mytecads.com Open in urlscan Pro
2606:4700:3031::ac43:8b63 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://smtpauth.ylu.us/
Effective URL:
https://mytecads.com/yB-zT_LKuFxEiLbIbOmLAJB1lVRJe24bz-SibUp6Ut8/
Submission: On April 23 via automatic, source certstream-suspicious (April 23rd 2024, 10:30:58 am UTC) — Scanned from US

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 7 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3031::ac43:8b63, located in and belongs to . The main domain is mytecads.com.
TLS certificate: Issued by GTS CA 1P5 on April 15th 2024. Valid for: 3 months.

This is the only time mytecads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	54.157.24.8 54.157.24.8	14618 (AMAZON-AES) (AMAZON-AES)
2	72.52.179.174 72.52.179.174	32244 (LIQUIDWEB) (LIQUIDWEB)
1 1	142.93.240.225 142.93.240.225	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	198.211.113.186 198.211.113.186	() ()
2	3.226.123.196 3.226.123.196	() ()
1 1	3.93.251.206 3.93.251.206	() ()
2	2606:4700:303... 2606:4700:3031::ac43:8b63	() ()
1	2a04:4e42:200... 2a04:4e42:200::649	() ()
11	6

3 54.157.24.8 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-24-8.compute-1.amazonaws.com

smtpauth.ylu.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.52.179.174 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com

ww99.ylu.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.240.225 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.clktoro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.211.113.186 (None, ) 1 redirects

ASN- ()

redir.blowingwind.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.226.123.196 (None, )

ASN- ()

ganda-ljo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.251.206 (None, ) 1 redirects

ASN- ()

wpsafeguardinfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:8b63 (None, )

ASN- ()

mytecads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (None, )

ASN- ()

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	ylu.us 1 redirects smtpauth.ylu.us ww99.ylu.us	20 KB
2	mytecads.com mytecads.com	347 KB
2	ganda-ljo.com ganda-ljo.com	4 KB
1	jquery.com code.jquery.com	33 KB
1	wpsafeguardinfo.com 1 redirects wpsafeguardinfo.com	701 B
1	blowingwind.xyz 1 redirects redir.blowingwind.xyz	481 B
1	clktoro.com 1 redirects www.clktoro.com — Cisco Umbrella Rank: 119978	1 KB
11	7

	Domain	Requested by
3	smtpauth.ylu.us	1 redirects smtpauth.ylu.us
2	mytecads.com	ganda-ljo.com mytecads.com
2	ganda-ljo.com	ww99.ylu.us ganda-ljo.com
2	ww99.ylu.us	ww99.ylu.us
1	code.jquery.com	mytecads.com
1	wpsafeguardinfo.com	1 redirects
1	redir.blowingwind.xyz	1 redirects
1	www.clktoro.com	1 redirects
11	8

This site contains no links.

Subject Issuer	Validity	Valid
smtpauth.ylu.us R3	`2024-04-23` - `2024-07-22`	3 months	crt.sh
ganda-ljo.com Amazon RSA 2048 M01	`2023-09-12` - `2024-10-10`	a year	crt.sh
mytecads.com GTS CA 1P5	`2024-04-15` - `2024-07-14`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mytecads.com/yB-zT_LKuFxEiLbIbOmLAJB1lVRJe24bz-SibUp6Ut8/
Frame ID: A84F86CD2A24DFB402048F79AA13851A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://smtpauth.ylu.us/ Page URL
https://smtpauth.ylu.us/.IGV0hOcNusVJOgqoD1HuWTk0PssdueKB Page URL
https://smtpauth.ylu.us/ HTTP 302
http://ww99.ylu.us/ HTTP 307
https://ww99.ylu.us/ HTTP 307
http://ww99.ylu.us/ Page URL
http://ww99.ylu.us/page/bouncy.php?&bpae=GbhGcb0GBdVmj3NViuQHAvAyRTssaODAp1S2SqknJ8r6lJfHenk9t8... Page URL
http://www.clktoro.com/feed/click/?t1=128&tid=760&uid=192&subid=ylu.us&id=2cf5b0342019d97cbb1f990dc... HTTP 307
https://www.clktoro.com/feed/click/?t1=128&tid=760&uid=192&subid=ylu.us&id=2cf5b0342019d97cbb1f990dc... HTTP 302
https://redir.blowingwind.xyz/feed/click/?t1=128&tid=88&uid=59&subid=760_ylu.us&id=59a673fc1e60278623154ab... HTTP 302
http://ganda-ljo.com/zclkvisitor/8c04f992-015c-11ef-969b-128236698229/cfcdab84-dabd-11ed-962d-0ad... HTTP 307
https://ganda-ljo.com/zclkvisitor/8c04f992-015c-11ef-969b-128236698229/cfcdab84-dabd-11ed-962d-0ad... Page URL
https://ganda-ljo.com/zclkredirect?visitid=8c04f992-015c-11ef-969b-128236698229&type=js&browserWid... Page URL
https://wpsafeguardinfo.com/mc-test/0d1cebd36d547554fd8c7cce540454ce/index.php?utm_source=84&utm_campaig... HTTP 302
https://mytecads.com/yB-zT_LKuFxEiLbIbOmLAJB1lVRJe24bz-SibUp6Ut8/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

