runprecisehighlyinfo-program.info

Summary

This website contacted 3 IPs in 1 countries across 7 domains to perform 5 HTTP transactions. The main IP is 50.17.153.178, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is runprecisehighlyinfo-program.info.
TLS certificate: Issued by R3 on October 22nd 2023. Valid for: 3 months.

This is the only time runprecisehighlyinfo-program.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	64.91.248.15 64.91.248.15	32244 (LIQUIDWEB) (LIQUIDWEB)
1 1	142.93.240.225 142.93.240.225	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	198.211.113.186 198.211.113.186	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	34.200.193.204 34.200.193.204	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.93.251.206 3.93.251.206	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700:303... 2606:4700:3037::6815:5c18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	50.17.153.178 50.17.153.178	14618 (AMAZON-AES) (AMAZON-AES)
5	3

2 64.91.248.15 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: crow.parklogic.com

gitlab.salinamontessori.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.240.225 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.toromclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.211.113.186 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

redir.blowingwind.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.193.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-193-204.compute-1.amazonaws.com

ganda-ljo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.93.251.206 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-251-206.compute-1.amazonaws.com

wsafeguardpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:5c18 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pro.finalice.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.17.153.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-153-178.compute-1.amazonaws.com

runprecisehighlyinfo-program.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	ganda-ljo.com ganda-ljo.com — Cisco Umbrella Rank: 968952	3 KB
2	salinamontessori.com gitlab.salinamontessori.com	18 KB
1	runprecisehighlyinfo-program.info runprecisehighlyinfo-program.info	700 B
1	finalice.net 1 redirects pro.finalice.net	509 B
1	wsafeguardpush.com 1 redirects wsafeguardpush.com	735 B
1	blowingwind.xyz 1 redirects redir.blowingwind.xyz — Cisco Umbrella Rank: 644283	481 B
1	toromclick.com 1 redirects www.toromclick.com — Cisco Umbrella Rank: 116218	1 KB
5	7

	Domain	Requested by
2	ganda-ljo.com	gitlab.salinamontessori.com ganda-ljo.com
2	gitlab.salinamontessori.com	gitlab.salinamontessori.com
1	runprecisehighlyinfo-program.info	ganda-ljo.com
1	pro.finalice.net	1 redirects
1	wsafeguardpush.com	1 redirects
1	redir.blowingwind.xyz	1 redirects
1	www.toromclick.com	1 redirects
5	7

This site contains no links.

Subject Issuer	Validity	Valid
runprecisehighlyinfo-program.info R3	`2023-10-22` - `2024-01-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://runprecisehighlyinfo-program.info/tvR7Zmuho4rVTjemDQp9zjXUBC7cwGmAOcn3vueruiI?cid=[CLICK_ID]&sid=[SUB_ID]
Frame ID: DB42A5D1794182DBD1FFF785866BE318
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 Not Found

Page URL History Show full URLs

http://gitlab.salinamontessori.com/ Page URL
http://gitlab.salinamontessori.com/page/bouncy.php?&bpae=GbhOsTkHP1V6tdshaD2TMiC1oB2DPDxuQjFv8i57rZKqDZTtcasaJ9... Page URL
http://www.toromclick.com/feed/click/?t1=128&tid=760&uid=192&subid=salinamontessori.com&id=661d492af86... HTTP 302
https://redir.blowingwind.xyz/feed/click/?t1=128&tid=88&uid=59&subid=760_salinamontessori.com&id=258f18aed... HTTP 302
http://ganda-ljo.com/zclkvisitor/5566ad72-7467-11ee-8a61-0a894831c01f/cfcdab84-dabd-11ed-962d-0ad... Page URL
http://ganda-ljo.com/zclkredirect?visitid=5566ad72-7467-11ee-8a61-0a894831c01f&type=js&browserWid... Page URL
https://wsafeguardpush.com/mc-test/f5bee1ea7c99920772438a653a04d1e7/index.php?cid=zr5566ad72746711ee8a6... HTTP 302
https://pro.finalice.net/ZGzGXN/?utm_source=24300&utm_campaign=14461906&cid=[CLICK_ID]&sid=[SUB_ID] HTTP 302
https://runprecisehighlyinfo-program.info/tvR7Zmuho4rVTjemDQp9zjXUBC7cwGmAOcn3vueruiI?cid=[CLICK_ID]&sid=[SUB_ID] Page URL

