rdvsecret.com
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Submitted URL: https://dgj.flingexchange.com/ga/click/2-26560162-11-67287-528537-237542-e49a47f69b-cga058a5d1
Effective URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=vpn&source=vpn&clickid=83564194&mail=
Submission: On May 29 via api from BE — Scanned from DE
Effective URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=vpn&source=vpn&clickid=83564194&mail=
Submission: On May 29 via api from BE — Scanned from DE
Summary
This website contacted 7 IPs
in 2 countries
across 9 domains to perform 22 HTTP transactions.
The main IP is 2a06:98c1:3120::3, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is rdvsecret.com.
TLS certificate: Issued by GTS CA 1P5 on May 23rd 2024. Valid for: 3 months.
This is the only time rdvsecret.com was scanned on urlscan.io!
TLS certificate: Issued by GTS CA 1P5 on May 23rd 2024. Valid for: 3 months.
This is the only time rdvsecret.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 2606:4700:303... 2606:4700:3030::ac43:ddbc | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 5 5 | 34.107.223.80 34.107.223.80 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 1 1 | 34.160.108.161 34.160.108.161 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 1 2 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 14 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
| 3 | 3.120.49.152 3.120.49.152 | 16509 (AMAZON-02) (AMAZON-02) | |
| 3 | 2a04:4e42::649 2a04:4e42::649 | 54113 (FASTLY) (FASTLY) | |
| 1 | 3.77.90.50 3.77.90.50 | 16509 (AMAZON-02) (AMAZON-02) | |
| 22 | 7 |
5
34.107.223.80
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.223.107.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.223.107.34.bc.googleusercontent.com
| www.xn3j2k.com |
1
34.160.108.161
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 161.108.160.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 161.108.160.34.bc.googleusercontent.com
| www.bks22jtrk.com |
3
3.120.49.152
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-49-152.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-49-152.eu-central-1.compute.amazonaws.com
| ads.adextrem.com |
1
3.77.90.50
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-90-50.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-90-50.eu-central-1.compute.amazonaws.com
| ads.adextrem.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 14 |
rdvsecret.com
2 redirects
rdvsecret.com |
996 KB |
| 5 |
xn3j2k.com
5 redirects
www.xn3j2k.com |
1 KB |
| 4 |
adextrem.com
ads.adextrem.com |
3 KB |
| 3 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 776 |
105 KB |
| 2 |
harem-smrt.com
1 redirects
harem-smrt.com |
2 KB |
| 1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380 |
30 KB |
| 1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237 |
6 KB |
| 1 |
bks22jtrk.com
1 redirects
www.bks22jtrk.com |
500 B |
| 1 |
flingexchange.com
1 redirects
dgj.flingexchange.com |
725 B |
| 22 | 9 |
| Domain | Requested by | |
|---|---|---|
| 14 | rdvsecret.com |
2 redirects
harem-smrt.com
rdvsecret.com |
| 5 | www.xn3j2k.com | 5 redirects |
| 4 | ads.adextrem.com |
rdvsecret.com
ads.adextrem.com |
| 3 | code.jquery.com |
rdvsecret.com
|
| 2 | harem-smrt.com | 1 redirects |
| 1 | ajax.googleapis.com |
rdvsecret.com
|
| 1 | cdnjs.cloudflare.com |
harem-smrt.com
|
| 1 | www.bks22jtrk.com | 1 redirects |
| 1 | dgj.flingexchange.com | 1 redirects |
