urlscan.io logo urlscan.io
SecurityTrails logo

yataganmon.com Open in urlscan Pro
2606:4700:3032::6815:55e1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/l3i0e7l1w1l2y4c0/q3g6o5o3w8g9m2b5.html#PfJON.s3g7yywbf?gAAAAABlZvkdB2ALVxVXME-SLwhL4TVT2JT_Q3W-t...
Effective URL: https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
Submission: On November 29 via manual from CA — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3032::6815:55e1, located in United States and belongs to CLOUDFLARENET, US. The main domain is yataganmon.com.
TLS certificate: Issued by E1 on October 12th 2023. Valid for: 3 months.
This is the only time yataganmon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 82.81.85.226 8551 (BEZEQ-INT...)
1 45.133.235.141 57271 (BITWEB-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
9 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
5 2606:4700:303... 13335 (CLOUDFLAR...)
18 6
1    2607:f8b0:4006:80b::201b (United States)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    82.81.85.226 (Revivim, Israel)

ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL)
PTR: bzq-82-81-85-226.red.bezeqint.net
fenemoregroup.com
1    45.133.235.141 (Moscow, Russian Federation)

ASN57271 (BITWEB-AS, RU)
PTR: 235019.bitweb.ru
expedientrend.com
1    2606:4700:3034::ac43:ae4c (United States)

ASN13335 (CLOUDFLARENET, US)
gallyboats.live
9    2606:4700:3032::6815:55e1 (United States)

ASN13335 (CLOUDFLARENET, US)
yataganmon.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
5    2606:4700:3030::6815:4803 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-essursta.com
event.trk-essursta.com
Apex Domain
Subdomains		 Transfer
9 yataganmon.com
yataganmon.com
96 KB
5 trk-essursta.com
trk-essursta.com — Cisco Umbrella Rank: 229296
event.trk-essursta.com — Cisco Umbrella Rank: 242638
3 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
33 KB
1 gallyboats.live
gallyboats.live
677 B
1 expedientrend.com
expedientrend.com
421 B
1 fenemoregroup.com
fenemoregroup.com
320 B
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 409
579 B
0 bing.com Failed
www.bing.com Failed
18 8
Domain Requested by
9 yataganmon.com expedientrend.com
yataganmon.com
4 event.trk-essursta.com trk-essursta.com
1 trk-essursta.com yataganmon.com
1 code.jquery.com yataganmon.com
1 gallyboats.live 1 redirects
1 expedientrend.com storage.googleapis.com
1 fenemoregroup.com 1 redirects
1 storage.googleapis.com
0 www.bing.com Failed
18 9

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
expedientrend.com
R3		 2023-10-19 -
2024-01-17		 3 months crt.sh
yataganmon.com
E1		 2023-10-12 -
2024-01-10		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
trk-essursta.com
GTS CA 1P5		 2023-10-19 -
2024-01-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
Frame ID: 270B06D2E86470A47A232B1F9A1D2D13
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft

Page URL History Show full URLs

  1. https://storage.googleapis.com/l3i0e7l1w1l2y4c0/q3g6o5o3w8g9m2b5.html Page URL
  2. http://fenemoregroup.com/anchorPfJON.s3g7yywbf?gAAAAABlZvkdB2ALVxVXME-SLwhL4TVT2JT_Q3W-tLcVJwOOMW5OzC... HTTP 302
    https://expedientrend.com/0/0/0/740482842ac38391603fce2b42b7cdcf/v8-MKJw-kUSzNv6F9P%7EJyunmFPLPAELd60k... Page URL
  3. https://gallyboats.live/?s1=350617&s2=1095945678&s3=6268&s10=3632 HTTP 302
    https://yataganmon.com/59dcf1993e18d7debe81508930184cf9 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

