUJKT1FHcXVrQTZNL0JvNkY4S1h0dTN3bmp4TXd3T1EyL0NzaWd1Q3FSUG8zV0syQTk0RkVCT0U5cVN2RjllWjJlMTlJSFYzRWpHbHovY3VPUXo5dVd4RndiL1FyMXhZMWV3Z2kyZ29FRnJvaHhPMmFqVmNia2gwSFk5U2xrVFdBZ3lTanJucHJML1AzVzFTbjI4WmN3QWNuRUg1enpITXlEbzdZc05aNmVRSHBkTmMyM0FwTXdjMHd3anE2MG1NUHFWZGtHcXNTVXhRQlBuYXQ2MDhCWkpyVzN0cDUrQmNDdyttQ0xQOGZ2ZVB1ajl4WEd4a2gvUTFlYkhncmNYUHhRNTRNRUUzSThyMzljY0xEdXcxZ1NpcUprQmVwVTZxdUc4Z2p5L0ZRZG1YcWhLQk5VT3Z4RHl2Ni9MTlkwUHUyUCt5N1pqU2NBQVVVOW01UWZqK2VVODUvazRuV3B2ZWI4Ti8zTlp5TFB6amNxUzRxeU9DQlpISXZFM2Q5MHdzcFNQd2RzcnhHUE16djRrMk8wa0FRTWdwNG5wTG0yR3VNNWR1ZjBEWHNmNkVzSFE1RWppd0E5SDJZa2JkNDRoRExEcU41ZGVSbFNJcDlPSVNHSkg4MGo5L05PMXd5T2xnV0E3WHhWZmxad0l1L2lXVjJyUzZ4QlJ2QVNTQUZiMC9Ec0hXTXN0ZDdTTThIQUcwWFBpSS9zeTBYU2ZjbjVWMi8xSDhqS1lVWTduMllFZm0xTlZSMnNVd0hEdTBwQ2xRNzlQYWYwUlUyb2lkUVFUTkxiSVhjWkt3bG89
- https://textune.us/favicon.ico HTTP 302
- https://textune.us/wp-content/uploads/2024/01/cropped-556-Extension-logo-32x32.png
- https://safechromeaddons.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://safechromeaddons.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
17 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
shop2dayhd.co/ |
1 KB 866 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
iife.min.js
shop2dayhd.co/js/fingerprint/ |
33 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.0 |
favicon.ico
shop2dayhd.co/ |
94 B 170 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
xr.php
cibago.com/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jscheck.php
cibago.com/ |
0 150 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.0 |
favicon.ico
cibago.com/ |
94 B 170 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
safechromeaddons.com/verified/update-v2.9/ Redirect Chain
|
538 KB 361 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cropped-556-Extension-logo-32x32.png
textune.us/wp-content/uploads/2024/01/ Redirect Chain
|
860 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
21 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
17 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
rocket-loader.min.js
safechromeaddons.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
idnetify.js
safechromeaddons.com/verified/a/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
main.js
safechromeaddons.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame F425 Redirect Chain
|
9 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
8f59642a69b69048
safechromeaddons.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F425 |
0 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
.js
track.ads-analytix.com/d/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
8f59642a69b69048
safechromeaddons.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F425 |
0 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
rum
safechromeaddons.com/cdn-cgi/ |
0 144 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
favicon.ico
textune.us/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- textune.us
- URL
- https://textune.us/favicon.ico