| 22 | 9 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| dashboard.everprofit.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| harem-smrt.com E1 |
2024-05-23 - 2024-08-21 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
| rdvsecret.com GTS CA 1P5 |
2024-05-23 - 2024-08-21 |
3 months | crt.sh |
| upload.video.google.com WR2 |
2024-05-13 - 2024-08-05 |
3 months | crt.sh |
| *.adextrem.com Amazon RSA 2048 M03 |
2024-01-03 - 2025-01-30 |
a year | crt.sh |
| *.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=vpn&source=vpn&clickid=83564194&mail=
Frame ID: F8D7DE2EB0F539DBD24F8CB5EAB762AD
Requests: 21 HTTP requests in this frame
Frame:
https://ads.adextrem.com/push/ifp.php?slot=4
Frame ID: 6E6A2D1C10C37D1D6DB2096B33182E10
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Rencontre SexuellePage URL History Show full URLs
-
https://dgj.flingexchange.com/ga/click/2-26560162-11-67287-528537-237542-e49a47f69b-cga058a5d1
HTTP 302
https://www.xn3j2k.com/cmp/3ZN1M1/2XS9PF/?source_id=DR&sub1=HMM5&sub2=HMM&sub3=jcbortoletto%40gmail... HTTP 302
https://www.xn3j2k.com/cmp/3ZN1M1/25D7F3/?__rpt=0&__po=700&__ptid=36d573bea4a34961a074ee9499a29fad&... HTTP 302
https://www.xn3j2k.com/cmp/3ZN1M1/26M4FJ/?__rpt=0&__po=20&__ptid=f558a472af74470eb1327dc2f132a4b4&_... HTTP 302
https://www.xn3j2k.com/cmp/3ZN1M1/22WFD5/?__rpt=0&__po=21&__ptid=39613eb85b91475ebf7210eb20753262&_... HTTP 302
https://www.xn3j2k.com/cmp/3ZN1M1/27W1G/?__rpt=0&__po=373&__ptid=fd79c8fd24294f4ab6a502fc3dfc6402&_... HTTP 302
https://www.bks22jtrk.com/5ZS8GM/55M6S/?sub1=jcbortoletto%40gmail.com&sub2=120&sub3=&sub5=5a158b34b95f... HTTP 302
https://harem-smrt.com/offers/?id=40&affid=110&source=120&clickid=f47d5bbf26a04351b87a42a4253f3754&... Page URL
-
https://harem-smrt.com/offers/index.php?id=40&affid=110&source=120&clickid=f47d5bbf26a04351b87a42a4...
HTTP 302
https://rdvsecret.com/offer/?id=1&lp=0&affid=vpn&source=vpn&clickid=83564194 HTTP 302
https://rdvsecret.com/plancul/1/lp1.php?pt=auto&id=1&lp=0&affid=vpn&source=vpn&clickid=83564194 HTTP 302
https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=vpn&source=vpn&clickid=83564194&... Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- ([\d.]+)/jquery-ui(?:\.min)?\.js
- jquery-ui.*\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://dashboard.everprofit.com/affiliate/signup
Title: Affiliation
Title: Affiliation
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://dgj.flingexchange.com/ga/click/2-26560162-11-67287-528537-237542-e49a47f69b-cga058a5d1
HTTP 302
https://www.xn3j2k.com/cmp/3ZN1M1/2XS9PF/?source_id=DR&sub1=HMM5&sub2=HMM&sub3=jcbortoletto%40gmail.com HTTP 302
https://www.xn3j2k.com/cmp/3ZN1M1/25D7F3/?__rpt=0&__po=700&__ptid=36d573bea4a34961a074ee9499a29fad&__rpa=1&__rc=1&sub1=HMM5&sub2=HMM&sub3=jcbortoletto%40gmail.com&sub4=&sub5=&source_id=DR&__pcd=1 HTTP 302
https://www.xn3j2k.com/cmp/3ZN1M1/26M4FJ/?__rpt=0&__po=20&__ptid=f558a472af74470eb1327dc2f132a4b4&__rpa=1&__rc=2&sub1=HMM5&sub2=HMM&sub3=jcbortoletto%40gmail.com&sub4=&sub5=&source_id=DR&__pcd=1 HTTP 302
https://www.xn3j2k.com/cmp/3ZN1M1/22WFD5/?__rpt=0&__po=21&__ptid=39613eb85b91475ebf7210eb20753262&__rpa=1&__rc=3&sub1=HMM5&sub2=HMM&sub3=jcbortoletto%40gmail.com&sub4=&sub5=&source_id=DR&__pcd=1 HTTP 302
https://www.xn3j2k.com/cmp/3ZN1M1/27W1G/?__rpt=0&__po=373&__ptid=fd79c8fd24294f4ab6a502fc3dfc6402&__rpa=1&__rc=4&sub1=HMM5&sub2=HMM&sub3=jcbortoletto%40gmail.com&sub4=&sub5=&source_id=DR&__pcd=1 HTTP 302
