urlscan.io logo urlscan.io
SecurityTrails logo

safewarns.com Open in urlscan Pro
132.148.232.95  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fsalfrwdr.com/bdv_rd.dbm?ownid=abc.crourhvw&enparms2=7961%2C1914209%2C2584878%2C7912%2C7912%2C9003%2C8082%2C0%...
Effective URL: https://safewarns.com/reviews/zaful.php?sgt=XLJP_c0L2GD4qnjI3jRZTsuG7hSlAjXV5rV39sF_9zrs5d-_l-NwOL3FYVyB&subid=67f066a...
Submission: On August 14 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 132.148.232.95, located in and belongs to . The main domain is safewarns.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 9th 2023. Valid for: 3 months.
This is the only time safewarns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
1 132.148.232.95 ()
4 2
Domain Requested by
2 fsalfrwdr.com
1 safewarns.com
1 533898.moveyouforward.co 1 redirects
1 533898.fsalfrwdr.com
4 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-02 -
2024-02-01		 a year crt.sh
safewarns.com
cPanel, Inc. Certification Authority		 2023-05-09 -
2023-08-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://safewarns.com/reviews/zaful.php?sgt=XLJP_c0L2GD4qnjI3jRZTsuG7hSlAjXV5rV39sF_9zrs5d-_l-NwOL3FYVyB&subid=67f066a7c3c641e10cab01be2fdbbfdc&mk=1
Frame ID: 4263C4BD9F2E9E9EA42EFD1D3047A437
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://fsalfrwdr.com/bdv_rd.dbm?ownid=abc.crourhvw&enparms2=7961%2C1914209%2C2584878%2C7912%2C791... Page URL
  2. https://fsalfrwdr.com/bdv_rd3.dbm?frdto=542035 Page URL
  3. https://533898.fsalfrwdr.com/bdvfrd.dbm?gten=68747470732533412532462532463533333839382e6d6f7665796f75666f... Page URL
  4. https://533898.moveyouforward.co/yardr.dbm?subid=67f066a7c3c641e10cab01be2fdbbfdc&ccd=DE&type=I-B-BUA-I-UADF-... HTTP 302
    https://safewarns.com/reviews/zaful.php?sgt=XLJP_c0L2GD4qnjI3jRZTsuG7hSlAjXV5rV39sF_9zrs5d-_l-NwOL... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

4
Requests

75 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

12 kB
Transfer

43 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fsalfrwdr.com/bdv_rd.dbm?ownid=abc.crourhvw&enparms2=7961%2C1914209%2C2584878%2C7912%2C7912%2C9003%2C8082%2C0%2C0%2C7916%2C0%2C1913032%2C542035%2C199560%2C113332567639%2C50209350%2Cabc.crourhvw&u_agnt=7f65ff317c237641f7aace3b7dac03d6&skter=crourhvw&czero=-1&cstate=zizlwvmfs&skwdb=MLI&ccntry=LI&cctid=&chsh=67f066a7c3c641e10cab01be2fdbbfdc&rn=30108281834&cf=24&frdto=542035 Page URL
  2. https://fsalfrwdr.com/bdv_rd3.dbm?frdto=542035 Page URL
  3. https://533898.fsalfrwdr.com/bdvfrd.dbm?gten=68747470732533412532462532463533333839382e6d6f7665796f75666f72776172642e636f25324679617264722e64626d25334673756269642533443637663036366137633363363431653130636162303162653266646262666463253236636364253344444525323674797065253344492d422d4255412d492d554144462d492d422d43582d4d4d4b2d56504e2d492d422d46355f4e49442d492d422d46355f5553472d492d422d4d4d4950322d524f2d44452d492d422d7a646634253236646c74253344302532366c63696425334431393036323938&sgntmp=lGR5Ak4pgfLJzb3PcZae6YtdQzXbz1nVw1sFa9%2BK03rSpcCsqKUVZOFXEAcKPtNlJdNQ5s3Mjg2S%2FLBbP7C3IV%2Bz4r9PnKTqR%2BkFuRp8%2BWWdfYy2V%2FJIaDLy%2Bq%2F548Kb9bH8yFu97Xm4A2qEdLbeKOnUT%2BSy3WvB&subid=67f066a7c3c641e10cab01be2fdbbfdc&ccd=DE&type=I-B-BUA-I-UADF-I-B-CX-MMK-VPN-I-B-F5_NID-I-B-F5_USG-I-B-MMIP2-RO-DE-I-B-zdf4&dlt=0&lcid=1906298&prn=ci8dfcb8eef5f6703f6f9cff8de2224aa9&bm=0 Page URL
  4. https://533898.moveyouforward.co/yardr.dbm?subid=67f066a7c3c641e10cab01be2fdbbfdc&ccd=DE&type=I-B-BUA-I-UADF-I-B-CX-MMK-VPN-I-B-F5_NID-I-B-F5_USG-I-B-MMIP2-RO-DE-I-B-zdf4&dlt=0&lcid=1906298 HTTP 302
    https://safewarns.com/reviews/zaful.php?sgt=XLJP_c0L2GD4qnjI3jRZTsuG7hSlAjXV5rV39sF_9zrs5d-_l-NwOL3FYVyB&subid=67f066a7c3c641e10cab01be2fdbbfdc&mk=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
bdv_rd.dbm
fsalfrwdr.com/ 		39 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fsalfrwdr.com/bdv_rd.dbm?ownid=abc.crourhvw&enparms2=7961%2C1914209%2C2584878%2C7912%2C7912%2C9003%2C8082%2C0%2C0%2C7916%2C0%2C1913032%2C542035%2C199560%2C113332567639%2C50209350%2Cabc.crourhvw&u_agnt=7f65ff317c237641f7aace3b7dac03d6&skter=crourhvw&czero=-1&cstate=zizlwvmfs&skwdb=MLI&ccntry=LI&cctid=&chsh=67f066a7c3c641e10cab01be2fdbbfdc&rn=30108281834&cf=24&frdto=542035
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:380a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b583ee0f39ea85edafd9b3ba3d0e1702844b585d23ca18cec1b0f430463b4e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options deny