94 %
HTTPS

71 %
IPv6

8
Domains

9
Subdomains

6
IPs

3
Countries

133 kB
Transfer

212 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/l3i0e7l1w1l2y4c0/q3g6o5o3w8g9m2b5.html Page URL
  2. http://fenemoregroup.com/anchorPfJON.s3g7yywbf?gAAAAABlZvkdB2ALVxVXME-SLwhL4TVT2JT_Q3W-tLcVJwOOMW5OzCTe8fsmg9HRBDKdS2JqgWTOYj_hzFoILvqIoQ7f4QncdrSl2RFGFbBV9tj2ln9cwq8978_abx5HJx6MpCyfWmKYHw-EaZudRu0uNTGlASyvYA== HTTP 302
    https://expedientrend.com/0/0/0/740482842ac38391603fce2b42b7cdcf/v8-MKJw-kUSzNv6F9P%7EJyunmFPLPAELd60kE/HBJju17TkVil4xr9-QCm-CLRgPaFPZ%7EXQ%7Ew/tpVnX-HLewA Page URL
  3. https://gallyboats.live/?s1=350617&s2=1095945678&s3=6268&s10=3632 HTTP 302
    https://yataganmon.com/59dcf1993e18d7debe81508930184cf9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://fenemoregroup.com/anchorPfJON.s3g7yywbf?gAAAAABlZvkdB2ALVxVXME-SLwhL4TVT2JT_Q3W-tLcVJwOOMW5OzCTe8fsmg9HRBDKdS2JqgWTOYj_hzFoILvqIoQ7f4QncdrSl2RFGFbBV9tj2ln9cwq8978_abx5HJx6MpCyfWmKYHw-EaZudRu0uNTGlASyvYA== HTTP 302
  • https://expedientrend.com/0/0/0/740482842ac38391603fce2b42b7cdcf/v8-MKJw-kUSzNv6F9P%7EJyunmFPLPAELd60kE/HBJju17TkVil4xr9-QCm-CLRgPaFPZ%7EXQ%7Ew/tpVnX-HLewA
Request Chain 12
  • https://yataganmon.com/59dcf1993e18d7debe81508930184cf9 HTTP 302
  • https://www.bing.com/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
q3g6o5o3w8g9m2b5.html
storage.googleapis.com/l3i0e7l1w1l2y4c0/ 		111 B
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/l3i0e7l1w1l2y4c0/q3g6o5o3w8g9m2b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
111
content-type
text/html
date
Wed, 29 Nov 2023 16:14:26 GMT
etag
"3217d3c75d5f4894d83033ab027db4ac"
expires
Wed, 29 Nov 2023 17:14:26 GMT
last-modified
Thu, 22 Jun 2023 11:03:05 GMT
server
UploadServer
x-goog-generation
1687431785956834
x-goog-hash
crc32c=66cFgA== md5=MhfTx11fSJTYMDOrAn20rA==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
111
x-guploader-uploadid
ABPtcPrhz5jOUgxV5zMUpwMk3m93V-irnbvhFySrRpZCENJFl7I6W2kxmyKm7fWzYja_PrTLFUw
tpVnX-HLewA
expedientrend.com/0/0/0/740482842ac38391603fce2b42b7cdcf/v8-MKJw-kUSzNv6F9P%7EJyunmFPLPAELd60kE/HBJju17TkVil4xr9-QCm-CLRgPaFPZ%7EXQ%7Ew/
Redirect Chain
  • http://fenemoregroup.com/anchorPfJON.s3g7yywbf?gAAAAABlZvkdB2ALVxVXME-SLwhL4TVT2JT_Q3W-tLcVJwOOMW5OzCTe8fsmg9HRBDKdS2JqgWTOYj_hzFoILvqIoQ7f4QncdrSl2RFGFbBV9tj2ln9cwq8978_abx5HJx6MpCyfWmKYHw-EaZudRu...
  • https://expedientrend.com/0/0/0/740482842ac38391603fce2b42b7cdcf/v8-MKJw-kUSzNv6F9P%7EJyunmFPLPAELd60kE/HBJju17TkVil4xr9-QCm-CLRgPaFPZ%7EXQ%7Ew/tpVnX-HLewA
128 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://expedientrend.com/0/0/0/740482842ac38391603fce2b42b7cdcf/v8-MKJw-kUSzNv6F9P%7EJyunmFPLPAELd60kE/HBJju17TkVil4xr9-QCm-CLRgPaFPZ%7EXQ%7Ew/tpVnX-HLewA
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/l3i0e7l1w1l2y4c0/q3g6o5o3w8g9m2b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.133.235.141 Moscow, Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS
235019.bitweb.ru
Software
Apache /
Resource Hash