64 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

6
IPs

1
Countries

405 kB
Transfer

949 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://smtpauth.ylu.us/ Page URL
https://smtpauth.ylu.us/.IGV0hOcNusVJOgqoD1HuWTk0PssdueKB Page URL
https://smtpauth.ylu.us/ HTTP 302
http://ww99.ylu.us/ HTTP 307
https://ww99.ylu.us/ HTTP 307
http://ww99.ylu.us/ Page URL
http://ww99.ylu.us/page/bouncy.php?&bpae=GbhGcb0GBdVmj3NViuQHAvAyRTssaODAp1S2SqknJ8r6lJfHenk9t89OeFAs%2BEFi%2BPsbHATdwTvrYZ2i1WfbDMEa4c6hwMq73tDalrSLjoCdZmLt%2B1bcXo4MT%2Fck8baDBfyYHtiBgZ%2B8dxTnw3VPG3yFlNfV4%2BLhjqirrMAKkCe2vP%2Fe0MbRXl8E3P%2B6zUiGzp2OnRPFulTdvqWPwh1aijFdS9NrCJTfOw2NorKSuJn%2FEk8fg0Yx7yP4dNH%2B%2BxaD39HqVMOkaCWXbN8C48%2F21q8uru78OEYEIrcuXZ90D6O8iPhr7ac9w48f0vH1BkY5%2B1OgK3KH596t1VSAte7mb%2FayzK0NHwEr5f2PMqWP2O%2BM%2BgZW9PVFVM%2FzNnQw%2Bu53O6urJHYNk1dUv5R3jg%2FG0g9VvH%2BtRB0RXS1QhqZ405UGl1gzFkMIYzD98x%2B5IYFhYOM9oRTFklCyWHEHUm9xS9u%2Fucgo2Gx41xWvq0nJ2uJNueBdvPq9R%2BbZPtxYkfGkaVm7oGKeKFYkbXcP8glC2YZ95pHpL%2BPgGkLRWRi%2B86ZWiAVNlHky9LJicwjsHTzD5OOZI%2FNjbl5EHbxIdbaeXhjghztmw%2F9R97%2FhMcQo1leUzTCux0Oxw1qp7pS3enmE9BTcLbtu3gs4NqBbf35gi7RkdaSn7O5Ub5f%2Ff9gO7ipLVIpOeAagdVIE2KR6Ok038Foopq3aijmvAvpM1XhFYSy5clnsn2RYUueHn9Wn3NBEkTn%2B88ZtcB80FnmarGuSrkzyW4AlwORXZHfwTYNzBJP2OBOTzJb%2BWJCwwCYqPCI%2FonpEQqOXfwFhCwEY1CUh6ZkLAhaUxfFFc3Ezce8jCTO63j3mNFHT5x3zMhHgBRJw5liMc9h43U513hapQnvXKwlvSSLWrzGFaZ1gtZs2k9vKUfMVNLcuApkL3GVj8h38HkKh40jsG%2F%2F6HQpZ1t8gQnHFUiP3XxaIQmzvIzCXInc3GkZ2rXh4oxPL1mwHUJhpm4jd8%2FXkjCiirkasUKIoLEQCV4U84ezxov2lKJw7mVjzRTJhhItS%2FLjX1YvpCaFU85mqMQ6CCbfZ9DdQqSSvRzn6Z3VZC1c%2FkmHbFJP%2FJgp12k0FS8tlzm9fD75%2BM%2BKa6mqA%2F9Ij5VIqlpLp3690xQnrLEC9UTgKsWPVsA7KqNENTtfLTJRH30kcETZ2uDtyPMM5iWDOjCa0HQXGQFlTf2hH9wkheT17MHe%2FduTSiuFD4SBn8kcaNgJrxy0CZQa3yLO1ejLFpnMMj35kmDzhKfkybbO7qRCK1k30b9HzSIZqaZEi6DssFM49IFdCMnpteN9jKqGJPSJuWVMSb0sUPeATpyyJtCf6qY8NrLVTqeMHOZBXV6P26YUg0%2F2EcBypOnvv%2BoWHCWNeiSQtTZY4rTQghKgfGtXuaITrwP00G4RqSgr%2FwvpJY4f9gkQqghaF50mCg2c1H6W1ncR5tgfNvD9PgspxzODtnqQRzmvNRFb4EkIqCj1GOJ1xzwnj%2Fz7HxJJEWhaf9RHUbOMB4eOuIU02jXUUebLm8lSLz2MuEvllVUNn7SaW53KuT06B5g7bLalrboBWBZC8tSs4XJcseQ6Z0T4fc8BN%2BS%2BSrMa4%2FTkryk9RLSajAsXrg9BCClInSZhx62%2Bbm2PZvMSaBTy75T3CH7ztaseTiIpY9PZ1CD3yQOa3LDa6%2FfngFedNQsLbOKeAYTUHAG3wfGRjeYksDK7PIak2IkzZgziawvOomjc%2FsOU4s312XgWIfbTvZHc0GxSYrZnCKJ6kaG1XCf53WLnP55ipo38ywGFf7Dow75KCxwF1ebnr1Wc2TPBYQokpWk7UjHwtToB5jPiC93SLtCLf5GTNSIctP77apagJejHptWTen63HhsqiOp2mubD3x0NHw3z4uYc2sAKUCr5IVClQHstpEqhfwo21wTvNyk3km2s74zpGO4wo%2FRu6q8ZtyHwH0Rt8Ou%2F%2Fhths1suIBLX%2BmOEoKjBUlIGWpaDJkZ5nSIV2GGDDO3f508h%2B%2ByADFgxhtVMLfpkasERUzFZxFmH%2BMxI2JjyINYan4yddBXJ3JUgX%2F4uUr7HvOjDwVNLmvWkNCnAmL8rD%2FW6GRaJCWyoHSDB5ZFdFRUrTRhEzA0V4r%2BZgPaAIz2w5MQsknWoIZk8d3D5BQhqQbamrNxp0EJx8S0%2BI1%2BE4gome3DPsa1CCVYLvXWitfvf1xbEZHBSEEjtEIdG7sShF%2Fl2WlQmq1H%2FOB9vdsl5AaBbtE123GtDe4U7dzd6gZFTfEZuE7T5b8Kbgja%2BbhwAcVVWhMWCsYQkf28iNgoS1%2FmIGBhpPI5JyrcVeQZ%2FAnFEep%2BxA0EQ4zKKpuoWByo%2B0mM2oz6Iu3tq4e85gdnJZ43R32yl7%2FY2H3gTf32nX7hQXCBwX%2BdHUI434xgAtJeD0wKPe9QacRTZ5yxU3GTvI9c%2FSLhzsdX7bO1ablM4TaCe5C2A%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
http://www.clktoro.com/feed/click/?t1=128&tid=760&uid=192&subid=ylu.us&id=2cf5b0342019d97cbb1f990dc3a9b41c:48f6f470a6d6bace1eb5cf017578c1095505a60c516b9cbbafd2ad719d75bb3ea58642368c29beabb85b0734e638d7d574bf378868cd771fbf171e030d8a7443f3df7f074ad54a8be123f1dc6162c3bea7afa7165bf890a7b2372579711b1846a2fc0fc442140c4406b82f0c7652dfbbd085118db5c0464f5fd5af002d818f16655f1ab3640beb2dc76483b9189e24ba9111b65befb73f1d4d5ba79e6d4efde60356e89c6994fd4aec7c6296824f24d40eb8d80a081aae56488f75d90ef8136facd42d4a75ade09dce3a53cc567e10d2f1aebd57340aa374327623131f17b7fed23491b0e9eee153742e60e4a57a9cbb5c2c662103b51c7705199a514bbf9cc9fbbd8899eba7e33489e89e07e164c0ce0ee877bca597ef59a2ae5435a679c714512a1128498c03011a780a823fe17a362fbdab45ecaa75fee0a87e1869c1ae6617abfe9bfd79d01f2515871f77b4655f85afa87afd4799fb03ce8de3720c5d1349c2673415234341ffdffb88809cec95456dc041b5c69f746990850cbeef45462f37c6bf1d6e43665e013d404c00e89ffa978ced9a9084e72984a6978bcf0714ac2889861248f0b6c69f1218f6b363e256d1abe08315cf4e1774141138ae1f2c8157c173c074832f531c6ff13771b9d0f27a6ab5ca45c49878218d21f9ff9d594542ad2d100773445f4e0c9e0931d320ca29b03159f8bf5e7f88d26413cf53b38205e1a6ba35b8c7d7b8ed4bdd99735cd776dc72f1fbb9465a1c5258b271e77701bb0324899654b9e822ac7a98e0f5f53bda402166976ef14adf47001835b9a4efe57b81bc66ed97a74e2b876cb792ec8177e5db9c8139fecba47df448d6cd590457116001303663e48f56473c687038320f6f5caacaad91d2d10cd8dff6497c160745b40cebef3c051b5b621715edcc6513617bf8717c78471bf6489a5363c79f7c3e93e3d4ec9460f976684fdaec9341e643797aadc716778133e2da8655e317b53d26242d1ee24e9c021e10ad8fe8be7d521dd77b67c1f0892ab9ececa6c3a9f1ba94560460d6f318ae9375b0fc0283556fd2bef068153e2fb628785d05a0c0e0c67baf9aeff11049224d5b6ccadb906b0a15a33b8f3a91569678e7bbbe9407724cfeecfe0204f8f983482dbc82a80495cff37ea4a0a486444a37ad8dba4a580489ba4bd8f964a55534f75a9c5e08b4b8579d551e4164059a10e3b3bd5b85dd6c9b52a5ca4554845a4d6299084c2e14c225358ec1153c896161a8388f1b2d63a10c55da786583cc1e11983714f8f9ab68ccb616b952d1ef2adc1b2724530254db9f8e60ac885eafd54f04c4df11848f241952959b004f5b0f635ce924472c70f510cf25a257a75a4b7ca175024f476c5b3fd9499c37979657a002958da30ae680904bdc7b9e4510b86936696c964d3bb46518b20fc26126304ee25bcb6e7e0e2cb70b06cfee0b6f9711f26a990b99be4abad1e6cee0a2db27582ad28ae7cc862c3ed59dab2d2e3851267df98741d49908bed47f12037d19b7000d7a13b12706893a4dcade7d1987538ffb8c1973e7d6898e763bc8d8f18da61aa3cc9702e97b3f37f7b987061564ebcb72aa13316785121504ed01d3006915f04fcf54c3794ce7d479356654cf04d7be1e64035cc064f7d2c5f1e6ca32c2aedc78781e90e2c10acddff5346b4041f9181def7bde506cdaec3011ebd69553b845ac56149360bc80ac0e18ce5a1ee3a7f0676118988384ac6be53d816fd84e7652b8d844d3a6322175b3ceba1726816e2c9693bbd78e HTTP 307