Page Statistics

5
Requests

20 %
HTTPS

14 %
IPv6

7
Domains

7
Subdomains

3
IPs

1
Countries

22 kB
Transfer

20 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gitlab.salinamontessori.com/ Page URL
http://gitlab.salinamontessori.com/page/bouncy.php?&bpae=GbhOsTkHP1V6tdshaD2TMiC1oB2DPDxuQjFv8i57rZKqDZTtcasaJ9GOwQgqUSE0ZmwU5j4Xl7%2BXDaRw%2B5Nz5BeeXt5ifYzy5inevrGKLNPAhuIzj05Kx0HdtKGidlDrBDpLQy4dE1HYGKRXsJ%2BGksmnOYsEj%2BjL1ZGElIGEjCbqv8LL1sTbwpCAFZtdX9l2XhNTYp%2BprdhVNrtYRyvGxiDcxDv45JLMiuXmunI2yL7C2aztxMCAuSoYHBlYtT7zFbQXWZ8yLneR%2FJ46ettd4%2FlaToMPmMC7bY9yBOZ3GMP7blFYrlHWEtgOPZ9bRYRN9v5fcb0E%2F%2BW87eNbzk6FGNj64apLGi%2B%2B%2Fi0%2FeNltwBfJ1z%2FH%2BVN96DU1JJcCrqNU9wy%2FXOuNzvGSf8sHakWNj%2BZHoBQPvjK%2FTSuq3YptH06ok1I7PkHRxgS4MTXoS3tulTuZsOFEPfQrodaggcTyLTujrUyq0YOwrExmXqMK8mGZ7T9zGy4zpWvkjsaPPdJn4TH3VcEEkWt0p%2Byb20FOtz3JnxU%2B33kIwfwI4Tshp%2FyAkIXddSPra%2F6M3u3%2FQRwpexgo%2FTRXqLDC4BARenbN0TQe5G43aXZIeFo135lRKB6FXcvg2RlXxERLCRoGz6hdxkioePoGSA62b0PRLmPj4tdBHFgZeedPlJcokeemRpUZxj5atuSODwFfCEIzPl7%2FA9hlYWqRD8JBA5FdVWyPRtojo4vAS86XNCR19aj2K32lrtl2NRqWcybLzLj8fJjbghH71I%2FKIoD%2FXDh%2B5t%2FS%2F%2BfglanspDKH%2F64H%2BjxAgQYvMVTkM%2B%2B5RBNjaEBbb46oWRi6HZhzsFCol2LXkouKdNsF0PAlrr5OaJD3gRJn4YCLPQOATjyyKnkSapauj0%2FT0zqcWOMKNL2J6r1LgsvKeqv4sv77q2W9FncYiMWldR0iyf4kgwuDatCMSkDdRaKA2Uk4uixhUd2hL6CQMFKQMNXQB%2B%2Fj53xkNwj%2FEo9ZEK8WGu0EprPCLJ4o04%2FhKa%2Bn1e6vKSdWbsBCZ4njStfuwUSL%2F3g9hzL5zed7bmPz5%2FThUwJi0n%2Fbm6NAdNk2qQr1t8h6T3BjmJJd2%2F5p5idzut%2FNbejhxUvwjdsUHPpU80DjiClreACY1RkFoxICp%2BsVIBdbftPhqoF5RMKJjR8ssCSdJzCV8zCuKqsKF%2FamSYKKRgqmQt0%2BJGdk3eydgkEvPQQ3sZqiCbQofuSX8IRcG9PqTvJQGWgBk0GSRoHPjjuALl2dhgYtG6ZxHOHh92fORx5yQzpDkw67dik4RHWpJAsbzywRJ8IACMEbJvtnmYEEe231N9j84zq9dlJHMxgltNI0AkCjA%2FzwAbtunPZeQaIfbb9FMZ6z%2Bx8buEDbnlF322N7GLPlpdQHAekeNzGWXPv8BB9EZOePR0DlhgrcLlYPSpfO1QCgSioziHPhyiX5hrJ90uAWtTl%2BdZZ8z6zKRPjghdX1gJFBMn43c0ywGmLGr7uBhl0f5iR0esHD%2FSHoydUa0hXnMPhvdnoz5QGt3mxjxnbVcW2%2BBmwqjxusuRRKt1uU3jsTFovkzrdQwEfvMZz6cuYHdwXstHQ5EMcYcNn9dtryqST9puLsy9hmoDGZRHIejPIqvhO7DNtRf04NfcMMbbXVJxdLXGORzXgPPbI7daibcG1MOhUsfw5iOeZJ24NSRETgIxpGNo5vpC98TgHiE17pGZiy9AY453FxG%2BVPDdRkKd7prDzYQlo1KzQqzKN3HxCyqzxgx0dsUQ9TmnDh4lZAr1UuFQrJMm%2FtjULeZi793ppudXiJhYL53hU5oFvJrfMETxZEnl8eurK%2Bc0xAjyzbLZrZI79Gh38RYvZQMZtNeTsaXP7%2Bb4hi8nkVB9t0JBITc9RJWHxyg2VTbKtLUn83JuQMV%2Fd9mqJ0a5dgRwo9z71fkBBCqFG739tmPddLSsxTFKvRuRtSB%2FootxMgC%2FPfGF1JTAOzVgS6HuqaBwhVdhgRZUEUruAQX4yNKzYMUQ7g7Q57OYgRsgR%2Fg0sUtbvFdpvFbcPrbGWHGhS6WCUJFyXn%2BzlZMVhT6b8JnQlSHZZwUgLqIuetDrxXr1cB%2BT5Ua4peR%2BgKPKt7lnZyxnuNGqxmDeQeP9OiBNLrXldcneVA7Q87RZ%2BEQG5K7dv%2BTWfkSbIL3%2BEfoTpRRWUvo%2Bd%2BsWmjmCv4fkI0dzw5f2inQKmRwfDqzS1h6yhN%2FVSaOPTqn8eUSKtlyeYz4QK8NFFv%2FH1sOWf1%2FB5DgL0eU%2BZuGUVG95RNiafArhftZyYO2k4jOVdvRg%2FRATV5Vpji%2B36ydhwQAeEz3G3UNcZrKzXLjYTfBlrBPs04o%2BW1d%2BKoCG0F0EOj6EaIj8rEjsSN7u%2FkcPRra4OOr9mP6pgbjlfK%2BfGFpqMVjJRc9XQ0l6LeJtzw3kmdfG3Cyc%2BKnSyI278kVrwgtycXllwcRJrDDLmEBZsjV9nT0WmYtFF8h44s6L65laTHzd%2FXkhtiHaBV9ii8ysycOsVMmGAWO8RryJ0b1%2BDMG%2BOzVbGPtE9mzX%2FS2N0IesWpdjSXg0gOsPupEdjeINBPJk%2Bba%2ByUiRiFX5JmuvuVtrz%2FVvNExN997Megu5pi0umE%2FU6KF7C5hj2ZnCT%2FqIxMA53yojml935ztV1JOHi5uRdDLsjz&redirectType=js&inIframe=false&inPopUp=false Page URL
