![](/screenshots/7fb52e7c-9532-4019-939d-3c574efb9418.png)
value.us
Open in
urlscan Pro
104.236.101.193
Public Scan
Effective URL: https://value.us/waste.php?reason=Visitor+From+Unexpected+Country&subid=EvaDav:s797
Submission: On September 22 via manual from DK
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on August 19th 2020. Valid for: 3 months.
This is the only time value.us was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a02:b4a:1:8:... 2a02:b4a:1:8::9308:1 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
1 1 | 2400:6180:100... 2400:6180:100:d0::920:a001 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 104.236.101.193 104.236.101.193 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 2606:4700:e4:... 2606:4700:e4::ac40:a31e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3032::6818:6a98 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 88.208.60.53 88.208.60.53 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
1 | 2a02:b4a:1:7:... 2a02:b4a:1:7::9273:1 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
1 | 2606:4700:303... 2606:4700:3032::681b:a004 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 8 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
value.us
1 redirects
clk.value.us value.us |
2 KB |
1 |
vivdq.com
vivdq.com |
4 KB |
1 |
prownl.com
prownl.com |
128 B |
1 |
ntvsw.com
ntvsw.com |
3 KB |
1 |
fbpopr.com
fbpopr.com |
17 KB |
1 |
webpinp.com
webpinp.com |
10 KB |
1 |
chgilks.com
chgilks.com |
363 B |
0 |
samtrg.com
Failed
samtrg.com Failed |
|
8 | 8 |
Domain | Requested by | |
---|---|---|
1 | vivdq.com |
ntvsw.com
|
1 | prownl.com |
webpinp.com
|
1 | ntvsw.com |
value.us
|
1 | fbpopr.com |
value.us
|
1 | webpinp.com |
value.us
|
1 | value.us |
chgilks.com
|
1 | clk.value.us | 1 redirects |
1 | chgilks.com | |
0 | samtrg.com Failed |
fbpopr.com
|
8 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
chgilks.com ZeroSSL RSA Domain Secure Site CA |
2020-09-02 - 2020-12-01 |
3 months | crt.sh |
www.value.us Let's Encrypt Authority X3 |
2020-08-19 - 2020-11-17 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-07 - 2021-07-07 |
a year | crt.sh |
ntvsw.com ZeroSSL RSA Domain Secure Site CA |
2020-06-01 - 2021-06-01 |
a year | crt.sh |
prownl.com ZeroSSL RSA Domain Secure Site CA |
2020-08-21 - 2020-11-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://value.us/waste.php?reason=Visitor+From+Unexpected+Country&subid=EvaDav:s797
Frame ID: 0A454713D032B1CF0AAC193ACC98059F
Requests: 8 HTTP requests in this frame
Screenshot
![](/screenshots/7fb52e7c-9532-4019-939d-3c574efb9418.png)
Page URL History Show full URLs
- https://chgilks.com/dsp/cu/clc?aid=13952161667252505559&t=1600767874&s=491202&sid=797 Page URL
-
https://clk.value.us/15Gl9f?subid1=s797&subid2=s797_263048-199177&subid3=&code=FgjLmvC4&source=Ev...
HTTP 302
https://value.us/waste.php?reason=Visitor+From+Unexpected+Country&subid=EvaDav:s797 Page URL
Detected technologies
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://chgilks.com/dsp/cu/clc?aid=13952161667252505559&t=1600767874&s=491202&sid=797 Page URL
-
https://clk.value.us/15Gl9f?subid1=s797&subid2=s797_263048-199177&subid3=&code=FgjLmvC4&source=EvaDav&cost=0.0040&external_id=s4_13952161667252505559_797_2_0
HTTP 302
https://value.us/waste.php?reason=Visitor+From+Unexpected+Country&subid=EvaDav:s797 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
clc
chgilks.com/dsp/cu/ |
279 B 363 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
waste.php
value.us/ Redirect Chain
|
875 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
waWQiOjEwNTQ4MTIsInNpZCI6MTA2MDA5MSwid2lkIjoxMjU2MjYsInNyYyI6Mn0=eyJ.js
webpinp.com/pw/ |
25 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
waWQiOjEwNTQ4MTIsInNpZCI6MTA2MDA5MSwid2lkIjoxMTcxNTAsInNyYyI6Mn0=eyJ.js
fbpopr.com/p/ |
50 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
native.js
ntvsw.com/code/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cuload
samtrg.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wnload
prownl.com/ |
0 128 B |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
vivdq.com/v1/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- samtrg.com
- URL
- https://samtrg.com/cuload?a=1&e=aeyJwaWQiOjEwNTQ4MTIsInNpZCI6MTA2MDA5MSwid2lkIjoxMTcxNTAsImQiOiJ2YWx1ZS51cyIsImxpIjoxfQ==&tz=2&if=0
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| edPushSDK0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
chgilks.com
clk.value.us
fbpopr.com
ntvsw.com
prownl.com
samtrg.com
value.us
vivdq.com
webpinp.com
samtrg.com
104.236.101.193
2400:6180:100:d0::920:a001
2606:4700:3032::6818:6a98
2606:4700:3032::681b:a004
2606:4700:e4::ac40:a31e
2a02:b4a:1:7::9273:1
2a02:b4a:1:8::9308:1
88.208.60.53
552f29ee0ce8ee401944a21b0235f0b6efee0b9a5d9c72bfeff95dd066dc808d
a1b64c6730e610c74ce6dca99fdcbf7300f2de779abf33108d3e4f0126b369b6
a619ed50d0880f19543d8275867e38cde01c3e32cd621f246f62aafebe9c603d
ceec5b66e980a3a1620249f0cca71fd2c70dbded736a6fa6a66cd37ad4050bb3
d0e0b73dd6a3f8a1bd0fbdbe68a0ad3bbf99e5c9a3c00caa5c0ee2c283bbe00b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed119e8528d5c2191cbec1e5059b2ff30d40ab4c6b1e6ee4ec5e5dc457e0b40d