https://www.clktoro.com/feed/click/?t1=128&tid=760&uid=192&subid=ylu.us&id=2cf5b0342019d97cbb1f990dc3a9b41c:48f6f470a6d6bace1eb5cf017578c1095505a60c516b9cbbafd2ad719d75bb3ea58642368c29beabb85b0734e638d7d574bf378868cd771fbf171e030d8a7443f3df7f074ad54a8be123f1dc6162c3bea7afa7165bf890a7b2372579711b1846a2fc0fc442140c4406b82f0c7652dfbbd085118db5c0464f5fd5af002d818f16655f1ab3640beb2dc76483b9189e24ba9111b65befb73f1d4d5ba79e6d4efde60356e89c6994fd4aec7c6296824f24d40eb8d80a081aae56488f75d90ef8136facd42d4a75ade09dce3a53cc567e10d2f1aebd57340aa374327623131f17b7fed23491b0e9eee153742e60e4a57a9cbb5c2c662103b51c7705199a514bbf9cc9fbbd8899eba7e33489e89e07e164c0ce0ee877bca597ef59a2ae5435a679c714512a1128498c03011a780a823fe17a362fbdab45ecaa75fee0a87e1869c1ae6617abfe9bfd79d01f2515871f77b4655f85afa87afd4799fb03ce8de3720c5d1349c2673415234341ffdffb88809cec95456dc041b5c69f746990850cbeef45462f37c6bf1d6e43665e013d404c00e89ffa978ced9a9084e72984a6978bcf0714ac2889861248f0b6c69f1218f6b363e256d1abe08315cf4e1774141138ae1f2c8157c173c074832f531c6ff13771b9d0f27a6ab5ca45c49878218d21f9ff9d594542ad2d100773445f4e0c9e0931d320ca29b03159f8bf5e7f88d26413cf53b38205e1a6ba35b8c7d7b8ed4bdd99735cd776dc72f1fbb9465a1c5258b271e77701bb0324899654b9e822ac7a98e0f5f53bda402166976ef14adf47001835b9a4efe57b81bc66ed97a74e2b876cb792ec8177e5db9c8139fecba47df448d6cd590457116001303663e48f56473c687038320f6f5caacaad91d2d10cd8dff6497c160745b40cebef3c051b5b621715edcc6513617bf8717c78471bf6489a5363c79f7c3e93e3d4ec9460f976684fdaec9341e643797aadc716778133e2da8655e317b53d26242d1ee24e9c021e10ad8fe8be7d521dd77b67c1f0892ab9ececa6c3a9f1ba94560460d6f318ae9375b0fc0283556fd2bef068153e2fb628785d05a0c0e0c67baf9aeff11049224d5b6ccadb906b0a15a33b8f3a91569678e7bbbe9407724cfeecfe0204f8f983482dbc82a80495cff37ea4a0a486444a37ad8dba4a580489ba4bd8f964a55534f75a9c5e08b4b8579d551e4164059a10e3b3bd5b85dd6c9b52a5ca4554845a4d6299084c2e14c225358ec1153c896161a8388f1b2d63a10c55da786583cc1e11983714f8f9ab68ccb616b952d1ef2adc1b2724530254db9f8e60ac885eafd54f04c4df11848f241952959b004f5b0f635ce924472c70f510cf25a257a75a4b7ca175024f476c5b3fd9499c37979657a002958da30ae680904bdc7b9e4510b86936696c964d3bb46518b20fc26126304ee25bcb6e7e0e2cb70b06cfee0b6f9711f26a990b99be4abad1e6cee0a2db27582ad28ae7cc862c3ed59dab2d2e3851267df98741d49908bed47f12037d19b7000d7a13b12706893a4dcade7d1987538ffb8c1973e7d6898e763bc8d8f18da61aa3cc9702e97b3f37f7b987061564ebcb72aa13316785121504ed01d3006915f04fcf54c3794ce7d479356654cf04d7be1e64035cc064f7d2c5f1e6ca32c2aedc78781e90e2c10acddff5346b4041f9181def7bde506cdaec3011ebd69553b845ac56149360bc80ac0e18ce5a1ee3a7f0676118988384ac6be53d816fd84e7652b8d844d3a6322175b3ceba1726816e2c9693bbd78e HTTP 302
https://redir.blowingwind.xyz/feed/click/?t1=128&tid=88&uid=59&subid=760_ylu.us&id=59a673fc1e60278623154ab788b4f5da:140754de24b8ff3c2f2a8fe5462fbfb60aa1da9b8ad7252793d24d73bbf1fa99073013cbc67eb1a20a1d2ffbbd3586c51a57ee7a62d594ca4e81dcb9033d59a56ba54ad2debf0451891c959c64e74ceba6f946ef684948b8744893cc19bd270c8fc3d5f99110cf61ab4c62f27ffb15f675baf10a97fde0bfd5471e99b3a349e849a2efadb840663a54ac2564eee65ab51db8ee2ebce9f0e7239381110346e7b7cfa9147925f1a0cfbcd9d274510aec3b8304bcdfba4ee17471f7d4cfea376bb7880c6bdff7c6b33f6c7603bb6fc8ca91bad6c6c2bc7bc75eeb10e368dc948ca26ae2477ab235bab9207c6d797afbdbbd27cf87890ddb266743c379b2e2037adbbbcb56a7b06d39073f49b8c6b38152ddc06bd56767efeda0ede791681d12c294c55e00018a71aea47b781e727671c7d0faeb6271d4f842d43b9b033b22382474fc41773217f3ab0d2473c617e3c45f5271e15d590af3aa8f0f5a83b4f7896f043412de4042f88430c87e4d9ad8c15508e71e9b1157c64134df1cfe263d5a3bdada93908fcae4fde69499b627e49c0da26c8267ed4fdd4c5bab5a52befc5e999e5d1b67faa0f79e07ef20d08d2dc78a5f HTTP 302
http://ganda-ljo.com/zclkvisitor/8c04f992-015c-11ef-969b-128236698229/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=f2ebb7a0-894f-11ee-9fde-123af5e664ff HTTP 307
https://ganda-ljo.com/zclkvisitor/8c04f992-015c-11ef-969b-128236698229/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=f2ebb7a0-894f-11ee-9fde-123af5e664ff Page URL
https://ganda-ljo.com/zclkredirect?visitid=8c04f992-015c-11ef-969b-128236698229&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu Page URL
https://wpsafeguardinfo.com/mc-test/0d1cebd36d547554fd8c7cce540454ce/index.php?utm_source=84&utm_campaign=16116768&cid=zr8c04f992015c11ef969b1282366982293f94e1b9d929407ab080223a1054e62408161099f8588e2d13&dom=zinnober-hippopotamuses_kilo-alt-k6ren3r5r9_&s=0.024000 HTTP 302
https://mytecads.com/yB-zT_LKuFxEiLbIbOmLAJB1lVRJe24bz-SibUp6Ut8/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://smtpauth.ylu.us/ HTTP 302
http://ww99.ylu.us/ HTTP 307
https://ww99.ylu.us/ HTTP 307
http://ww99.ylu.us/