http://www.toromclick.com/feed/click/?t1=128&tid=760&uid=192&subid=salinamontessori.com&id=661d492af86952b300af1e73d7dc771d:c3c95a80b66c96ed92d5ed542c277b893d5dcf02d89013be6bdb0b8f0f86c62e2d5b7217fbe20aa25e67dec1b50f7f67a31df224a36a85e6bf4a5158f78a9dfed34a0ef887c05a5456cb4a5ffeeab016819a7d8b8e90bfe8236438d1f8b2f59fd785394439e991805805bc44f22f035d450620054d45d0710cd002eb6729b2c467e2cb4217af29a74abe051266104b4068e6ac54c5f571872db4971b864e6aef2263ece52444b75ae2f25909cd199d947fa433a0dcfe50b9b55471c962eb864c1bc03d61ea87810499ab500d88516219fbe15ab1376413ad45d876a4e4193c476eb659f9100043d927af6673321ba9aab1e56e99c6b4ac454d918d590046ad8da0553e9af88fa044550b6f1190c5ced5fc5a1d25df4d555acf401eea1fb9f5e3e7bbc47eaff4eeaccda41b2c50d2a03316b4d83f6a5c71ce4360d7b5c3bf8ed1efc8510341aeebbd8666d0bc20558b56a98807900ee9612a16e4d9276c1e97a8944ab4ef913730e2cbbb5c1b17ad3dc752288df5e08d4d5386b2511e0ed047f9fb3da293589376830c774a01f0e48eab2f2d4a4df4214f34366d9827079781830faf0be6ad379d7c755ad79bdaf471be7e53364a4897c8abe8d7e5f4997efa1190cbad9958e9b48d406032002c0100f0123c8af054487b216d954bccebb2b2e40a4f54af4a231c026cc044e2c61f561e89f07f9133789cafccb0a0e782136569dbbe82aa559b06136091305ff437df423b55dfb72f46a78eac74f8dcd12040aab2efbd139819bf4dcfe1bba351d5c6ef1ca3e93cc150cfa5e3c4f64b5ac245c4a7c1cf49b1c7cf0574cb93e66a4e230e0f876219d77b7b9cfbdc380f02da8685cedb9b99ae383b15709f9e4ef4e04220178bdbc1ddbdea6655f0134e0a0dadde4ad457a76cf679d878cc6d14350eb1f6477f48ba6372f2161af632368030c06e525a7e6b4ad687a50b39efbf5ce49cf69b6111c6a018df5498f1d3dbef5c4d865808f777f6677261fc37dc0044a11cf28bfa1b95f7d57a1a02d9dbba3bdb1ba76741d96ac7d07ee54574fe1ea16b7606c68c25b50ae6628dc865eaa567ca010af9f87c985fa62f4d1e895b08421de7897f5cac569abc45ae88c26f8651e1286772188d5bf5dc9d08cf1704e11768d7981141d1c4208130ba1476c901e16b1fe58a85e95fe24624476b5868bbc1c7b702f3f4b88ab2436d3bd7d52731f1d511e4e7509e5de5d24627180e7f6eeca651b17dc1cd700dbfe56d9617a8faa1b3a89b9ad376aa9c09386437bdffa37caf32aaba2e069811f90c77390a0a7940ed1aee84fe7501057f9cfa278adabc77eb03a1f764cfbf2c7bc463a4c162c9c27f163e3b16b5275a23313440c2547a6020c59225a7e4c1d655b4f6799093bac9dc35bcc4267ac7c71dce54878cb0f5b88913563077ff0730da964426e620e05a7b21af144816add566199a0e7e8e0e7b7cb704a065d1865937eb872268d97132909e06bc65d50303d3a6796435c53b79021af447358ad3155b7e07f92039d9f13a3a12fbc98b38e22cff391159ed4bfb68e78399a60cac0efc2652000089c7bcfa362157d90c812ff808c89ead195035609f16f1fb7af15bb76fdb1dc38829b3cbd3b48884191e8475e45d17c31cacd4348e4ce1a54059c208cb6fd67fe964d828132e3352219641c5c66c5f6703dbd59a74d152d137b6b0e264cb219cdeb02b959b4a9b9aae028c134b2c16ec687ddac91e8bedb5b5a22ecf7325ee4cf7f1a9c7542a3796b50777a26a9f9281dc90ba197e4a8f5934beb318392e4df4552c13805bc8cda1b3a5d70bca0930566e37ec3a1decbc31be3626b3b5bf276f910b6bea751703d68a0230e76329ca562a57ef71095a7684572682611aed1f61550b60c87d821283f6bc23ebb9ff1686f9aa9371b9304f7a9eebc8caa2a647296fc2a69d1916 HTTP 302
