urlscan.io logo urlscan.io
SecurityTrails logo

dkdutjs.click Open in urlscan Pro
185.66.201.8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vdbaa.com/fullpage.php?section=General&pub=497839&ga=g
Effective URL: https://dkdutjs.click/go.php?go=https%3A%2F%2Fs1.30301.click%2F%3Futm_medium%3D1c8a39bdc24f9bf01a896823c2517f52e2f1f50...
Submission: On June 02 via manual from IN — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 15 HTTP transactions. The main IP is 185.66.201.8, located in and belongs to . The main domain is dkdutjs.click.
TLS certificate: Issued by R3 on April 19th 2024. Valid for: 3 months.
This is the only time dkdutjs.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 185.66.200.220 201702 (SKHOSTING-EU)
1 8 185.66.200.221 201702 (SKHOSTING-EU)
2 142.250.186.68 15169 (GOOGLE)
1 142.250.186.74 15169 (GOOGLE)
1 142.250.185.227 15169 (GOOGLE)
1 185.66.201.58 201702 (SKHOSTING-EU)
1 216.58.212.142 ()
1 185.66.201.8 ()
15 8
2    185.66.200.220 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu
vdbaa.com
8    185.66.200.221 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.221.skhosting.eu
yx-tr-val.com
2    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
1    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
fonts.googleapis.com
1    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
www.gstatic.com
1    185.66.201.58 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.58.skhosting.eu
namel.net
1    216.58.212.142 (None, )

ASN- ()
www.google-analytics.com
1    185.66.201.8 (None, )

ASN- ()
dkdutjs.click
Apex Domain
Subdomains		 Transfer
8 yx-tr-val.com
yx-tr-val.com
140 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
974 B
2 vdbaa.com
vdbaa.com
1 KB
1 dkdutjs.click
dkdutjs.click
348 B
1 google-analytics.com
www.google-analytics.com
1 namel.net
namel.net
928 B
1 gstatic.com
www.gstatic.com
211 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
0 30301.click Failed
s1.30301.click Failed
15 9
Domain Requested by
8 yx-tr-val.com 1 redirects yx-tr-val.com
2 www.google.com yx-tr-val.com
www.gstatic.com
2 vdbaa.com 2 redirects
1 dkdutjs.click namel.net
1 www.google-analytics.com namel.net
1 namel.net
1 www.gstatic.com www.google.com
1 fonts.googleapis.com yx-tr-val.com
0 s1.30301.click Failed dkdutjs.click
15 9

This site contains no links.

Subject Issuer Validity Valid
yx-tr-val.com
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh
*.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
namel.net
R3		 2024-05-04 -
2024-08-02		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
dkdutjs.click
R3		 2024-04-19 -
2024-07-18		 3 months crt.sh

This page contains 2 frames:

Frame: https://s1.30301.click/?utm_medium=1c8a39bdc24f9bf01a896823c2517f52e2f1f505&utm_campaign=smart2&1=30229204&cid=90affC1717314608aff6c4d29f779216a520a611
Frame ID: B0812AD5579803EA97BCF513AD4F28B4
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-&co=aHR0cHM6Ly95eC10ci12YWwuY29tOjQ0Mw..&hl=iw&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=r169qpfxxn6p
Frame ID: 951FC7D55DFF82F18C963E81200570B2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://vdbaa.com/fullpage.php?section=General&pub=497839&ga=g HTTP 302
    https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20v... Page URL
  2. https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbH... HTTP 302
    https://vdbaa.com/fullpage.php?section=General&pub=497839&ga=g&rr=&dom_id=50016965&yXcrs=95 HTTP 302
    https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrxxCjjZAGrrdkCiGkkjd... Page URL
  3. https://dkdutjs.click/go.php?go=https%3A%2F%2Fs1.30301.click%2F%3Futm_medium%3D1c8a39bdc24f9bf01a8... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