Request headers

Referer
https://storage.googleapis.com/l3i0e7l1w1l2y4c0/q3g6o5o3w8g9m2b5.html#PfJON.s3g7yywbf?gAAAAABlZvkdB2ALVxVXME-SLwhL4TVT2JT_Q3W-tLcVJwOOMW5OzCTe8fsmg9HRBDKdS2JqgWTOYj_hzFoILvqIoQ7f4QncdrSl2RFGFbBV9tj2ln9cwq8978_abx5HJx6MpCyfWmKYHw-EaZudRu0uNTGlASyvYA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
128
content-type
text/html; charset=UTF-8
date
Wed, 29 Nov 2023 16:14:28 GMT
server
Apache

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 29 Nov 2023 16:14:26 GMT
Location
https://expedientrend.com/0/0/0/740482842ac38391603fce2b42b7cdcf/v8-MKJw-kUSzNv6F9P%7EJyunmFPLPAELd60kE/HBJju17TkVil4xr9-QCm-CLRgPaFPZ%7EXQ%7Ew/tpVnX-HLewA
Server
Apache
Primary Request 59dcf1993e18d7debe81508930184cf9
yataganmon.com/
Redirect Chain
  • https://gallyboats.live/?s1=350617&s2=1095945678&s3=6268&s10=3632
  • https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
Requested by
Host: expedientrend.com
URL: https://expedientrend.com/0/0/0/740482842ac38391603fce2b42b7cdcf/v8-MKJw-kUSzNv6F9P%7EJyunmFPLPAELd60kE/HBJju17TkVil4xr9-QCm-CLRgPaFPZ%7EXQ%7Ew/tpVnX-HLewA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:55e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdee5799a9ae9fdc1b6dc724044a76c4106543068b601ff6d7b01dd13dac64be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://expedientrend.com/0/0/0/740482842ac38391603fce2b42b7cdcf/v8-MKJw-kUSzNv6F9P%7EJyunmFPLPAELd60kE/HBJju17TkVil4xr9-QCm-CLRgPaFPZ%7EXQ%7Ew/tpVnX-HLewA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
82dc24d9c8784bcf-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 29 Nov 2023 16:14:29 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kD8OV5oAq9JOi%2FYJFDmkvWCN3KfCtSaEnQLvizgbzPPSKTXUWF8k2b%2B4RPFSEiOvTdpP10yGlX6YyCxAbEN9KJcp499tQ2bo79RuWyHHb1%2Fv01FsvXcNOgELKK5JpWJfvZHD9ji3zhYLPc4gMA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
82dc24d47cc04bbd-BUF
content-type
text/html; charset=UTF-8
date
Wed, 29 Nov 2023 16:14:29 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GooYyMDDamSu6AUz5O7zAHNroOoFB4Xu35MNVskNjYP02K7xsOnJoNOm3%2FTtpUI96a60VSTA%2FAD8UMjcAMsN%2B8LMRtmkgetQ%2F4TX%2F5xhQJ1jd9jLcE0FZGi3ggMZ46vWyT3cIab%2BT%2FXv5z7cuUE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
_style10.css
yataganmon.com/fim/d49c63f2eb987c8071ceeba96cc7df00/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yataganmon.com/fim/d49c63f2eb987c8071ceeba96cc7df00/_style10.css
Requested by
Host: yataganmon.com
URL: https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:55e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9189c40bb35200cebcea3cb51d71949301d5973176bf8e4ebf4171000949ec2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:14:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/security-threat-detected/1.0/assets/_style10.css"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tlkH05ZUMdbLteQgd8Zur7fJbXXUiso8DxzIEXmBGa5pc2jX6U0O%2BkKa%2Fn9q%2BGxRm0YqJE6QzxY4%2Bis0K0qrOxtWy71NIv5FlVDmy%2B%2BPzpL5HWsK0wNuc3nHWbj7%2B4KtcclqhpksDDU6KijyzA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
82dc24dda8984bcf-BUF
expires
Thu, 19 Nov 1981 08:52:00 GMT
_style.css
yataganmon.com/fim/d49c63f2eb987c8071ceeba96cc7df00/ 		217 B
541 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yataganmon.com/fim/d49c63f2eb987c8071ceeba96cc7df00/_style.css
Requested by
Host: yataganmon.com