https://redir.blowingwind.xyz/feed/click/?t1=128&tid=88&uid=59&subid=760_salinamontessori.com&id=258f18aededf933c695491f5f1e1ad13:e9f7a26c37c52d939ae7a9a5d108108704fa33462a0cc7ebb0a14573efcc4a90e5c00b08d1a29c8e257f3162e30a949043d3771616420708712b4b801e9f2e69e1ae6000ba8565cb08471f079f91ca04f354f368119715be5e85cd9c5df8c92bfea8d1ce55efab7b3fedb25c9c130d40e8459b4024a79fee162d4391b82836e27623505a1472f29493bc3c45c7017e6fa6585c1528b1ea78861b1c59d2b705ef4ee2922f18b9440d73d831fd1188757141a50eb364cd3431d87c4b5adf55aef070dfaf67065a219d47021575258be14429c6c8eceda728c47332b89bed9dbc9e83ba0be742e70da83a9ab7a90b1297289860f81fe154c93c1fda57f4dd5eb86a964bee0273fa6a5d1b871fddc64733a6b314da97f4583b1a73a2d11d8679fd721a078e480b6969775203b2d1e8ba1d6e3b75565d08fadb6acb5f84c0670af04e2de35929a789df8b418a65666c821792713d6dd6b64c19b55517cc933ec30950d8a7c954d1694bc58ba5318dd0639dafb70193f38ebc290a607ae35d0c7f3bf71559d86b99814b79154cbe6a1126c88bf59e148c815d8efb3c9cc23fe9ce2cdd5d5348a8e4fc2c8e7b91bfc266ac3d490e402b1e7d8c62331c93493f6733c68c45a03e579141a5e5ef1aa55f3fe7a243 HTTP 302
http://ganda-ljo.com/zclkvisitor/5566ad72-7467-11ee-8a61-0a894831c01f/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=4b644170-2bc4-11ee-a6a0-123f4a2b6bb7 Page URL
http://ganda-ljo.com/zclkredirect?visitid=5566ad72-7467-11ee-8a61-0a894831c01f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false Page URL
https://wsafeguardpush.com/mc-test/f5bee1ea7c99920772438a653a04d1e7/index.php?cid=zr5566ad72746711ee8a610a894831c01ff3424a82de664bcebd028dbd49e6173507730507b286b73137&dom=lima-tag-krjwzj8djq&s=0.020000 HTTP 302
https://pro.finalice.net/ZGzGXN/?utm_source=24300&utm_campaign=14461906&cid=[CLICK_ID]&sid=[SUB_ID] HTTP 302
https://runprecisehighlyinfo-program.info/tvR7Zmuho4rVTjemDQp9zjXUBC7cwGmAOcn3vueruiI?cid=[CLICK_ID]&sid=[SUB_ID] Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://www.toromclick.com/feed/click/?t1=128&tid=760&uid=192&subid=salinamontessori.com&id=661d492af86952b300af1e73d7dc771d:c3c95a80b66c96ed92d5ed542c277b893d5dcf02d89013be6bdb0b8f0f86c62e2d5b7217fbe20aa25e67dec1b50f7f67a31df224a36a85e6bf4a5158f78a9dfed34a0ef887c05a5456cb4a5ffeeab016819a7d8b8e90bfe8236438d1f8b2f59fd785394439e991805805bc44f22f035d450620054d45d0710cd002eb6729b2c467e2cb4217af29a74abe051266104b4068e6ac54c5f571872db4971b864e6aef2263ece52444b75ae2f25909cd199d947fa433a0dcfe50b9b55471c962eb864c1bc03d61ea87810499ab500d88516219fbe15ab1376413ad45d876a4e4193c476eb659f9100043d927af6673321ba9aab1e56e99c6b4ac454d918d590046ad8da0553e9af88fa044550b6f1190c5ced5fc5a1d25df4d555acf401eea1fb9f5e3e7bbc47eaff4eeaccda41b2c50d2a03316b4d83f6a5c71ce4360d7b5c3bf8ed1efc8510341aeebbd8666d0bc20558b56a98807900ee9612a16e4d9276c1e97a8944ab4ef913730e2cbbb5c1b17ad3dc752288df5e08d4d5386b2511e0ed047f9fb3da293589376830c774a01f0e48eab2f2d4a4df4214f34366d9827079781830faf0be6ad379d7c755ad79bdaf471be7e53364a4897c8abe8d7e5f4997efa1190cbad9958e9b48d406032002c0100f0123c8af054487b216d954bccebb2b2e40a4f54af4a231c026cc044e2