15
Requests

93 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

8
IPs

2
Countries

354 kB
Transfer

722 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vdbaa.com/fullpage.php?section=General&pub=497839&ga=g HTTP 302
    https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9 Page URL
  2. https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9 HTTP 302
    https://vdbaa.com/fullpage.php?section=General&pub=497839&ga=g&rr=&dom_id=50016965&yXcrs=95 HTTP 302
    https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrxxCjjZAGrrdkCiGkkjdCpCirNrjGNGjNppCrCZZZCCrixCrZACrCrGCxCiZpArGxkiCCZji_26824&adApiR=loaded_string_2568391dbf656618e153efbcd7c780381f7ac_2938402_1717314608.0824_77515&refferer=2934460968_aHR0cDovLzQ5NzgzOS55bGxpeC5jb20=&yxDom=dmRiYWEuY29t_9f0199818f55a7669128123a276be0b0 Page URL
  3. https://dkdutjs.click/go.php?go=https%3A%2F%2Fs1.30301.click%2F%3Futm_medium%3D1c8a39bdc24f9bf01a896823c2517f52e2f1f505%26utm_campaign%3Dsmart2%261%3D30229204%26cid%3D90affC1717314608aff6c4d29f779216a520a611&do=1266371c89b6138c73962e0197e82765 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://vdbaa.com/fullpage.php?section=General&pub=497839&ga=g HTTP 302
  • https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
Request Chain 11
  • https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9 HTTP 302
  • https://vdbaa.com/fullpage.php?section=General&pub=497839&ga=g&rr=&dom_id=50016965&yXcrs=95 HTTP 302
  • https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrxxCjjZAGrrdkCiGkkjdCpCirNrjGNGjNppCrCZZZCCrixCrZACrCrGCxCiZpArGxkiCCZji_26824&adApiR=loaded_string_2568391dbf656618e153efbcd7c780381f7ac_2938402_1717314608.0824_77515&refferer=2934460968_aHR0cDovLzQ5NzgzOS55bGxpeC5jb20=&yxDom=dmRiYWEuY29t_9f0199818f55a7669128123a276be0b0

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index_v3.php
yx-tr-val.com/crs/
Redirect Chain
  • https://vdbaa.com/fullpage.php?section=General&pub=497839&ga=g
  • https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.221.skhosting.eu
Software
nginx /
Resource Hash
ef8ea652395e018fac403bf25ad54262fefad2ad8ab513e40c671a3cddd4efcf

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 02 Jun 2024 07:50:04 GMT
server
nginx

Redirect headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type
text/html; charset=UTF-8
date
Sun, 02 Jun 2024 07:50:04 GMT
expires
Sun, 02 Jun 2024 07:50:04 GMT
last-modified
Sun, 02 Jun 2024 07:50:04 GMT
location
https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
pragma
no-cache
server
nginx
x-robots-tag
noindex, nofollow, noarchive, nosnippet
bootstrap.min.css
yx-tr-val.com/crs/css/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yx-tr-val.com/crs/css/bootstrap.min.css
Requested by
Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.221.skhosting.eu
Software
nginx /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 07:50:04 GMT
last-modified
Fri, 13 Apr 2018 15:24:45 GMT
server
nginx
accept-ranges
bytes
etag
"5ad0cbbd-1d970"
content-length
121200
content-type
text/css
main.css
yx-tr-val.com/crs/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yx-tr-val.com/crs/css/main.css?v2
Requested by
Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.221.skhosting.eu
Software
nginx /
Resource Hash
2347125f250e16855d8229f8e941cc376dfe7a9d5caddc3206d20952b1f46c48