https://www.bks22jtrk.com/5ZS8GM/55M6S/?sub1=jcbortoletto%40gmail.com&sub2=120&sub3=&sub5=5a158b34b95f492e87e857ed7a33b9a7 HTTP 302
https://harem-smrt.com/offers/?id=40&affid=110&source=120&clickid=f47d5bbf26a04351b87a42a4253f3754&mail=jcbortoletto%40gmail.com Page URL
-
https://harem-smrt.com/offers/index.php?id=40&affid=110&source=120&clickid=f47d5bbf26a04351b87a42a4253f3754&mail=jcbortoletto%40gmail.com&r=1&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/125.0.0.0%20Safari/537.36&ua_pm=Windows&fw=1600&fh=1200&wdw_d={%22name%22:%22%22,%22status%22:%22%22,%22closed%22:false,%22length%22:0,%22origin%22:%22https://harem-smrt.com%22,%22innerWidth%22:1600,%22innerHeight%22:1200,%22scrollX%22:0,%22pageXOffset%22:0,%22scrollY%22:0,%22pageYOffset%22:0,%22screenX%22:1570,%22screenY%22:1170,%22outerWidth%22:1600,%22outerHeight%22:1200,%22devicePixelRatio%22:1,%22screenLeft%22:1570,%22screenTop%22:1170,%22isSecureContext%22:true,%22crossOriginIsolated%22:false,%22originAgentCluster%22:true,%22credentialless%22:false,%22fhe%22:%22Europe/Berlin%22,%22prop%22:%22prop%22,%22TEMPORARY%22:0,%22PERSISTENT%22:1}&ngt_d={%22vendorSub%22:%22%22,%22productSub%22:%2220030107%22,%22vendor%22:%22Google%20Inc.%22,%22maxTouchPoints%22:0,%22scheduling%22:{},%22userActivation%22:{},%22doNotTrack%22:null,%22geolocation%22:{},%22connection%22:{},%22plugins%22:{%220%22:{%220%22:{},%221%22:{}},%221%22:{%220%22:{},%221%22:{}},%222%22:{%220%22:{},%221%22:{}},%223%22:{%220%22:{},%221%22:{}},%224%22:{%220%22:{},%221%22:{}}},%22mimeTypes%22:{%220%22:{},%221%22:{}},%22pdfViewerEnabled%22:true,%22webkitTemporaryStorage%22:{},%22webkitPersistentStorage%22:{},%22windowControlsOverlay%22:{},%22hardwareConcurrency%22:12,%22cookieEnabled%22:true,%22appCodeName%22:%22Mozilla%22,%22appName%22:%22Netscape%22,%22appVersion%22:%225.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/125.0.0.0%20Safari/537.36%22,%22platform%22:%22Win32%22,%22product%22:%22Gecko%22,%22userAgent%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/125.0.0.0%20Safari/537.36%22,%22language%22:%22de-DE%22,%22languages%22:[%22en-US%22,%22en%22],%22onLine%22:true,%22webdriver%22:false,%22storageBuckets%22:{},%22clipboard%22:{},%22credentials%22:{},%22keyboard%22:{},%22managed%22:{},%22mediaDevices%22:{},%22storage%22:{},%22serviceWorker%22:{},%22virtualKeyboard%22:{},%22wakeLock%22:{},%22deviceMemory%22:8,%22userAgentData%22:{%22brands%22:[{%22brand%22:%22Google%20Chrome%22,%22version%22:%22125%22},{%22brand%22:%22Not:A-Brand%22,%22version%22:%228%22},{%22brand%22:%22Chromium%22,%22version%22:%22125%22}],%22mobile%22:false,%22platform%22:%22Win32%22},%22login%22:{},%22ink%22:{},%22mediaCapabilities%22:{},%22hid%22:{},%22locks%22:{},%22gpu%22:{},%22mediaSession%22:{},%22permissions%22:{},%22presentation%22:{},%22usb%22:{},%22xr%22:{},%22serial%22:{}}&hs_d={%22length%22:2,%22scrollRestoration%22:%22auto%22,%22state%22:null}&sc_d={%22availWidth%22:1600,%22availHeight%22:1200,%22width%22:1600,%22height%22:1200,%22colorDepth%22:24,%22pixelDepth%22:24,%22availLeft%22:0,%22availTop%22:0,%22orientation%22:{},%22onchange%22:null,%22isExtended%22:false}&fhe_d=Europe/Berlin&plg_d=[%22PDF%20Viewer%22,%22Chrome%20PDF%20Viewer%22,%22Chromium%20PDF%20Viewer%22,%22Microsoft%20Edge%20PDF%20Viewer%22,%22WebKit%20built-in%20PDF%22]
HTTP 302
https://rdvsecret.com/offer/?id=1&lp=0&affid=vpn&source=vpn&clickid=83564194 HTTP 302
https://rdvsecret.com/plancul/1/lp1.php?pt=auto&id=1&lp=0&affid=vpn&source=vpn&clickid=83564194 HTTP 302