c61f561e89f07f9133789cafccb0a0e782136569dbbe82aa559b06136091305ff437df423b55dfb72f46a78eac74f8dcd12040aab2efbd139819bf4dcfe1bba351d5c6ef1ca3e93cc150cfa5e3c4f64b5ac245c4a7c1cf49b1c7cf0574cb93e66a4e230e0f876219d77b7b9cfbdc380f02da8685cedb9b99ae383b15709f9e4ef4e04220178bdbc1ddbdea6655f0134e0a0dadde4ad457a76cf679d878cc6d14350eb1f6477f48ba6372f2161af632368030c06e525a7e6b4ad687a50b39efbf5ce49cf69b6111c6a018df5498f1d3dbef5c4d865808f777f6677261fc37dc0044a11cf28bfa1b95f7d57a1a02d9dbba3bdb1ba76741d96ac7d07ee54574fe1ea16b7606c68c25b50ae6628dc865eaa567ca010af9f87c985fa62f4d1e895b08421de7897f5cac569abc45ae88c26f8651e1286772188d5bf5dc9d08cf1704e11768d7981141d1c4208130ba1476c901e16b1fe58a85e95fe24624476b5868bbc1c7b702f3f4b88ab2436d3bd7d52731f1d511e4e7509e5de5d24627180e7f6eeca651b17dc1cd700dbfe56d9617a8faa1b3a89b9ad376aa9c09386437bdffa37caf32aaba2e069811f90c77390a0a7940ed1aee84fe7501057f9cfa278adabc77eb03a1f764cfbf2c7bc463a4c162c9c27f163e3b16b5275a23313440c2547a6020c59225a7e4c1d655b4f6799093bac9dc35bcc4267ac7c71dce54878cb0f5b88913563077ff0730da964426e620e05a7b21af144816add566199a0e7e8e0e7b7cb704a065d1865937eb872268d97132909e06bc65d50303d3a6796435c53b79021af447358ad3155b7e07f92039d9f13a3a12fbc98b38e22cff391159ed4bfb68e78399a60cac0efc2652000089c7bcfa362157d90c812ff808c89ead195035609f16f1fb7af15bb76fdb1dc38829b3cbd3b48884191e8475e45d17c31cacd4348e4ce1a54059c208cb6fd67fe964d828132e3352219641c5c66c5f6703dbd59a74d152d137b6b0e264cb219cdeb02b959b4a9b9aae028c134b2c16ec687ddac91e8bedb5b5a22ecf7325ee4cf7f1a9c7542a3796b50777a26a9f9281dc90ba197e4a8f5934beb318392e4df4552c13805bc8cda1b3a5d70bca0930566e37ec3a1decbc31be3626b3b5bf276f910b6bea751703d68a0230e76329ca562a57ef71095a7684572682611aed1f61550b60c87d821283f6bc23ebb9ff1686f9aa9371b9304f7a9eebc8caa2a647296fc2a69d1916 HTTP 302
https://redir.blowingwind.xyz/feed/click/?t1=128&tid=88&uid=59&subid=760_salinamontessori.com&id=258f18aededf933c695491f5f1e1ad13:e9f7a26c37c52d939ae7a9a5d108108704fa33462a0cc7ebb0a14573efcc4a90e5c00b08d1a29c8e257f3162e30a949043d3771616420708712b4b801e9f2e69e1ae6000ba8565cb08471f079f91ca04f354f368119715be5e85cd9c5df8c92bfea8d1ce55efab7b3fedb25c9c130d40e8459b4024a79fee162d4391b82836e27623505a1472f29493bc3c45c7017e6fa6585c1528b1ea78861b1c59d2b705ef4ee2922f18b9440d73d831fd1188757141a50eb364cd3431d87c4b5adf55aef070dfaf67065a219d47021575258be14429c6c8eceda728c47332b89bed9dbc9e83ba0be742e70da83a9ab7a90b1297289860f81fe154c93c1fda57f4dd5eb86a964bee0273fa6a5d1b871fddc64733a6b314da97f4583b1a73a2d11d8679fd721a078e480b6969775203b2d1e8ba1d6e3b75565d08fadb6acb5f84c0670af04e2de35929a789df8b418a65666c821792713d6dd6b64c19b55517cc933ec30950d8a7c954d1694bc58ba5318dd0639dafb70193f38ebc290a607ae35d0c7f3bf71559d86b99814b79154cbe6a1126c88bf59e148c815d8efb3c9cc23fe9ce2cdd5d5348a8e4fc2c8e7b91bfc266ac3d490e402b1e7d8c62331c93493f6733c68c45a03e579141a5e5ef1aa55f3fe7a243 HTTP 302
http://ganda-ljo.com/zclkvisitor/5566ad72-7467-11ee-8a61-0a894831c01f/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=4b644170-2bc4-11ee-a6a0-123f4a2b6bb7