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36 OPR/77.0.4054.172
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f69a3aeada639c1-FRA
content-encoding
gzip
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 13:45:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvYhTBSe5VPHVxflrd61ZVdiWrjDbBbB%2B%2BajXp9l9svcVMi9KDONxXb7SQttuj8Z%2FYeMTKDOjMmyI9qgKxk9i8wmYiH16CP0QSAePcIe9KPGeq%2BS5En8QL%2BmwQGQwVn2zRAJLiGGB7k7x3h2"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
deny
bdv_rd3.dbm
fsalfrwdr.com/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fsalfrwdr.com/bdv_rd3.dbm?frdto=542035
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:380a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://fsalfrwdr.com
Referer
https://fsalfrwdr.com/bdv_rd.dbm?ownid=abc.crourhvw&enparms2=7961%2C1914209%2C2584878%2C7912%2C7912%2C9003%2C8082%2C0%2C0%2C7916%2C0%2C1913032%2C542035%2C199560%2C113332567639%2C50209350%2Cabc.crourhvw&u_agnt=7f65ff317c237641f7aace3b7dac03d6&skter=crourhvw&czero=-1&cstate=zizlwvmfs&skwdb=MLI&ccntry=LI&cctid=&chsh=67f066a7c3c641e10cab01be2fdbbfdc&rn=30108281834&cf=24&frdto=542035
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36 OPR/77.0.4054.172
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f69a3b0d8ba39c1-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 13:45:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHFlySDU6PdnAZWR2G8xKTPQxjdBopUyTeMsp3gn83PVk9caDz7y6i%2BtP1LXbMq9ehyGt2MXMDJUJILZoFfhMokqgDxUaW%2Bpifx%2B7xioyI6JSKuRocayM%2Byxut2c%2FgCNTLN317Tkjd8SUq%2BF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
bdvfrd.dbm
533898.fsalfrwdr.com/ 		535 B
701 B 		Document
General
Check archive.org
Download Go to
Full URL
https://533898.fsalfrwdr.com/bdvfrd.dbm?gten=68747470732533412532462532463533333839382e6d6f7665796f75666f72776172642e636f25324679617264722e64626d25334673756269642533443637663036366137633363363431653130636162303162653266646262666463253236636364253344444525323674797065253344492d422d4255412d492d554144462d492d422d43582d4d4d4b2d56504e2d492d422d46355f4e49442d492d422d46355f5553472d492d422d4d4d4950322d524f2d44452d492d422d7a646634253236646c74253344302532366c63696425334431393036323938&sgntmp=lGR5Ak4pgfLJzb3PcZae6YtdQzXbz1nVw1sFa9%2BK03rSpcCsqKUVZOFXEAcKPtNlJdNQ5s3Mjg2S%2FLBbP7C3IV%2Bz4r9PnKTqR%2BkFuRp8%2BWWdfYy2V%2FJIaDLy%2Bq%2F548Kb9bH8yFu97Xm4A2qEdLbeKOnUT%2BSy3WvB&subid=67f066a7c3c641e10cab01be2fdbbfdc&ccd=DE&type=I-B-BUA-I-UADF-I-B-CX-MMK-VPN-I-B-F5_NID-I-B-F5_USG-I-B-MMIP2-RO-DE-I-B-zdf4&dlt=0&lcid=1906298&prn=ci8dfcb8eef5f6703f6f9cff8de2224aa9&bm=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:380a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36 OPR/77.0.4054.172
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f69a3b1b9d239c1-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 13:45:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxjbjYPIT3bSuqVVACdAYcJViMaooL6cKcgmcasDc6O2P9u01tQ4fHjbNCbDi7vd9b7%2F%2B3RfYWO8aomEmrzhX7jz6HgF87WTx7Mh6hCllC21TueYkUInBcO7jkwI5x8wTJo6EXZ6l6YDeKHRTtHlUYKf6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request zaful.php
safewarns.com/reviews/
Redirect Chain
  • https://533898.moveyouforward.co/yardr.dbm?subid=67f066a7c3c641e10cab01be2fdbbfdc&ccd=DE&type=I-B-BUA-I-UADF-I-B-CX-MMK-VPN-I-B-F5_NID-I-B-F5_USG-I-B-MMIP2-RO-DE-I-B-zdf4&dlt=0&lcid=1906298
  • https://safewarns.com/reviews/zaful.php?sgt=XLJP_c0L2GD4qnjI3jRZTsuG7hSlAjXV5rV39sF_9zrs5d-_l-NwOL3FYVyB&subid=67f066a7c3c641e10cab01be2fdbbfdc&mk=1
190 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://safewarns.com/reviews/zaful.php?sgt=XLJP_c0L2GD4qnjI3jRZTsuG7hSlAjXV5rV39sF_9zrs5d-_l-NwOL3FYVyB&subid=67f066a7c3c641e10cab01be2fdbbfdc&mk=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
132.148.232.95 -, , ASN (),
Reverse DNS
Software
Apache / PHP/7.4.33
Resource Hash