https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=vpn&source=vpn&clickid=83564194&mail= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://dgj.flingexchange.com/ga/click/2-26560162-11-67287-528537-237542-e49a47f69b-cga058a5d1 HTTP 302
- https://www.xn3j2k.com/cmp/3ZN1M1/2XS9PF/?source_id=DR&sub1=HMM5&sub2=HMM&sub3=jcbortoletto%40gmail.com HTTP 302
- https://www.xn3j2k.com/cmp/3ZN1M1/25D7F3/?__rpt=0&__po=700&__ptid=36d573bea4a34961a074ee9499a29fad&__rpa=1&__rc=1&sub1=HMM5&sub2=HMM&sub3=jcbortoletto%40gmail.com&sub4=&sub5=&source_id=DR&__pcd=1 HTTP 302
- https://www.xn3j2k.com/cmp/3ZN1M1/26M4FJ/?__rpt=0&__po=20&__ptid=f558a472af74470eb1327dc2f132a4b4&__rpa=1&__rc=2&sub1=HMM5&sub2=HMM&sub3=jcbortoletto%40gmail.com&sub4=&sub5=&source_id=DR&__pcd=1 HTTP 302
- https://www.xn3j2k.com/cmp/3ZN1M1/22WFD5/?__rpt=0&__po=21&__ptid=39613eb85b91475ebf7210eb20753262&__rpa=1&__rc=3&sub1=HMM5&sub2=HMM&sub3=jcbortoletto%40gmail.com&sub4=&sub5=&source_id=DR&__pcd=1 HTTP 302
- https://www.xn3j2k.com/cmp/3ZN1M1/27W1G/?__rpt=0&__po=373&__ptid=fd79c8fd24294f4ab6a502fc3dfc6402&__rpa=1&__rc=4&sub1=HMM5&sub2=HMM&sub3=jcbortoletto%40gmail.com&sub4=&sub5=&source_id=DR&__pcd=1 HTTP 302
- https://www.bks22jtrk.com/5ZS8GM/55M6S/?sub1=jcbortoletto%40gmail.com&sub2=120&sub3=&sub5=5a158b34b95f492e87e857ed7a33b9a7 HTTP 302
- https://harem-smrt.com/offers/?id=40&affid=110&source=120&clickid=f47d5bbf26a04351b87a42a4253f3754&mail=jcbortoletto%40gmail.com
22 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
harem-smrt.com/offers/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
platform.min.js
cdnjs.cloudflare.com/ajax/libs/platform/1.3.6/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Primary Request
lp15.php
rdvsecret.com/plancul/1/ Redirect Chain
|
18 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
style.css
rdvsecret.com/plancul/1/lp15/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
javascriptje.js
rdvsecret.com/plancul/1/lp15/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
detect.js
ads.adextrem.com/ |
78 B 826 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
bg2.jpg
rdvsecret.com/plancul/1/lp15/ |
130 KB 131 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
bg3.jpg
rdvsecret.com/plancul/1/lp15/ |
159 KB 159 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
bg4.jpg
rdvsecret.com/plancul/1/lp15/ |
125 KB 125 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
bg5.jpg
rdvsecret.com/plancul/1/lp15/ |
113 KB 114 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
bg6.jpg
rdvsecret.com/plancul/1/lp15/ |
164 KB 164 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
bg7.jpg
rdvsecret.com/plancul/1/lp15/ |
124 KB 124 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
bg1.jpg
rdvsecret.com/plancul/1/lp15/ |
109 KB 109 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
secured-website.png
rdvsecret.com/plancul/1/lp15/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ |
35 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.min.js
code.jquery.com/ui/1.12.1/ |
248 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
detect.php
ads.adextrem.com/ |
34 B 206 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loader.php
ads.adextrem.com/push/ |
4 KB 2 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ifp.php
ads.adextrem.com/push/ Frame 6E6A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
favicon.ico
rdvsecret.com/ |