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
gitlab.salinamontessori.com/ 9 KB
9 KB 826ms
707ms Document
text/html 64.91.248.15
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://gitlab.salinamontessori.com/
Protocol: HTTP/1.1
Server: 64.91.248.15 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: crow.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 27 Oct 2023 01:22:45 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16

GET
H/1.1 200
OK bouncy.php
gitlab.salinamontessori.com/page/ 9 KB
9 KB 75ms
71ms Document
text/html 64.91.248.15
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://gitlab.salinamontessori.com/page/bouncy.php?&bpae=GbhOsTkHP1V6tdshaD2TMiC1oB2DPDxuQjFv8i57rZKqDZTtcasaJ9GOwQgqUSE0ZmwU5j4Xl7%2BXDaRw%2B5Nz5BeeXt5ifYzy5inevrGKLNPAhuIzj05Kx0HdtKGidlDrBDpLQy4dE1HYGKRXsJ%2BGksmnOYsEj%2BjL1ZGElIGEjCbqv8LL1sTbwpCAFZtdX9l2XhNTYp%2BprdhVNrtYRyvGxiDcxDv45JLMiuXmunI2yL7C2aztxMCAuSoYHBlYtT7zFbQXWZ8yLneR%2FJ46ettd4%2FlaToMPmMC7bY9yBOZ3GMP7blFYrlHWEtgOPZ9bRYRN9v5fcb0E%2F%2BW87eNbzk6FGNj64apLGi%2B%2B%2Fi0%2FeNltwBfJ1z%2FH%2BVN96DU1JJcCrqNU9wy%2FXOuNzvGSf8sHakWNj%2BZHoBQPvjK%2FTSuq3YptH06ok1I7PkHRxgS4MTXoS3tulTuZsOFEPfQrodaggcTyLTujrUyq0YOwrExmXqMK8mGZ7T9zGy4zpWvkjsaPPdJn4TH3VcEEkWt0p%2Byb20FOtz3JnxU%2B33kIwfwI4Tshp%2FyAkIXddSPra%2F6M3u3%2FQRwpexgo%2FTRXqLDC4BARenbN0TQe5G43aXZIeFo135lRKB6FXcvg2RlXxERLCRoGz6hdxkioePoGSA62b0PRLmPj4tdBHFgZeedPlJcokeemRpUZxj5atuSODwFfCEIzPl7%2FA9hlYWqRD8JBA5FdVWyPRtojo4vAS86XNCR19aj2K32lrtl2NRqWcybLzLj8fJjbghH71I%2FKIoD%2FXDh%2B5t%2FS%2F%2BfglanspDKH%2F64H%2BjxAgQYvMVTkM%2B%2B5RBNjaEBbb46oWRi6HZhzsFCol2LXkouKdNsF0PAlrr5OaJD3gRJn4YCLPQOATjyyKnkSapauj0%2FT0zqcWOMKNL2J6r1LgsvKeqv4sv77q2W9FncYiMWldR0iyf4kgwuDatCMSkDdRaKA2Uk4uixhUd2hL6CQMFKQMNXQB%2B%2Fj53xkNwj%2FEo9ZEK8WGu0EprPCLJ4o04%2FhKa%2Bn1e6vKSdWbsBCZ4njStfuwUSL%2F3g9hzL5zed7bmPz5%2FThUwJi0n%2Fbm6NAdNk2qQr1t8h6T3BjmJJd2%2F5p5idzut%2FNbejhxUvwjdsUHPpU80DjiClreACY1RkFoxICp%2BsVIBdbftPhqoF5RMKJjR8ssCSdJzCV8zCuKqsKF%2FamSYKKRgqmQt0%2BJGdk3eydgkEvPQQ3sZqiCbQofuSX8IRcG9PqTvJQGWgBk0GSRoHPjjuALl2dhgYtG6ZxHOHh92fORx5yQzpDkw67dik4RHWpJAsbzywRJ8IACMEbJvtnmYEEe231N9j84zq9dlJHMxgltNI0AkCjA%2FzwAbtunPZeQaIfbb9FMZ6z%2Bx8buEDbnlF322N7GLPlpdQHAekeNzGWXPv8BB9EZOePR0DlhgrcLlYPSpfO1QCgSioziHPhyiX5hrJ90uAWtTl%2BdZZ8z6zKRPjghdX1gJFBMn43c0ywGmLGr7uBhl0f5iR0esHD%2FSHoydUa0hXnMPhvdnoz5QGt3mxjxnbVcW2%2BBmwqjxusuRRKt1uU3jsTFovkzrdQwEfvMZz6cuYHdwXstHQ5EMcYcNn9dtryqST9puLsy9hmoDGZRHIejPIqvhO7DNtRf04NfcMMbbXVJxdLXGORzXgPPbI7daibcG1MOhUsfw5iOeZJ24NSRETgIxpGNo5vpC98TgHiE17pGZiy9AY453FxG%2BVPDdRkKd7prDzYQlo1KzQqzKN3HxCyqzxgx0dsUQ9TmnDh4lZAr1UuFQrJMm%2FtjULeZi793ppudXiJhYL53hU5oFvJrfMETxZEnl8eurK%2Bc0xAjyzbLZrZI79Gh38RYvZQMZtNeTsaXP7%2Bb4hi8nkVB9t0JBITc9RJWHxyg2VTbKtLUn83JuQMV%2Fd9mqJ0a5dgRwo9z71fkBBCqFG739tmPddLSsxTFKvRuRtSB%2FootxMgC%2FPfGF1JTAOzVgS6HuqaBwhVdhgRZUEUruAQX4yNKzYMUQ7g7Q57OYgRsgR%2Fg0sUtbvFdpvFbcPrbGWHGhS6WCUJFyXn%2BzlZMVhT6b8JnQlSHZZwUgLqIuetDrxXr1cB%2BT5Ua4peR%2BgKPKt7lnZyxnuNGqxmDeQeP9OiBNLrXldcneVA7Q87RZ%2BEQG5K7dv%2BTWfkSbIL3%2BEfoTpRRWUvo%2Bd%2BsWmjmCv4fkI0dzw5f2inQKmRwfDqzS1h6yhN%2FVSaOPTqn8eUSKtlyeYz4QK8NFFv%2FH1sOWf1%2FB5DgL0eU%2BZuGUVG95RNiafArhftZyYO2k4jOVdvRg%2FRATV5Vpji%2B36ydhwQAeEz3G3UNcZrKzXLjYTfBlrBPs04o%2BW1d%2BKoCG0F0EOj6EaIj8rEjsSN7u%2FkcPRra4OOr9mP6pgbjlfK%2BfGFpqMVjJRc9XQ0l6LeJtzw3kmdfG3Cyc%2BKnSyI278kVrwgtycXllwcRJrDDLmEBZsjV9nT0WmYtFF8h44s6L65laTHzd%2FXkhtiHaBV9ii8ysycOsVMmGAWO8RryJ0b1%2BDMG%2BOzVbGPtE9mzX%2FS2N0IesWpdjSXg0gOsPupEdjeINBPJk%2Bba%2ByUiRiFX5JmuvuVtrz%2FVvNExN997Megu5pi0umE%2FU6KF7C5hj2ZnCT%2FqIxMA53yojml935ztV1JOHi5uRdDLsjz&redirectType=js&inIframe=false&inPopUp=false
Requested by: Host: gitlab.salinamontessori.com
URL: http://gitlab.salinamontessori.com/
Protocol: HTTP/1.1
Server: 64.91.248.15 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: crow.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Referer: http://gitlab.salinamontessori.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 27 Oct 2023 01:22:46 GMT
Keep-Alive: timeout=5, max=99
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16