URL: https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:55e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aff2bb394e4f70be423230ac94f631a5a33aec9cfa2c06cd07506944776c126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:14:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/security-threat-detected/1.0/assets/_style.css"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWuEerKv%2BplHA5qFhANwzNXriJ7cDxxVJ2FOitX8OIukRlFnhub1GgpgOaJe8PQyMvcC33kh%2F%2Bk3Ev85zjpmpY9gAkxmsrEIMztrfxbCQgMMFyGZpRrE6GhM2pc8zJCQOmlo9hZPVOrl4t1O%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
82dc24dda8994bcf-BUF
expires
Thu, 19 Nov 1981 08:52:00 GMT
script.js
yataganmon.com/fim/d49c63f2eb987c8071ceeba96cc7df00/ 		1 KB
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yataganmon.com/fim/d49c63f2eb987c8071ceeba96cc7df00/script.js
Requested by
Host: yataganmon.com
URL: https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:55e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9e8316346ff51d515a55d8ee5489bf99ea28e1171b46463956ba8e8e6c9ceeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:14:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/security-threat-detected/1.0/assets/script.js"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOP4wlkCuJLJ4nGeaG4Z91%2FMVIU8dHmr82uySqSGJYmmyrKNb79z0RLGW9gmbFkCixErXub3xXisOUesdMXmwtyX0JOKu3sFv2a28IZWlO0n0jkeKMXvW9h48SNh1%2FdcfKDz0KMbFHxcx519cA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
82dc24dda89a4bcf-BUF
expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery-1.12.4.min.js
code.jquery.com/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.4.min.js
Requested by
Host: yataganmon.com
URL: https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:14:30 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
6473863
x-cache
HIT, HIT
content-length
33738
x-served-by
cache-lga21956-LGA, cache-nyc-kteb1890060-NYC
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1701274470.091779,VS0,VE0
etag
W/"28feccc0-17b8b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
207, 119101
msg.v3.js
yataganmon.com/inc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yataganmon.com/inc/msg.v3.js?65676365dc35d
Requested by
Host: yataganmon.com
URL: https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:55e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448b2102656fc14a1cd8cc0e30a1d41aca27281ed91b00fb7cf5a23c7d8f8749
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:14:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 11 Jul 2023 21:35:45 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuNgToTJ569OEHIcPoJRUVZM8x9SxUazfbBe%2BEBHdRX%2BY7amUF1INJOdiC2c5XgMWHtKXAvlixi%2Bx22xRvdltBjoM%2BGVazgyXayUjh%2BVsIc0tRlbkwHzk2dCZNRvbHaxwNWcGaE7ntVo85vqlw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
82dc24dda89b4bcf-BUF
expires
Wed, 06 Dec 2023 16:14:30 GMT
21b4f3f821c0f2f92be611fc59195782.png
yataganmon.com/fim/3632/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yataganmon.com/fim/3632/21b4f3f821c0f2f92be611fc59195782.png
Requested by
Host: yataganmon.com
URL: https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:55e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
782ee31b8e65bf5e914bf456a38b2f15cd9fa77332656923005a5c7af984f4fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:14:30 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
65157
x-xss-protection
1; mode=block
last-modified
Wed, 29 Nov 2023 16:14:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0bdcGlU9g7kCEUViboe9UWYPJb2OeWjmIN%2FG3RpjjPIyEwRnz2pN9tqPwaToVw0MrgCLmUS8kb7WtPOs4kQZ%2FK34P%2Bpb47sTjJ2fVaBHHs2q1hd%2B%2B8srIm3vJuBJ7w1QuQBVSHy4w4X6jmsHA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
82dc24dda89c4bcf-BUF
expires
Wed, 06 Dec 2023 16:14:30 GMT
functions.js
yataganmon.com/templates/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yataganmon.com/templates/assets/functions.js?v=1701274469