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 07:50:04 GMT
last-modified
Mon, 30 Apr 2018 06:33:38 GMT
server
nginx
accept-ranges
bytes
etag
"5ae6b8c2-96e"
content-length
2414
content-type
text/css
loading.gif
yx-tr-val.com/crs/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yx-tr-val.com/crs/img/loading.gif
Requested by
Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.221.skhosting.eu
Software
nginx /
Resource Hash
acccc31dbf746699a0d02ae545cf89a194d7158732cb5a88f4a514e04ea3fc1d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 07:50:04 GMT
last-modified
Sat, 23 Nov 2019 00:21:28 GMT
server
nginx
accept-ranges
bytes
etag
"5dd87b88-f6f"
content-length
3951
content-type
image/gif
api.js
www.google.com/recaptcha/ 		1 KB
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-
Requested by
Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
10045fdab46dfe64f57a2db0f44093dc54e7e244e009f4408cf62416ac473f04
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://yx-tr-val.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 07:50:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 02 Jun 2024 07:50:04 GMT
logo.png
yx-tr-val.com/crs/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yx-tr-val.com/crs/img/logo.png
Requested by
Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.221.skhosting.eu
Software
nginx /
Resource Hash
8b0c746b1dfbfd8429d32fcb994fb2223fb4724a5942e255bb4a4e96351579ef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 07:50:04 GMT
last-modified
Fri, 13 Apr 2018 15:24:51 GMT
server
nginx
accept-ranges
bytes
etag
"5ad0cbc3-188b"
content-length
6283
content-type
image/png
main.js
yx-tr-val.com/crs/js/ 		255 B
384 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yx-tr-val.com/crs/js/main.js
Requested by
Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.221.skhosting.eu
Software
nginx /
Resource Hash
c91d7242589722eec07910a5a5fe2b8855c57100fbfbdc93d6604823a9402458

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 07:50:04 GMT
last-modified
Fri, 13 Apr 2018 15:24:54 GMT
server
nginx
accept-ranges
bytes
etag
"5ad0cbc6-ff"
content-length
255
content-type
application/javascript
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,600,700,800
Requested by
Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/css/main.css?v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
6161b5b764be0a3b7223d946ef5027fc56c52ea50da9e267340caee380902f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://yx-tr-val.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 02 Jun 2024 07:50:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 02 Jun 2024 07:50:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Jun 2024 07:50:05 GMT
recaptcha__iw.js
www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/ 		547 KB
211 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__iw.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
a843cef97d8f7395544de4bef462a9aabb159122619df897cc09dd3794250db4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://yx-tr-val.com/
Origin
https://yx-tr-val.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 14:01:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
215211
x-xss-protection
0
last-modified
Mon, 27 May 2024 02:00:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Jun 2025 14:01:26 GMT
anchor
www.google.com/recaptcha/api2/ Frame 951F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-&co=aHR0cHM6Ly95eC10ci12YWwuY29tOjQ0Mw..&hl=iw&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=r169qpfxxn6p
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__iw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HPoSAvuqkDgHym3zGnQhDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://yx-tr-val.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-HPoSAvuqkDgHym3zGnQhDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 02 Jun 2024 07:50:06 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
favicon.ico
yx-tr-val.com/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://yx-tr-val.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.221.skhosting.eu
Software
nginx /
Resource Hash
6b53f27aea977e48791e42c7fabdf7dcf6b9c4dc5aab3bd6d254526883cfb315

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 07:50:07 GMT
last-modified
Mon, 19 Aug 2019 13:20:40 GMT
server
nginx
accept-ranges
bytes
etag
"5d5aa228-1536"
content-length
5430
content-type
image/x-icon
/
namel.net/d0d63e31e7/070a954047/
Redirect Chain
  • https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
  • https://vdbaa.com/fullpage.php?section=General&pub=497839&ga=g&rr=&dom_id=50016965&yXcrs=95
  • https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrxxCjjZAGrrdkCiGkkjdCpCirNrjGNGjNppCrCZZZCCrixCrZACrCrGCxCiZpArGxkiCCZji_26824&adApiR=loaded_string_2568391dbf656618e153efb...
1 KB
928 B 		Document
General
Check archive.org
Download Go to
Full URL
https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrxxCjjZAGrrdkCiGkkjdCpCirNrjGNGjNppCrCZZZCCrixCrZACrCrGCxCiZpArGxkiCCZji_26824&adApiR=loaded_string_2568391dbf656618e153efbcd7c780381f7ac_2938402_1717314608.0824_77515&refferer=2934460968_aHR0cDovLzQ5NzgzOS55bGxpeC5jb20=&yxDom=dmRiYWEuY29t_9f0199818f55a7669128123a276be0b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.58 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.201.58.skhosting.eu
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://yx-tr-val.com
Referer
https://yx-tr-val.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 02 Jun 2024 07:50:08 GMT
expires
Sun, 01 Jan 2014 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
noindex,nofollow