Request Chain 6

http://www.clktoro.com/feed/click/?t1=128&tid=760&uid=192&subid=ylu.us&id=2cf5b0342019d97cbb1f990dc3a9b41c:48f6f470a6d6bace1eb5cf017578c1095505a60c516b9cbbafd2ad719d75bb3ea58642368c29beabb85b0734e638d7d574bf378868cd771fbf171e030d8a7443f3df7f074ad54a8be123f1dc6162c3bea7afa7165bf890a7b2372579711b1846a2fc0fc442140c4406b82f0c7652dfbbd085118db5c0464f5fd5af002d818f16655f1ab3640beb2dc76483b9189e24ba9111b65befb73f1d4d5ba79e6d4efde60356e89c6994fd4aec7c6296824f24d40eb8d80a081aae56488f75d90ef8136facd42d4a75ade09dce3a53cc567e10d2f1aebd57340aa374327623131f17b7fed23491b0e9eee153742e60e4a57a9cbb5c2c662103b51c7705199a514bbf9cc9fbbd8899eba7e33489e89e07e164c0ce0ee877bca597ef59a2ae5435a679c714512a1128498c03011a780a823fe17a362fbdab45ecaa75fee0a87e1869c1ae6617abfe9bfd79d01f2515871f77b4655f85afa87afd4799fb03ce8de3720c5d1349c2673415234341ffdffb88809cec95456dc041b5c69f746990850cbeef45462f37c6bf1d6e43665e013d404c00e89ffa978ced9a9084e72984a6978bcf0714ac2889861248f0b6c69f1218f6b363e256d1abe08315cf4e1774141138ae1f2c8157c173c074832f531c6ff13771b9d0f27a6ab5ca45c49878218d21f9ff9d594542ad2d100773445f4e0c9e0931d320ca29b03159f8bf5e7f88d26413cf53b38205e1a6ba35b8c7d7b8ed4bdd99735cd776dc72f1fbb9465a1c5258b271e77701bb0324899654b9e822ac7a98e0f5f53bda402166976ef14adf47001835b9a4efe57b81bc66ed97a74e2b876cb792ec8177e5db9c8139fecba47df448d6cd590457116001303663e48f56473c687038320f6f5caacaad91d2d10cd8dff6497c160745b40cebef3c051b5b621715edcc6513617bf8717c78471bf6489a5363c79f7c3e93e3d4ec9460f976684fdaec9341e643797aadc716778133e2da8655e317b53d26242d1ee24e9c021e10ad8fe8be7d521dd77b67c1f0892ab9ececa6c3a9f1ba94560460d6f318ae9375b0fc0283556fd2bef068153e2fb628785d05a0c0e0c67baf9aeff11049224d5b6ccadb906b0a15a33b8f3a91569678e7bbbe9407724cfeecfe0204f8f983482dbc82a80495cff37ea4a0a486444a37ad8dba4a580489ba4bd8f964a55534f75a9c5e08b4b8579d551e4164059a10e3b3bd5b85dd6c9b52a5ca4554845a4d6299084c2e14c225358ec1153c896161a8388f1b2d63a10c55da786583cc1e11983714f8f9ab68ccb616b952d1ef2adc1b2724530254db9f8e60ac885eafd54f04c4df11848f241952959b004f5b0f635ce924472c70f510cf25a257a75a4b7ca175024f476c5b3fd9499c37979657a002958da30ae680904bdc7b9e4510b86936696c964d3bb46518b20fc26126304ee25bcb6e7e0e2cb70b06cfee0b6f9711f26a990b99be4abad1e6cee0a2db27582ad28ae7cc862c3ed59dab2d2e3851267df98741d49908bed47f12037d19b7000d7a13b12706893a4dcade7d1987538ffb8c1973e7d6898e763bc8d8f18da61aa3cc9702e97b3f37f7b987061564ebcb72aa13316785121504ed01d3006915f04fcf54c3794ce7d479356654cf04d7be1e64035cc064f7d2c5f1e6ca32c2aedc78781e90e2c10acddff5346b4041f9181def7bde506cdaec3011ebd69553b845ac56149360bc80ac0e18ce5a1ee3a7f0676118988384ac6be53d816fd84e7652b8d844d3a6322175b3ceba1726816e2c9693bbd78e HTTP 307
https://www.clktoro.com/feed/click/?t1=128&tid=760&uid=192&subid=ylu.us&id=2cf5b0342019d97cbb1f990dc3a9b41c:48f6f470a6d6bace1eb5cf017578c1095505a60c516b9cbbafd2ad719d75bb3ea58642368c29beabb85b0734e638d7d574bf378868cd771fbf171e030d8a7443f3df7f074ad54a8be123f1dc6162c3bea7afa7165bf890a7b2372579711b1846a2fc0fc442140c4406b82f0c7652dfbbd085118db5c0464f5fd5af002d818f16655f1ab3640beb2dc76483b9189e24ba9111b65befb73f1d4d5ba79e6d4efde60356e89c6994fd4aec7c6296824f24d40eb8d80a081aae56488f75d90ef8136facd42d4a75ade09dce3a53cc567e10d2f1aebd57340aa374327623131f17b7fed23491b0e9eee153742e60e4a57a9cbb5c2c662103b51c7705199a514bbf9cc9fbbd8899eba7e33489e89e07e164c0ce0ee877bca597ef59a2ae5435a679c714512a1128498c03011a780a823fe17a362fbdab45ecaa75fee0a87e1869c1ae6617abfe9bfd79d01f2515871f77b4655f85afa87afd4799fb03ce8de3720c5d1349c2673415234341ffdffb88809cec95456dc041b5c69f746990850cbeef45462f37c6bf1d6e43665e013d404c00e89ffa978ced9a9084e72984a6978bcf0714ac2889861248f0b6c69f1218f6b363e256d1abe08315cf4e1774141138ae1f2c8157c173c074832f531c6ff13771b9d0f27a6ab5ca45c49878218d21f9ff9d594542ad2d100773445f4e0c9e0931d320ca29b03159f8bf5e7f88d26413cf53b38205e1a6ba35b8c7d7b8ed4bdd99735cd776dc72f1fbb9465a1c5258b271e77701bb0324899654b9e822ac7a98e0f5f53bda402166976ef14adf47001835b9a4efe57b81bc66ed97a74e2b876cb792ec8177e5db9c8139fecba47df448d6cd590457116001303663e48f56473c687038320f6f5caacaad91d2d10cd8dff6497c160745b40cebef3c051b5b621715edcc6513617bf8717c78471bf6489a5363c79f7c3e93e3d4ec9460f976684fdaec9341e643797aadc716778133e2da8655e317b53d26242d1ee24e9c021e10ad8fe8be7d521dd77b67c1f0892ab9ececa6c3a9f1ba94560460d6f318ae9375b0fc0283556fd2bef068153e2fb628785d05a0c0e0c67baf9aeff11049224d5b6ccadb906b0a15a33b8f3a91569678e7bbbe9407724cfeecfe0204f8f983482dbc82a80495cff37ea4a0a486444a37ad8dba4a580489ba4bd8f964a55534f75a9c5e08b4b8579d551e4164059a10e3b3bd5b85dd6c9b52a5ca4554845a4d6299084c2e14c225358ec1153c896161a8388f1b2d63a10c55da786583cc1e11983714f8f9ab68ccb616b952d1ef2adc1b2724530254db9f8e60ac885eafd54f04c4df11848f241952959b004f5b0f635ce924472c70f510cf25a257a75a4b7ca175024f476c5b3fd9499c37979657a002958da30ae680904bdc7b9e4510b86936696c964d3bb46518b20fc26126304ee25bcb6e7e0e2cb70b06cfee0b6f9711f26a990b99be4abad1e6cee0a2db27582ad28ae7cc862c3ed59dab2d2e3851267df98741d49908bed47f12037d19b7000d7a13b12706893a4dcade7d1987538ffb8c1973e7d6898e763bc8d8f18da61aa3cc9702e97b3f37f7b987061564ebcb72aa13316785121504ed01d3006915f04fcf54c3794ce7d479356654cf04d7be1e64035cc064f7d2c5f1e6ca32c2aedc78781e90e2c10acddff5346b4041f9181def7bde506cdaec3011ebd69553b845ac56149360bc80ac0e18ce5a1ee3a7f0676118988384ac6be53d816fd84e7652b8d844d3a6322175b3ceba1726816e2c9693bbd78e HTTP 302
https://redir.blowingwind.xyz/feed/click/?t1=128&tid=88&uid=59&subid=760_ylu.us&id=59a673fc1e60278623154ab788b4f5da:140754de24b8ff3c2f2a8fe5462fbfb60aa1da9b8ad7252793d24d73bbf1fa99073013cbc67eb1a20a1d2ffbbd3586c51a57ee7a62d594ca4e81dcb9033d59a56ba54ad2debf0451891c959c64e74ceba6f946ef684948b8744893cc19bd270c8fc3d5f99110cf61ab4c62f27ffb15f675baf10a97fde0bfd5471e99b3a349e849a2efadb840663a54ac2564eee65ab51db8ee2ebce9f0e7239381110346e7b7cfa9147925f1a0cfbcd9d274510aec3b8304bcdfba4ee17471f7d4cfea376bb7880c6bdff7c6b33f6c7603bb6fc8ca91bad6c6c2bc7bc75eeb10e368dc948ca26ae2477ab235bab9207c6d797afbdbbd27cf87890ddb266743c379b2e2037adbbbcb56a7b06d39073f49b8c6b38152ddc06bd56767efeda0ede791681d12c294c55e00018a71aea47b781e727671c7d0faeb6271d4f842d43b9b033b22382474fc41773217f3ab0d2473c617e3c45f5271e15d590af3aa8f0f5a83b4f7896f043412de4042f88430c87e4d9ad8c15508e71e9b1157c64134df1cfe263d5a3bdada93908fcae4fde69499b627e49c0da26c8267ed4fdd4c5bab5a52befc5e999e5d1b67faa0f79e07ef20d08d2dc78a5f HTTP 302
http://ganda-ljo.com/zclkvisitor/8c04f992-015c-11ef-969b-128236698229/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=f2ebb7a0-894f-11ee-9fde-123af5e664ff HTTP 307
https://ganda-ljo.com/zclkvisitor/8c04f992-015c-11ef-969b-128236698229/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=f2ebb7a0-894f-11ee-9fde-123af5e664ff