196 B 601 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery number| __ADX_adextrem_regular function| getURLParameter number| __ADX_isAdBlockUser object| AdExtremPush function| validateForm function| loadCSS function| setCookie function| updateTimer object| AdExtremPushObj function| ini_push number| pre_submit function| add_mail_on_url function| emailIsValid function| shake_email_input function| loadScript object| o14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.xn3j2k.com/ | Name: uniqueClick_2XS9PF Value: 6525936b-a27c-4c26-a789-b9dc130c724f:1716999775 |
|
| www.xn3j2k.com/ | Name: uniqueClick_25D7F3 Value: c50aa73e-f0f2-438c-957e-33392c8ed979:1716999776 |
|
| www.xn3j2k.com/ | Name: uniqueClick_26M4FJ Value: 5a45d58d-c896-4e91-9639-76df3240eead:1716999776 |
|
| www.xn3j2k.com/ | Name: uniqueClick_22WFD5 Value: 7f60e695-97a4-457d-80e3-f1510ad1584e:1716999776 |
|
| www.xn3j2k.com/ | Name: uniqueClick_27W1G Value: 9823df4d-b21b-4602-8c24-957b2c1cb9e1:1716999776 |
|
| www.xn3j2k.com/ | Name: transaction_id Value: 36d573bea4a34961a074ee9499a29fad|f558a472af74470eb1327dc2f132a4b4|39613eb85b91475ebf7210eb20753262|fd79c8fd24294f4ab6a502fc3dfc6402|5a158b34b95f492e87e857ed7a33b9a7 |
|
| www.bks22jtrk.com/ | Name: uniqueClick_55M6S Value: 941fdeea-09ce-40c3-b605-36ee733a2fe1:1716999776 |
|
| www.bks22jtrk.com/ | Name: transaction_id Value: f47d5bbf26a04351b87a42a4253f3754 |
|
| rdvsecret.com/ | Name: PHPSESSID Value: 8vb8llsfss23t4lpb1geutmvt2 |
|
| ads.adextrem.com/ | Name: AWSELBCORS Value: 671BC5111EC8C439EC6ECDAADF42C2FCC39A19517227BECBED123D3D2F3DC41482870D4994F5F60AFCADD93926CF44860692B62F1C7248FD72FF986938C4ECB0C265983304 |
|
| rdvsecret.com/ | Name: fw Value: 1600 |
|
| rdvsecret.com/ | Name: fh Value: 1200 |
|
| rdvsecret.com/ | Name: fua Value: Mozilla/5.0 (Windows NT 10.0 |
|
| .ads.adextrem.com/ | Name: fp2 Value: 5bf48b284ba8888f74357bb5d6de98f7 |
11 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.adextrem.com
ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
dgj.flingexchange.com
harem-smrt.com
rdvsecret.com
www.bks22jtrk.com
www.xn3j2k.com
2606:4700:3030::ac43:ddbc
2606:4700::6811:190e
2a00:1450:4001:830::200a
2a04:4e42::649
2a06:98c1:3120::3
2a06:98c1:3121::3
3.120.49.152
3.77.90.50
34.107.223.80
34.160.108.161
1fab08ee7301c1c5676fa683c923e47681d2b1ec4fd396045937e8fb6befa7c8
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
49c3133c07bd12eb6c5ffd36387360ef096eebc91c7368857d4536d76fdcb804
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5ec67be30650c37cce7a4fa975c605e393a1bc345de019fa729b54230cfa1674
6ab2b9bf505bf16efda449af810081478279b4b4151996c66cfccdbc8cd33175
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
735588a14f972f7e22d7b469f181fe41a1a0e09be1fc92758ad4a701499fa56c
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
888a3e263a4a1bf5acf5a294acd7f3118510721531590ce74093b1bfcb65adc2
8b9ea8752caa6b5eb8b322494a98677a062c9e3175c254280b72a0133a567943
8c039b6e245af3041933a2e283eb929be6c05618616e34ef2b8e3ca2bb368007
90b4a9f1b17ddc4b057d11881f1fbc130b95ce03bde77539ae1600040bb22cb8
a6f2e5a530422e3d146eb368c71b08d5a6efd0f52d8dc9f366993ee8d6eb4f98
bcc7d74ee2454721d5da6c1c44c57e46bf0d9e1e1dc570afe0293492d5005d77
c3d6e9059f47a90802bc5e50ba09e9db2c518853f860476f4098c3fde4c70ef6
d41ba3dae709e1a8984377fab99ded7d1aebba4afa08b73ab8137fc647a87509
e61803fe337b62ec88013f93ba451a76854a55b86eda08de01550fbf87087a14
eed9a94b515a5c841ce4518d354a88d6cea607390fe8c6a21fe303ecac227f66
f5e39f90aee9a60deea10b6cd3707803db58a0a45e5a3894eaad194d617ce780
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e