GET
H/1.1

200

cfcdab84-dabd-11ed-962d-0ad412f815c1
ganda-ljo.com/zclkvisitor/5566ad72-7467-11ee-8a61-0a894831c01f/
Redirect Chain

http://www.toromclick.com/feed/click/?t1=128&tid=760&uid=192&subid=salinamontessori.com&id=661d492af86952b300af1e73d7dc771d:c3c95a80b66c96ed92d5ed542c277b893d5dcf02d89013be6bdb0b8f0f86c62e2d5b7217f...
https://redir.blowingwind.xyz/feed/click/?t1=128&tid=88&uid=59&subid=760_salinamontessori.com&id=258f18aededf933c695491f5f1e1ad13:e9f7a26c37c52d939ae7a9a5d108108704fa33462a0cc7ebb0a14573efcc4a90e5c...
http://ganda-ljo.com/zclkvisitor/5566ad72-7467-11ee-8a61-0a894831c01f/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=4b644170-2bc4-11ee-a6a0-123f4a2b6bb7

1 KB
2 KB

137ms
99ms

Document
text/html

34.200.193.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://ganda-ljo.com/zclkvisitor/5566ad72-7467-11ee-8a61-0a894831c01f/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=4b644170-2bc4-11ee-a6a0-123f4a2b6bb7