11 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
smtpauth.ylu.us/ 3 KB
3 KB 170ms
59ms Document
text/html 54.157.24.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://smtpauth.ylu.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.24.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-24-8.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 697a60a5acbead5bf1a911bede22e2a465beb09be4c61ebb18c57d71d36c4f0b

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: no-store, max-age=0
content-type: text/html
date: Tue, 23 Apr 2024 10:30:44 GMT
server: openresty

GET favicon.ico
smtpauth.ylu.us/ 0
0

GET
H2 200 .IGV0hOcNusVJOgqoD1HuWTk0PssdueKB
smtpauth.ylu.us/ 140 B
293 B 44ms
43ms Document
text/html 54.157.24.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://smtpauth.ylu.us/.IGV0hOcNusVJOgqoD1HuWTk0PssdueKB
Requested by: Host: smtpauth.ylu.us
URL: https://smtpauth.ylu.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.24.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-24-8.compute-1.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://smtpauth.ylu.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"
sec-ch-ua-platform-version: "10.0.0"

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: no-store, max-age=0
content-type: text/html
date: Tue, 23 Apr 2024 10:30:44 GMT
server: openresty

GET
H/1.1

200
OK

/
ww99.ylu.us/
Redirect Chain

https://smtpauth.ylu.us/
http://ww99.ylu.us/
https://ww99.ylu.us/
http://ww99.ylu.us/

8 KB
9 KB

493ms
486ms

Document
text/html

72.52.179.174
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://ww99.ylu.us/
Protocol: HTTP/1.1
Server: 72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb01.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"
sec-ch-ua-platform-version: "10.0.0"

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Apr 2024 10:30:46 GMT
Keep-Alive: timeout=5, max=98
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16

Redirect headers

Location: http://ww99.ylu.us/
Non-Authoritative-Reason: HttpsUpgrades

GET favicon.ico
smtpauth.ylu.us/ 0
0

GET
H/1.1 200
OK bouncy.php
ww99.ylu.us/page/ 8 KB
9 KB 91ms
90ms Document
text/html 72.52.179.174
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://ww99.ylu.us/page/bouncy.php?&bpae=GbhGcb0GBdVmj3NViuQHAvAyRTssaODAp1S2SqknJ8r6lJfHenk9t89OeFAs%2BEFi%2BPsbHATdwTvrYZ2i1WfbDMEa4c6hwMq73tDalrSLjoCdZmLt%2B1bcXo4MT%2Fck8baDBfyYHtiBgZ%2B8dxTnw3VPG3yFlNfV4%2BLhjqirrMAKkCe2vP%2Fe0MbRXl8E3P%2B6zUiGzp2OnRPFulTdvqWPwh1aijFdS9NrCJTfOw2NorKSuJn%2FEk8fg0Yx7yP4dNH%2B%2BxaD39HqVMOkaCWXbN8C48%2F21q8uru78OEYEIrcuXZ90D6O8iPhr7ac9w48f0vH1BkY5%2B1OgK3KH596t1VSAte7mb%2FayzK0NHwEr5f2PMqWP2O%2BM%2BgZW9PVFVM%2FzNnQw%2Bu53O6urJHYNk1dUv5R3jg%2FG0g9VvH%2BtRB0RXS1QhqZ405UGl1gzFkMIYzD98x%2B5IYFhYOM9oRTFklCyWHEHUm9xS9u%2Fucgo2Gx41xWvq0nJ2uJNueBdvPq9R%2BbZPtxYkfGkaVm7oGKeKFYkbXcP8glC2YZ95pHpL%2BPgGkLRWRi%2B86ZWiAVNlHky9LJicwjsHTzD5OOZI%2FNjbl5EHbxIdbaeXhjghztmw%2F9R97%2FhMcQo1leUzTCux0Oxw1qp7pS3enmE9BTcLbtu3gs4NqBbf35gi7RkdaSn7O5Ub5f%2Ff9gO7ipLVIpOeAagdVIE2KR6Ok038Foopq3aijmvAvpM1XhFYSy5clnsn2RYUueHn9Wn3NBEkTn%2B88ZtcB80FnmarGuSrkzyW4AlwORXZHfwTYNzBJP2OBOTzJb%2BWJCwwCYqPCI%2FonpEQqOXfwFhCwEY1CUh6ZkLAhaUxfFFc3Ezce8jCTO63j3mNFHT5x3zMhHgBRJw5liMc9h43U513hapQnvXKwlvSSLWrzGFaZ1gtZs2k9vKUfMVNLcuApkL3GVj8h38HkKh40jsG%2F%2F6HQpZ1t8gQnHFUiP3XxaIQmzvIzCXInc3GkZ2rXh4oxPL1mwHUJhpm4jd8%2FXkjCiirkasUKIoLEQCV4U84ezxov2lKJw7mVjzRTJhhItS%2FLjX1YvpCaFU85mqMQ6CCbfZ9DdQqSSvRzn6Z3VZC1c%2FkmHbFJP%2FJgp12k0FS8tlzm9fD75%2BM%2BKa6mqA%2F9Ij5VIqlpLp3690xQnrLEC9UTgKsWPVsA7KqNENTtfLTJRH30kcETZ2uDtyPMM5iWDOjCa0HQXGQFlTf2hH9wkheT17MHe%2FduTSiuFD4SBn8kcaNgJrxy0CZQa3yLO1ejLFpnMMj35kmDzhKfkybbO7qRCK1k30b9HzSIZqaZEi6DssFM49IFdCMnpteN9jKqGJPSJuWVMSb0sUPeATpyyJtCf6qY8NrLVTqeMHOZBXV6P26YUg0%2F2EcBypOnvv%2BoWHCWNeiSQtTZY4rTQghKgfGtXuaITrwP00G4RqSgr%2FwvpJY4f9gkQqghaF50mCg2c1H6W1ncR5tgfNvD9PgspxzODtnqQRzmvNRFb4EkIqCj1GOJ1xzwnj%2Fz7HxJJEWhaf9RHUbOMB4eOuIU02jXUUebLm8lSLz2MuEvllVUNn7SaW53KuT06B5g7bLalrboBWBZC8tSs4XJcseQ6Z0T4fc8BN%2BS%2BSrMa4%2FTkryk9RLSajAsXrg9BCClInSZhx62%2Bbm2PZvMSaBTy75T3CH7ztaseTiIpY9PZ1CD3yQOa3LDa6%2FfngFedNQsLbOKeAYTUHAG3wfGRjeYksDK7PIak2IkzZgziawvOomjc%2FsOU4s312XgWIfbTvZHc0GxSYrZnCKJ6kaG1XCf53WLnP55ipo38ywGFf7Dow75KCxwF1ebnr1Wc2TPBYQokpWk7UjHwtToB5jPiC93SLtCLf5GTNSIctP77apagJejHptWTen63HhsqiOp2mubD3x0NHw3z4uYc2sAKUCr5IVClQHstpEqhfwo21wTvNyk3km2s74zpGO4wo%2FRu6q8ZtyHwH0Rt8Ou%2F%2Fhths1suIBLX%2BmOEoKjBUlIGWpaDJkZ5nSIV2GGDDO3f508h%2B%2ByADFgxhtVMLfpkasERUzFZxFmH%2BMxI2JjyINYan4yddBXJ3JUgX%2F4uUr7HvOjDwVNLmvWkNCnAmL8rD%2FW6GRaJCWyoHSDB5ZFdFRUrTRhEzA0V4r%2BZgPaAIz2w5MQsknWoIZk8d3D5BQhqQbamrNxp0EJx8S0%2BI1%2BE4gome3DPsa1CCVYLvXWitfvf1xbEZHBSEEjtEIdG7sShF%2Fl2WlQmq1H%2FOB9vdsl5AaBbtE123GtDe4U7dzd6gZFTfEZuE7T5b8Kbgja%2BbhwAcVVWhMWCsYQkf28iNgoS1%2FmIGBhpPI5JyrcVeQZ%2FAnFEep%2BxA0EQ4zKKpuoWByo%2B0mM2oz6Iu3tq4e85gdnJZ43R32yl7%2FY2H3gTf32nX7hQXCBwX%2BdHUI434xgAtJeD0wKPe9QacRTZ5yxU3GTvI9c%2FSLhzsdX7bO1ablM4TaCe5C2A%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by: Host: ww99.ylu.us
URL: http://ww99.ylu.us/
Protocol: HTTP/1.1
Server: 72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb01.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: http://ww99.ylu.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Apr 2024 10:30:47 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16