Request headers

Referer
https://533898.fsalfrwdr.com/bdvfrd.dbm?gten=68747470732533412532462532463533333839382e6d6f7665796f75666f72776172642e636f25324679617264722e64626d25334673756269642533443637663036366137633363363431653130636162303162653266646262666463253236636364253344444525323674797065253344492d422d4255412d492d554144462d492d422d43582d4d4d4b2d56504e2d492d422d46355f4e49442d492d422d46355f5553472d492d422d4d4d4950322d524f2d44452d492d422d7a646634253236646c74253344302532366c63696425334431393036323938&sgntmp=lGR5Ak4pgfLJzb3PcZae6YtdQzXbz1nVw1sFa9%2BK03rSpcCsqKUVZOFXEAcKPtNlJdNQ5s3Mjg2S%2FLBbP7C3IV%2Bz4r9PnKTqR%2BkFuRp8%2BWWdfYy2V%2FJIaDLy%2Bq%2F548Kb9bH8yFu97Xm4A2qEdLbeKOnUT%2BSy3WvB&subid=67f066a7c3c641e10cab01be2fdbbfdc&ccd=DE&type=I-B-BUA-I-UADF-I-B-CX-MMK-VPN-I-B-F5_NID-I-B-F5_USG-I-B-MMIP2-RO-DE-I-B-zdf4&dlt=0&lcid=1906298&prn=ci8dfcb8eef5f6703f6f9cff8de2224aa9&bm=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36 OPR/77.0.4054.172
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-length
125
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 13:45:43 GMT
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f69a3b4681d9b2b-FRA
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 13:45:39 GMT
location
https://safewarns.com/reviews/zaful.php?sgt=XLJP_c0L2GD4qnjI3jRZTsuG7hSlAjXV5rV39sF_9zrs5d-_l-NwOL3FYVyB&subid=67f066a7c3c641e10cab01be2fdbbfdc&mk=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7Pz1rHcIOmzWbRLhwaaezdqWoL7PcqWcWf1AFAfNNC8qtldLNlsTJnon%2BcGDw8uLy4rp8Zoyjat6K6wpKsXIcmt3tmpQuQS98gFaE09zkRaK7coitPf4DC0re0ui68PH2neba4A%2Fn8F5JY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
fsalfrwdr.com/ Name: ci8dfcb8eef5f6703f6f9cff8de2224aa9
Value: 1692020791
fsalfrwdr.com/ Name: ci8dfcb8eef5f6703f6f9cff8de2224aa9_js
Value: 1692020798509
fsalfrwdr.com/ Name: CF24-1001a7d483c9b8f463db6fb1f55e67ea9
Value: 1692099931

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

533898.fsalfrwdr.com
533898.moveyouforward.co
fsalfrwdr.com
safewarns.com
132.148.232.95
188.114.97.3
2606:4700:3035::6815:380a
5b583ee0f39ea85edafd9b3ba3d0e1702844b585d23ca18cec1b0f430463b4e4