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| __cfQR object| __cfBeacon function| dtpCallback boolean| __cfRLUnblockHandlers6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| shop2dayhd.co/ | Name: __tad Value: 1734800033.8446687 |
|
| .cibago.com/ | Name: __dsnsid Value: 2024122203535477ac1797025fb5cbe4 |
|
| .track.ads-analytix.com/ | Name: 73811a33-be9c-451d-ab39-b5c1d3c6bc93-v4 Value: fAmjExFULj2MiyhjpgMNu9lr9ozvapih5Ev2Rylsc24 |
|
| .track.ads-analytix.com/ | Name: cep-v4 Value: EzhyljweLSbq8fwUP98p9On7815KT6d0eLc_cr9S46rToMObNGSG_Ut93vikguHdz914pGOpX0TF4gQ42clwnweINg2fGnskGKtu6ZjDuWau7AngrMNNqNJ2PtR8ya4UOu0KNywWjj6geTdU9vpiHJX94G7NTr2Sn6oH7DvRgsUrg1KLUCIAV6BzQp3mTOJAGq2hnOfAzppi4Jw08VvKCWbyKsNVI_fTq9qi-qm_tZX8sWdc1twXWEkwLoFZI_HV7My12ihzmJCekoRmWOkAi10ZdlaWBkfPfPs2XI7JpAoA2lszJYt-NxmH_txeMAeRRO0MpWV8bsBp4XZBQzaV54IK4G16ph6lHnWhzhYSrevZzN-lg813xotMJx0fpi9YGvCT97-4GuxTC3a7Q4tdapYSiHLj8utLTlEDNQlomwsZ9dvq7iPWci9jjuz8A6kfUgbjzQzWPjyTPhs3SVefOOI7-rtjC8eU-6mxMKo1v8c |
|
| safechromeaddons.com/ | Name: vl-cep Value: cep=OFGGInnly5MQy8UqSQ6SkWB03jb_jMG7CMh5kq1icR4AK1rGPcDtPK6guV3c0yNBDfxJae_ryr4rfVW-Abp5qAKVmN_85Q9yPK8aLgwtdSTDFjmf6kpspegg4AI4Mcm4KPOe0O1yOQYEOLdVl6myXdSqLNMXJvHiLptZSDB8Ek_4oabwv_BkRwrCLybYrfVjmDCZEtdxs-RoWAzij7WVJyGaa-pyrAhEmqBx_7dUbzi9UUZQ-Pbb1iDDwOaNVxSk7FtQAK6xpyc1IjqEevxwPSv_ZSA-ny0OOWS1cEE8H5GhC5EdbwB2T83HIg7xnOq4WCnC15_8sbp7YjLTxCU-fLE73CCh9TQTdjgHqeyH1j1pq8eF4YVF25hWdqghpy4KeCAiO5G1G5k-N_LPh5PEc5adf5Q9RJf6HCHaY7uZHn7tfK5OsM4kx3uMZIo1DS9g_HPnq4mwnuVKOftsJqhkgQ |
|
| .safechromeaddons.com/ | Name: cf_clearance Value: WzckF4nM.Tt7JsFByXLe0qfm87iWMpk5Df0Lzrqd6cg-1734800038-1.2.1.1-UysL4KkwEQqGdpZc.xIxgaA4yUtVd9xEFBzUgLdxDw6JQjAPVHW4AwkgBEToP7uiJ5rc6Boain3BaTDpAtIixuf4HpM9m0KFjEl86OJ6n5IlzTuC63.3YurpaDg_Ti0P4EI5mXeetHyjrdAE_v2u0.BmqrSfJ7JyH2igInYigT7D8bK4en.R.LEbZ7HonuV5AzzD.W0CnHAigr70FxdMaARG4Fba3u._qSedeu_QLYCCmiZd4m8aDkPv1IODc93elBgOLxby1JY9GbF99ifR04A8NRJiYfBNB9pxokbDsaCS95zNdPmB_Uj2m30jChAx66hJSS5AVEm2ltXW8Dn.LYK70aBXq3SaMvOT7pIAqlS5lM0.xyrt2Ymz7VCdkKuF |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cibago.com
safechromeaddons.com
shop2dayhd.co
static.cloudflareinsights.com
textune.us
track.ads-analytix.com
textune.us
103.224.182.206
172.67.214.205
2600:9000:235a:aa00:1c:40fc:d500:93a1
2600:9000:235a:e000:1c:40fc:d500:93a1
2606:4700:3034::ac43:d6cd
2606:4700::6810:5049
35.209.47.14
70.32.1.32
0453a0a49a237c3a9ac4a6e79e084e88e8c0c58f8fda6b10d55d1c15ebdd6971
2ea34cb5304a88654903cc1a4a2fd56044fcfc353fe2699d7e07552caa27effe
2f46d4349ef23c1ee864d67f597bbe9d9a83c6ffc86dc272d22bacad56121351
666d13a5c569dae18697407a236b6f74113d055770fcc14e712d5f0fd2f0c2c8
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
97c867cbc0b7a40cb482bf464069fc55e52ae761c9cd7523083897be98dc8999
b76fca3a9a76bc787cba62e2376ef320550e337684e1ca090136bf3675822f55
c28f3c94298658ac0efa778368c4ddb3a87fe3cba3cd689afb191582ac5222c2
c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c26514e4487ac557e1e2a575739e42bfd2b7e0fd608cb80da58a30d8bafb61
fe175f0d78dd6db85f8ba95a9cf2d89d951dd2edf4d3b896d0a6ca2340c09822