GET
H2

200

cfcdab84-dabd-11ed-962d-0ad412f815c1 Show response
ganda-ljo.com/zclkvisitor/8c04f992-015c-11ef-969b-128236698229/
Redirect Chain

http://www.clktoro.com/feed/click/?t1=128&tid=760&uid=192&subid=ylu.us&id=2cf5b0342019d97cbb1f990dc3a9b41c:48f6f470a6d6bace1eb5cf017578c1095505a60c516b9cbbafd2ad719d75bb3ea58642368c29beabb85b0734e6...
https://www.clktoro.com/feed/click/?t1=128&tid=760&uid=192&subid=ylu.us&id=2cf5b0342019d97cbb1f990dc3a9b41c:48f6f470a6d6bace1eb5cf017578c1095505a60c516b9cbbafd2ad719d75bb3ea58642368c29beabb85b0734e...
https://redir.blowingwind.xyz/feed/click/?t1=128&tid=88&uid=59&subid=760_ylu.us&id=59a673fc1e60278623154ab788b4f5da:140754de24b8ff3c2f2a8fe5462fbfb60aa1da9b8ad7252793d24d73bbf1fa99073013cbc67eb1a20...
http://ganda-ljo.com/zclkvisitor/8c04f992-015c-11ef-969b-128236698229/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=f2ebb7a0-894f-11ee-9fde-123af5e664ff
https://ganda-ljo.com/zclkvisitor/8c04f992-015c-11ef-969b-128236698229/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=f2ebb7a0-894f-11ee-9fde-123af5e664ff

3 KB
3 KB

173ms
52ms

Document
text/html

3.226.123.196

General

Check archive.org

Show headers Download Go to

Full URL

https://ganda-ljo.com/zclkvisitor/8c04f992-015c-11ef-969b-128236698229/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=f2ebb7a0-894f-11ee-9fde-123af5e664ff

Requested by

Host: ww99.ylu.us
URL: http://ww99.ylu.us/page/bouncy.php?&bpae=GbhGcb0GBdVmj3NViuQHAvAyRTssaODAp1S2SqknJ8r6lJfHenk9t89OeFAs%2BEFi%2BPsbHATdwTvrYZ2i1WfbDMEa4c6hwMq73tDalrSLjoCdZmLt%2B1bcXo4MT%2Fck8baDBfyYHtiBgZ%2B8dxTnw3VPG3yFlNfV4%2BLhjqirrMAKkCe2vP%2Fe0MbRXl8E3P%2B6zUiGzp2OnRPFulTdvqWPwh1aijFdS9NrCJTfOw2NorKSuJn%2FEk8fg0Yx7yP4dNH%2B%2BxaD39HqVMOkaCWXbN8C48%2F21q8uru78OEYEIrcuXZ90D6O8iPhr7ac9w48f0vH1BkY5%2B1OgK3KH596t1VSAte7mb%2FayzK0NHwEr5f2PMqWP2O%2BM%2BgZW9PVFVM%2FzNnQw%2Bu53O6urJHYNk1dUv5R3jg%2FG0g9VvH%2BtRB0RXS1QhqZ405UGl1gzFkMIYzD98x%2B5IYFhYOM9oRTFklCyWHEHUm9xS9u%2Fucgo2Gx41xWvq0nJ2uJNueBdvPq9R%2BbZPtxYkfGkaVm7oGKeKFYkbXcP8glC2YZ95pHpL%2BPgGkLRWRi%2B86ZWiAVNlHky9LJicwjsHTzD5OOZI%2FNjbl5EHbxIdbaeXhjghztmw%2F9R97%2FhMcQo1leUzTCux0Oxw1qp7pS3enmE9BTcLbtu3gs4NqBbf35gi7RkdaSn7O5Ub5f%2Ff9gO7ipLVIpOeAagdVIE2KR6Ok038Foopq3aijmvAvpM1XhFYSy5clnsn2RYUueHn9Wn3NBEkTn%2B88ZtcB80FnmarGuSrkzyW4AlwORXZHfwTYNzBJP2OBOTzJb%2BWJCwwCYqPCI%2FonpEQqOXfwFhCwEY1CUh6ZkLAhaUxfFFc3Ezce8jCTO63j3mNFHT5x3zMhHgBRJw5liMc9h43U513hapQnvXKwlvSSLWrzGFaZ1gtZs2k9vKUfMVNLcuApkL3GVj8h38HkKh40jsG%2F%2F6HQpZ1t8gQnHFUiP3XxaIQmzvIzCXInc3GkZ2rXh4oxPL1mwHUJhpm4jd8%2FXkjCiirkasUKIoLEQCV4U84ezxov2lKJw7mVjzRTJhhItS%2FLjX1YvpCaFU85mqMQ6CCbfZ9DdQqSSvRzn6Z3VZC1c%2FkmHbFJP%2FJgp12k0FS8tlzm9fD75%2BM%2BKa6mqA%2F9Ij5VIqlpLp3690xQnrLEC9UTgKsWPVsA7KqNENTtfLTJRH30kcETZ2uDtyPMM5iWDOjCa0HQXGQFlTf2hH9wkheT17MHe%2FduTSiuFD4SBn8kcaNgJrxy0CZQa3yLO1ejLFpnMMj35kmDzhKfkybbO7qRCK1k30b9HzSIZqaZEi6DssFM49IFdCMnpteN9jKqGJPSJuWVMSb0sUPeATpyyJtCf6qY8NrLVTqeMHOZBXV6P26YUg0%2F2EcBypOnvv%2BoWHCWNeiSQtTZY4rTQghKgfGtXuaITrwP00G4RqSgr%2FwvpJY4f9gkQqghaF50mCg2c1H6W1ncR5tgfNvD9PgspxzODtnqQRzmvNRFb4EkIqCj1GOJ1xzwnj%2Fz7HxJJEWhaf9RHUbOMB4eOuIU02jXUUebLm8lSLz2MuEvllVUNn7SaW53KuT06B5g7bLalrboBWBZC8tSs4XJcseQ6Z0T4fc8BN%2BS%2BSrMa4%2FTkryk9RLSajAsXrg9BCClInSZhx62%2Bbm2PZvMSaBTy75T3CH7ztaseTiIpY9PZ1CD3yQOa3LDa6%2FfngFedNQsLbOKeAYTUHAG3wfGRjeYksDK7PIak2IkzZgziawvOomjc%2FsOU4s312XgWIfbTvZHc0GxSYrZnCKJ6kaG1XCf53WLnP55ipo38ywGFf7Dow75KCxwF1ebnr1Wc2TPBYQokpWk7UjHwtToB5jPiC93SLtCLf5GTNSIctP77apagJejHptWTen63HhsqiOp2mubD3x0NHw3z4uYc2sAKUCr5IVClQHstpEqhfwo21wTvNyk3km2s74zpGO4wo%2FRu6q8ZtyHwH0Rt8Ou%2F%2Fhths1suIBLX%2BmOEoKjBUlIGWpaDJkZ5nSIV2GGDDO3f508h%2B%2ByADFgxhtVMLfpkasERUzFZxFmH%2BMxI2JjyINYan4yddBXJ3JUgX%2F4uUr7HvOjDwVNLmvWkNCnAmL8rD%2FW6GRaJCWyoHSDB5ZFdFRUrTRhEzA0V4r%2BZgPaAIz2w5MQsknWoIZk8d3D5BQhqQbamrNxp0EJx8S0%2BI1%2BE4gome3DPsa1CCVYLvXWitfvf1xbEZHBSEEjtEIdG7sShF%2Fl2WlQmq1H%2FOB9vdsl5AaBbtE123GtDe4U7dzd6gZFTfEZuE7T5b8Kbgja%2BbhwAcVVWhMWCsYQkf28iNgoS1%2FmIGBhpPI5JyrcVeQZ%2FAnFEep%2BxA0EQ4zKKpuoWByo%2B0mM2oz6Iu3tq4e85gdnJZ43R32yl7%2FY2H3gTf32nX7hQXCBwX%2BdHUI434xgAtJeD0wKPe9QacRTZ5yxU3GTvI9c%2FSLhzsdX7bO1ablM4TaCe5C2A%3D&redirectType=js&inIframe=false&inPopUp=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.226.123.196 -, , ASN (),