Redirect headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type
text/html; charset=UTF-8
date
Sun, 02 Jun 2024 07:50:08 GMT
expires
Sun, 02 Jun 2024 07:50:08 GMT
last-modified
Sun, 02 Jun 2024 07:50:08 GMT
location
https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrxxCjjZAGrrdkCiGkkjdCpCirNrjGNGjNppCrCZZZCCrixCrZACrCrGCxCiZpArGxkiCCZji_26824&adApiR=loaded_string_2568391dbf656618e153efbcd7c780381f7ac_2938402_1717314608.0824_77515&refferer=2934460968_aHR0cDovLzQ5NzgzOS55bGxpeC5jb20=&yxDom=dmRiYWEuY29t_9f0199818f55a7669128123a276be0b0
pragma
no-cache
server
nginx
x-robots-tag
noindex, nofollow, noarchive, nosnippet
analytics.js
www.google-analytics.com/ 		26 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: namel.net
URL: https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrxxCjjZAGrrdkCiGkkjdCpCirNrjGNGjNppCrCZZZCCrixCrZACrCrGCxCiZpArGxkiCCZji_26824&adApiR=loaded_string_2568391dbf656618e153efbcd7c780381f7ac_2938402_1717314608.0824_77515&refferer=2934460968_aHR0cDovLzQ5NzgzOS55bGxpeC5jb20=&yxDom=dmRiYWEuY29t_9f0199818f55a7669128123a276be0b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://namel.net/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 02 Jun 2024 07:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
545
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 02 Jun 2024 09:41:03 GMT
Primary Request go.php
dkdutjs.click/ 		633 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dkdutjs.click/go.php?go=https%3A%2F%2Fs1.30301.click%2F%3Futm_medium%3D1c8a39bdc24f9bf01a896823c2517f52e2f1f505%26utm_campaign%3Dsmart2%261%3D30229204%26cid%3D90affC1717314608aff6c4d29f779216a520a611&do=1266371c89b6138c73962e0197e82765
Requested by
Host: namel.net
URL: https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XrxxCjjZAGrrdkCiGkkjdCpCirNrjGNGjNppCrCZZZCCrixCrZACrCrGCxCiZpArGxkiCCZji_26824&adApiR=loaded_string_2568391dbf656618e153efbcd7c780381f7ac_2938402_1717314608.0824_77515&refferer=2934460968_aHR0cDovLzQ5NzgzOS55bGxpeC5jb20=&yxDom=dmRiYWEuY29t_9f0199818f55a7669128123a276be0b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.8 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://namel.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 02 Jun 2024 07:50:08 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
/
s1.30301.click/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s1.30301.click
URL
https://s1.30301.click/?utm_medium=1c8a39bdc24f9bf01a896823c2517f52e2f1f505&utm_campaign=smart2&1=30229204&cid=90affC1717314608aff6c4d29f779216a520a611

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Domain/Path Name / Value
namel.net/d0d63e31e7/070a954047 Name: total_impressions
Value: 1
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AFsGliKkeszJkGIIu4a92VRMtdf-PPFATu882j_u1saEN-shZ04mg04ODUUrMmtegUda02DFf2kN2X-ccgZb3uI
.vdbaa.com/ Name: used_ad2938402
Value: 1
.vdbaa.com/ Name: total_impressions
Value: 1
.vdbaa.com/ Name: cpa_673873
Value: popup_882571169_4
namel.net/ Name: used_ad2938402
Value: 1

2 Console Messages

Source Level URL
Text
other warning URL: https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://yx-tr-val.com/crs/index_v3.php?d=50016965&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly92ZGJhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249R2VuZXJhbCZwdWI9NDk3ODM5JmdhPWcmcnI9
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.