Requested by
Host: yataganmon.com
URL: https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:55e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1908b6d87018ef3498ad5977f9502a2f8ab1dfdd9b2d17bd3e9dad19aa1b447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:14:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 25 Oct 2023 20:25:26 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0jbWdroPk%2Blw3vfI2KeoIN51ldo9qmDJXSKQg2RCAhuWAflKYhOqe0R638ts4oosRmNW4Jgq9GLOiBU8%2BDXbuvytQtGraiNIp9w2hJkZlmF%2FxJfuAY14%2BMBTB%2FPXfmlXi0BM%2F8zvNpPYVM2qA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
82dc24dda89d4bcf-BUF
expires
Wed, 06 Dec 2023 16:14:30 GMT
v9e118mez8
trk-essursta.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-essursta.com/scripts/push/v9e118mez8
Requested by
Host: yataganmon.com
URL: https://yataganmon.com/inc/msg.v3.js?65676365dc35d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c65c15e3af0d349af61501f7749076aacef349171d95638bb475f800d8367084
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:14:30 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rrmWxI7MuI2yDLsa5fJwdmkZduTw57M21R24cwo4xYprukMNX6msqmJB1up8T1km6YlN1%2B42jCiZvLy7Kji9baeNbDlKpHoOSywBVOZA7LENM9E%2Fg1%2F%2BUp6338mlzkCq0yTUvXqJTVW9i0lVlbn"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
82dc24e1ce9a4bd8-BUF
expires
0
img1.jpeg
yataganmon.com/views/security-threat-detected/1.0/assets/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yataganmon.com/views/security-threat-detected/1.0/assets/img1.jpeg
Requested by
Host: yataganmon.com
URL: https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:55e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68bd43afffdd14a7f819839e34914e40358fc737841b254e6e5f341c5eac0fcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:14:30 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
337406
alt-svc
h3=":443"; ma=86400
content-length
11841
x-xss-protection
1; mode=block
last-modified
Wed, 01 Nov 2023 17:16:43 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjQ4b3SFUQvbago1E1D8h8YwVyAUxT9S%2FrK3UxkEGtszIk2U84SehCu7a0bGueYKzzpJoEPVGzorRNUSvAJ49UJoHfirSetY5o9z%2FRJm08bNrzjGvcxrmoE8YOlTRKI%2BTb6QfiDtkMNR3OcuHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
82dc24e13f654bc9-BUF
expires
Sat, 02 Dec 2023 18:31:04 GMT
cs4.mp3
yataganmon.com/views/security-threat-detected/1.0/assets/ 		10 KB
10 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://yataganmon.com/views/security-threat-detected/1.0/assets/cs4.mp3
Requested by
Host: yataganmon.com
URL: https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:55e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dbb717513e60e28d05796164577a06f908500f177ad4a0db44b8a93dcb5c8cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 29 Nov 2023 16:14:30 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-9805/9806
alt-svc
h3=":443"; ma=86400
Content-Length
9806
x-xss-protection
1; mode=block
last-modified
Wed, 01 Nov 2023 17:16:43 GMT
server
cloudflare
vary
User-Agent,User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
audio/mpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAwKgijc9tO3MKV8kcmEZy0ahEMrVqnlNXLV%2BvYt8SsG4MtW033eppLIKLmPGv%2BA0v5O1eoldLcyUXX80nZ71VW%2BivrPIxvSwoCFyFm9D3V5mhJt91QvMwKs1ZzBYKYS0Ihyvc%2Fs%2Bems30Ky8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
82dc24e15f664bc9-BUF
/
www.bing.com/
Redirect Chain
  • https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
  • https://www.bing.com/
0
0
v9e118mez8