Reverse DNS

Software

Resource Hash

89edf909dd030757a1c8611e5631ce96b53d33be0ce70f661c28b483d2e82cce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: http://ww99.ylu.us/page/bouncy.php?&bpae=GbhGcb0GBdVmj3NViuQHAvAyRTssaODAp1S2SqknJ8r6lJfHenk9t89OeFAs%2BEFi%2BPsbHATdwTvrYZ2i1WfbDMEa4c6hwMq73tDalrSLjoCdZmLt%2B1bcXo4MT%2Fck8baDBfyYHtiBgZ%2B8dxTnw3VPG3yFlNfV4%2BLhjqirrMAKkCe2vP%2Fe0MbRXl8E3P%2B6zUiGzp2OnRPFulTdvqWPwh1aijFdS9NrCJTfOw2NorKSuJn%2FEk8fg0Yx7yP4dNH%2B%2BxaD39HqVMOkaCWXbN8C48%2F21q8uru78OEYEIrcuXZ90D6O8iPhr7ac9w48f0vH1BkY5%2B1OgK3KH596t1VSAte7mb%2FayzK0NHwEr5f2PMqWP2O%2BM%2BgZW9PVFVM%2FzNnQw%2Bu53O6urJHYNk1dUv5R3jg%2FG0g9VvH%2BtRB0RXS1QhqZ405UGl1gzFkMIYzD98x%2B5IYFhYOM9oRTFklCyWHEHUm9xS9u%2Fucgo2Gx41xWvq0nJ2uJNueBdvPq9R%2BbZPtxYkfGkaVm7oGKeKFYkbXcP8glC2YZ95pHpL%2BPgGkLRWRi%2B86ZWiAVNlHky9LJicwjsHTzD5OOZI%2FNjbl5EHbxIdbaeXhjghztmw%2F9R97%2FhMcQo1leUzTCux0Oxw1qp7pS3enmE9BTcLbtu3gs4NqBbf35gi7RkdaSn7O5Ub5f%2Ff9gO7ipLVIpOeAagdVIE2KR6Ok038Foopq3aijmvAvpM1XhFYSy5clnsn2RYUueHn9Wn3NBEkTn%2B88ZtcB80FnmarGuSrkzyW4AlwORXZHfwTYNzBJP2OBOTzJb%2BWJCwwCYqPCI%2FonpEQqOXfwFhCwEY1CUh6ZkLAhaUxfFFc3Ezce8jCTO63j3mNFHT5x3zMhHgBRJw5liMc9h43U513hapQnvXKwlvSSLWrzGFaZ1gtZs2k9vKUfMVNLcuApkL3GVj8h38HkKh40jsG%2F%2F6HQpZ1t8gQnHFUiP3XxaIQmzvIzCXInc3GkZ2rXh4oxPL1mwHUJhpm4jd8%2FXkjCiirkasUKIoLEQCV4U84ezxov2lKJw7mVjzRTJhhItS%2FLjX1YvpCaFU85mqMQ6CCbfZ9DdQqSSvRzn6Z3VZC1c%2FkmHbFJP%2FJgp12k0FS8tlzm9fD75%2BM%2BKa6mqA%2F9Ij5VIqlpLp3690xQnrLEC9UTgKsWPVsA7KqNENTtfLTJRH30kcETZ2uDtyPMM5iWDOjCa0HQXGQFlTf2hH9wkheT17MHe%2FduTSiuFD4SBn8kcaNgJrxy0CZQa3yLO1ejLFpnMMj35kmDzhKfkybbO7qRCK1k30b9HzSIZqaZEi6DssFM49IFdCMnpteN9jKqGJPSJuWVMSb0sUPeATpyyJtCf6qY8NrLVTqeMHOZBXV6P26YUg0%2F2EcBypOnvv%2BoWHCWNeiSQtTZY4rTQghKgfGtXuaITrwP00G4RqSgr%2FwvpJY4f9gkQqghaF50mCg2c1H6W1ncR5tgfNvD9PgspxzODtnqQRzmvNRFb4EkIqCj1GOJ1xzwnj%2Fz7HxJJEWhaf9RHUbOMB4eOuIU02jXUUebLm8lSLz2MuEvllVUNn7SaW53KuT06B5g7bLalrboBWBZC8tSs4XJcseQ6Z0T4fc8BN%2BS%2BSrMa4%2FTkryk9RLSajAsXrg9BCClInSZhx62%2Bbm2PZvMSaBTy75T3CH7ztaseTiIpY9PZ1CD3yQOa3LDa6%2FfngFedNQsLbOKeAYTUHAG3wfGRjeYksDK7PIak2IkzZgziawvOomjc%2FsOU4s312XgWIfbTvZHc0GxSYrZnCKJ6kaG1XCf53WLnP55ipo38ywGFf7Dow75KCxwF1ebnr1Wc2TPBYQokpWk7UjHwtToB5jPiC93SLtCLf5GTNSIctP77apagJejHptWTen63HhsqiOp2mubD3x0NHw3z4uYc2sAKUCr5IVClQHstpEqhfwo21wTvNyk3km2s74zpGO4wo%2FRu6q8ZtyHwH0Rt8Ou%2F%2Fhths1suIBLX%2BmOEoKjBUlIGWpaDJkZ5nSIV2GGDDO3f508h%2B%2ByADFgxhtVMLfpkasERUzFZxFmH%2BMxI2JjyINYan4yddBXJ3JUgX%2F4uUr7HvOjDwVNLmvWkNCnAmL8rD%2FW6GRaJCWyoHSDB5ZFdFRUrTRhEzA0V4r%2BZgPaAIz2w5MQsknWoIZk8d3D5BQhqQbamrNxp0EJx8S0%2BI1%2BE4gome3DPsa1CCVYLvXWitfvf1xbEZHBSEEjtEIdG7sShF%2Fl2WlQmq1H%2FOB9vdsl5AaBbtE123GtDe4U7dzd6gZFTfEZuE7T5b8Kbgja%2BbhwAcVVWhMWCsYQkf28iNgoS1%2FmIGBhpPI5JyrcVeQZ%2FAnFEep%2BxA0EQ4zKKpuoWByo%2B0mM2oz6Iu3tq4e85gdnJZ43R32yl7%2FY2H3gTf32nX7hQXCBwX%2BdHUI434xgAtJeD0wKPe9QacRTZ5yxU3GTvI9c%2FSLhzsdX7bO1ablM4TaCe5C2A%3D&redirectType=js&inIframe=false&inPopUp=false
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 2732
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Tue, 23 Apr 2024 10:30:48 GMT
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

Location: https://ganda-ljo.com/zclkvisitor/8c04f992-015c-11ef-969b-128236698229/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=f2ebb7a0-894f-11ee-9fde-123af5e664ff
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 zclkredirect
ganda-ljo.com/ 708 B
1 KB 36ms
35ms Document
text/html 3.226.123.196

General

Check archive.org

Show headers Download Go to

Full URL

https://ganda-ljo.com/zclkredirect?visitid=8c04f992-015c-11ef-969b-128236698229&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu

Requested by

Host: ganda-ljo.com
URL: https://ganda-ljo.com/zclkvisitor/8c04f992-015c-11ef-969b-128236698229/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=f2ebb7a0-894f-11ee-9fde-123af5e664ff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.226.123.196 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://ganda-ljo.com/zclkvisitor/8c04f992-015c-11ef-969b-128236698229/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=f2ebb7a0-894f-11ee-9fde-123af5e664ff
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 708
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Tue, 23 Apr 2024 10:30:48 GMT
redirected: JS
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'

GET
H3

200

Primary Request / Show response
mytecads.com/yB-zT_LKuFxEiLbIbOmLAJB1lVRJe24bz-SibUp6Ut8/
Redirect Chain

https://wpsafeguardinfo.com/mc-test/0d1cebd36d547554fd8c7cce540454ce/index.php?utm_source=84&utm_campaign=16116768&cid=zr8c04f992015c11ef969b1282366982293f94e1b9d929407ab080223a1054e62408161099f858...
https://mytecads.com/yB-zT_LKuFxEiLbIbOmLAJB1lVRJe24bz-SibUp6Ut8/

496 KB
347 KB

193ms
112ms

Document
text/html

2606:4700:3031::ac43:8b63

General

Check archive.org

Show headers Download Go to

Full URL: https://mytecads.com/yB-zT_LKuFxEiLbIbOmLAJB1lVRJe24bz-SibUp6Ut8/
Requested by: Host: ganda-ljo.com
URL: https://ganda-ljo.com/zclkredirect?visitid=8c04f992-015c-11ef-969b-128236698229&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8b63 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e9ae91cc7301ec3fc2f10125c1e2d64b14adcaa44287d85aa8c31c1a7f64f1d1

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://ganda-ljo.com/zclkredirect?visitid=8c04f992-015c-11ef-969b-128236698229&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 878d2e2a8a0b4333-EWR
content-encoding: br
content-type: text/html
date: Tue, 23 Apr 2024 10:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=St138K2Gp4gaZCZft1aBYTFktb1tJfNPv43KqOB4DZg258SaDepqDa6vj11qvElkpG42tyxKsD6tDuVBtJYiEH8q4WubxgexDyBmta60nws%2BaO2quzK7f6D0qYvmQHK%2BpgpB4WDmqFLD7qM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Apr 2024 10:30:48 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://mytecads.com/yB-zT_LKuFxEiLbIbOmLAJB1lVRJe24bz-SibUp6Ut8/
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H3 404 css.css
mytecads.com/yB-zT_LKuFxEiLbIbOmLAJB1lVRJe24bz-SibUp6Ut8/ 0
0 523ms
523ms Stylesheet
text/html 2606:4700:3031::ac43:8b63

General

Check archive.org

Show headers Download Go to

Full URL: https://mytecads.com/yB-zT_LKuFxEiLbIbOmLAJB1lVRJe24bz-SibUp6Ut8/css.css
Requested by: Host: mytecads.com
URL: https://mytecads.com/yB-zT_LKuFxEiLbIbOmLAJB1lVRJe24bz-SibUp6Ut8/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8b63 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform-version: "10.0.0"
Referer: https://mytecads.com/yB-zT_LKuFxEiLbIbOmLAJB1lVRJe24bz-SibUp6Ut8/
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 10:30:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 119
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J3QtZ9bv2ejmZu0KKpCp6%2B42hrMCrjJBLQfyH49cDwZpXiOrRkE%2F4mhICRKMTakW3ju0tfmXzJ4Nyh6ot%2BOASZKKDTAEoP9a0%2FyLM1wbl4VP3WUYFIRKb7C63OBueYl8az19YzwxlEo%2FGxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 878d2e2b5a5f4333-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 103ms
23ms Script
application/javascript 2a04:4e42:200::649

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: mytecads.com
URL: https://mytecads.com/yB-zT_LKuFxEiLbIbOmLAJB1lVRJe24bz-SibUp6Ut8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mytecads.com/
Origin: https://mytecads.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 10:30:49 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 19067642
x-cache: HIT, HIT
content-length: 33738
x-served-by: cache-lga21956-LGA, cache-ewr18166-EWR
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1713868249.473327,VS0,VE0
etag: W/"28feccc0-17b8b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 197, 35049

GET
DATA 200
OK truncated
/ 336 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0360bb82092eeb528726681cd696b0b676e367970d1560c68c8c624703da7b0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: smtpauth.ylu.us
URL: https://smtpauth.ylu.us/favicon.ico

Domain: smtpauth.ylu.us
URL: https://smtpauth.ylu.us/favicon.ico

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			smtpauth.ylu.us/	1970-01-20 20:04:28	Name: m6RW96QaECHb2mXiRi7YQBqlkYuoZc7A Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://smtpauth.ylu.us/favicon.ico Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://smtpauth.ylu.us/favicon.ico Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://mytecads.com/yB-zT_LKuFxEiLbIbOmLAJB1lVRJe24bz-SibUp6Ut8/css.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
ganda-ljo.com
mytecads.com
redir.blowingwind.xyz
smtpauth.ylu.us
wpsafeguardinfo.com
ww99.ylu.us
www.clktoro.com
smtpauth.ylu.us
142.93.240.225
198.211.113.186
2606:4700:3031::ac43:8b63
2a04:4e42:200::649
3.226.123.196
3.93.251.206
54.157.24.8
72.52.179.174
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
697a60a5acbead5bf1a911bede22e2a465beb09be4c61ebb18c57d71d36c4f0b
89edf909dd030757a1c8611e5631ce96b53d33be0ce70f661c28b483d2e82cce
e0360bb82092eeb528726681cd696b0b676e367970d1560c68c8c624703da7b0
e9ae91cc7301ec3fc2f10125c1e2d64b14adcaa44287d85aa8c31c1a7f64f1d1

mytecads.com Open in urlscan Pro 2606:4700:3031::ac43:8b63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

64 %HTTPS

25 %IPv6

7 Domains

8 Subdomains

6 IPs

1 Countries

405 kBTransfer

949 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

mytecads.com Open in urlscan Pro
2606:4700:3031::ac43:8b63 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

64 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

6
IPs

1
Countries

405 kB
Transfer

949 kB
Size

1
Cookies

11 HTTP transactions
1 data transactions