event.trk-essursta.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-essursta.com/register/event_log/v9e118mez8
Requested by
Host: trk-essursta.com
URL: https://trk-essursta.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Wed, 29 Nov 2023 16:14:31 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lA9vP2mmD8%2Fq5830RzNBfTjEIfRkBbdMYbVPgBlcBQJrsp5PbWnrWfE%2FgnFJlwWFepENl5HfdHn8kNoc%2BwZyrpBVb1u3ZA4pia6EVs4L3S0aRZA8M%2BrcrZpr9irfInmM6Lsk8JoDe%2BTb%2FK0XUwNbxc2FBHI"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
82dc24e50fa54bc9-BUF
x-pushplatformapp-params
v9e118mez8
event.trk-essursta.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-essursta.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://yataganmon.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
82dc24e46f974bc9-BUF
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Wed, 29 Nov 2023 16:14:31 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqqIlOVwcxTUX0bFuBo2UiIdXHiTJijuATOH7FwlxPAUiJ1HIPg6I86BeaJEwYluZCZioje5tH5Ln2fzwZt%2FRfuOro4%2FeqwPKNVpPPEel4O3o%2BXevftlbbYesUaNXWxKBK3ICaWMH9v3Z5YlZwMPulC3JwEc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-essursta.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-essursta.com/register/event_log/v9e118mez8
Requested by
Host: trk-essursta.com
URL: https://trk-essursta.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Wed, 29 Nov 2023 16:14:31 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbgjymKRXp%2B0qOfa0GttvKOiccoodHRCZBdhpzUxFr%2FeZb5vPA1SSUPeH2QRtdMn0m3ACuFeQoExpe6k%2BxKTHv1rDzu98R8nIKdopEXcRBHP0mKiYXKmTnDQk9ONV5PMN8K891To2Tvpo%2BsaRalYVrSWrpj1"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
82dc24e50fa64bc9-BUF
x-pushplatformapp-params
v9e118mez8
event.trk-essursta.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-essursta.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://yataganmon.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
82dc24e46f984bc9-BUF
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Wed, 29 Nov 2023 16:14:31 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKcbLDuE7%2BYjlCDYvQTtUZBCnSEOPLKN24PvB%2B%2FXcZEr0IYw7hWiKkJc%2BL8YkoLWRMvQ17qyS%2BCQteHkekn82HfTskOZT9GqqWWrfuPdgvVp4sYn%2BeI8ntYCpyRz9ZXER6bBH9EhgroScf91q%2B0zAnQGh2tz"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.bing.com
URL
https://www.bing.com/

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| timer function| countdown function| $ function| jQuery function| change function| pushCount object| MYCALL string| s1 string| s2 string| fp string| esource string| pshpub string| pshdomain string| pshfingerprint object| currentdate object| months number| refresh_page string| popUrl string| s3 number| time function| popunder function| mfq_tags undefined| data undefined| email_prepop function| refresh function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore

3 Cookies

Domain/Path Name / Value
expedientrend.com/ Name: uid6268
Value: 1095945678-20231129111428-b5ca16ae309bca8b21b2276a3a367b43-
gallyboats.live/ Name: PHPSESSID
Value: f06fbe67004a78c67c89158bd89c5465
yataganmon.com/ Name: PHPSESSID
Value: 5134b8a430b7dfde26a909356229e7e4

3 Console Messages

Source Level URL
Text
other error URL: https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
javascript error URL: https://yataganmon.com/59dcf1993e18d7debe81508930184cf9
Message:
Access to XMLHttpRequest at 'https://www.bing.com/' (redirected from 'https://yataganmon.com/59dcf1993e18d7debe81508930184cf9') from origin 'https://yataganmon.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.bing.com/
Message:
Failed to load resource: net::ERR_FAILED