Requested by

Host: gitlab.salinamontessori.com
URL: http://gitlab.salinamontessori.com/page/bouncy.php?&bpae=GbhOsTkHP1V6tdshaD2TMiC1oB2DPDxuQjFv8i57rZKqDZTtcasaJ9GOwQgqUSE0ZmwU5j4Xl7%2BXDaRw%2B5Nz5BeeXt5ifYzy5inevrGKLNPAhuIzj05Kx0HdtKGidlDrBDpLQy4dE1HYGKRXsJ%2BGksmnOYsEj%2BjL1ZGElIGEjCbqv8LL1sTbwpCAFZtdX9l2XhNTYp%2BprdhVNrtYRyvGxiDcxDv45JLMiuXmunI2yL7C2aztxMCAuSoYHBlYtT7zFbQXWZ8yLneR%2FJ46ettd4%2FlaToMPmMC7bY9yBOZ3GMP7blFYrlHWEtgOPZ9bRYRN9v5fcb0E%2F%2BW87eNbzk6FGNj64apLGi%2B%2B%2Fi0%2FeNltwBfJ1z%2FH%2BVN96DU1JJcCrqNU9wy%2FXOuNzvGSf8sHakWNj%2BZHoBQPvjK%2FTSuq3YptH06ok1I7PkHRxgS4MTXoS3tulTuZsOFEPfQrodaggcTyLTujrUyq0YOwrExmXqMK8mGZ7T9zGy4zpWvkjsaPPdJn4TH3VcEEkWt0p%2Byb20FOtz3JnxU%2B33kIwfwI4Tshp%2FyAkIXddSPra%2F6M3u3%2FQRwpexgo%2FTRXqLDC4BARenbN0TQe5G43aXZIeFo135lRKB6FXcvg2RlXxERLCRoGz6hdxkioePoGSA62b0PRLmPj4tdBHFgZeedPlJcokeemRpUZxj5atuSODwFfCEIzPl7%2FA9hlYWqRD8JBA5FdVWyPRtojo4vAS86XNCR19aj2K32lrtl2NRqWcybLzLj8fJjbghH71I%2FKIoD%2FXDh%2B5t%2FS%2F%2BfglanspDKH%2F64H%2BjxAgQYvMVTkM%2B%2B5RBNjaEBbb46oWRi6HZhzsFCol2LXkouKdNsF0PAlrr5OaJD3gRJn4YCLPQOATjyyKnkSapauj0%2FT0zqcWOMKNL2J6r1LgsvKeqv4sv77q2W9FncYiMWldR0iyf4kgwuDatCMSkDdRaKA2Uk4uixhUd2hL6CQMFKQMNXQB%2B%2Fj53xkNwj%2FEo9ZEK8WGu0EprPCLJ4o04%2FhKa%2Bn1e6vKSdWbsBCZ4njStfuwUSL%2F3g9hzL5zed7bmPz5%2FThUwJi0n%2Fbm6NAdNk2qQr1t8h6T3BjmJJd2%2F5p5idzut%2FNbejhxUvwjdsUHPpU80DjiClreACY1RkFoxICp%2BsVIBdbftPhqoF5RMKJjR8ssCSdJzCV8zCuKqsKF%2FamSYKKRgqmQt0%2BJGdk3eydgkEvPQQ3sZqiCbQofuSX8IRcG9PqTvJQGWgBk0GSRoHPjjuALl2dhgYtG6ZxHOHh92fORx5yQzpDkw67dik4RHWpJAsbzywRJ8IACMEbJvtnmYEEe231N9j84zq9dlJHMxgltNI0AkCjA%2FzwAbtunPZeQaIfbb9FMZ6z%2Bx8buEDbnlF322N7GLPlpdQHAekeNzGWXPv8BB9EZOePR0DlhgrcLlYPSpfO1QCgSioziHPhyiX5hrJ90uAWtTl%2BdZZ8z6zKRPjghdX1gJFBMn43c0ywGmLGr7uBhl0f5iR0esHD%2FSHoydUa0hXnMPhvdnoz5QGt3mxjxnbVcW2%2BBmwqjxusuRRKt1uU3jsTFovkzrdQwEfvMZz6cuYHdwXstHQ5EMcYcNn9dtryqST9puLsy9hmoDGZRHIejPIqvhO7DNtRf04NfcMMbbXVJxdLXGORzXgPPbI7daibcG1MOhUsfw5iOeZJ24NSRETgIxpGNo5vpC98TgHiE17pGZiy9AY453FxG%2BVPDdRkKd7prDzYQlo1KzQqzKN3HxCyqzxgx0dsUQ9TmnDh4lZAr1UuFQrJMm%2FtjULeZi793ppudXiJhYL53hU5oFvJrfMETxZEnl8eurK%2Bc0xAjyzbLZrZI79Gh38RYvZQMZtNeTsaXP7%2Bb4hi8nkVB9t0JBITc9RJWHxyg2VTbKtLUn83JuQMV%2Fd9mqJ0a5dgRwo9z71fkBBCqFG739tmPddLSsxTFKvRuRtSB%2FootxMgC%2FPfGF1JTAOzVgS6HuqaBwhVdhgRZUEUruAQX4yNKzYMUQ7g7Q57OYgRsgR%2Fg0sUtbvFdpvFbcPrbGWHGhS6WCUJFyXn%2BzlZMVhT6b8JnQlSHZZwUgLqIuetDrxXr1cB%2BT5Ua4peR%2BgKPKt7lnZyxnuNGqxmDeQeP9OiBNLrXldcneVA7Q87RZ%2BEQG5K7dv%2BTWfkSbIL3%2BEfoTpRRWUvo%2Bd%2BsWmjmCv4fkI0dzw5f2inQKmRwfDqzS1h6yhN%2FVSaOPTqn8eUSKtlyeYz4QK8NFFv%2FH1sOWf1%2FB5DgL0eU%2BZuGUVG95RNiafArhftZyYO2k4jOVdvRg%2FRATV5Vpji%2B36ydhwQAeEz3G3UNcZrKzXLjYTfBlrBPs04o%2BW1d%2BKoCG0F0EOj6EaIj8rEjsSN7u%2FkcPRra4OOr9mP6pgbjlfK%2BfGFpqMVjJRc9XQ0l6LeJtzw3kmdfG3Cyc%2BKnSyI278kVrwgtycXllwcRJrDDLmEBZsjV9nT0WmYtFF8h44s6L65laTHzd%2FXkhtiHaBV9ii8ysycOsVMmGAWO8RryJ0b1%2BDMG%2BOzVbGPtE9mzX%2FS2N0IesWpdjSXg0gOsPupEdjeINBPJk%2Bba%2ByUiRiFX5JmuvuVtrz%2FVvNExN997Megu5pi0umE%2FU6KF7C5hj2ZnCT%2FqIxMA53yojml935ztV1JOHi5uRdDLsjz&redirectType=js&inIframe=false&inPopUp=false

Protocol

HTTP/1.1

Server

34.200.193.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-193-204.compute-1.amazonaws.com

Software

WRZNOzKA /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer: http://gitlab.salinamontessori.com/page/bouncy.php?&bpae=GbhOsTkHP1V6tdshaD2TMiC1oB2DPDxuQjFv8i57rZKqDZTtcasaJ9GOwQgqUSE0ZmwU5j4Xl7%2BXDaRw%2B5Nz5BeeXt5ifYzy5inevrGKLNPAhuIzj05Kx0HdtKGidlDrBDpLQy4dE1HYGKRXsJ%2BGksmnOYsEj%2BjL1ZGElIGEjCbqv8LL1sTbwpCAFZtdX9l2XhNTYp%2BprdhVNrtYRyvGxiDcxDv45JLMiuXmunI2yL7C2aztxMCAuSoYHBlYtT7zFbQXWZ8yLneR%2FJ46ettd4%2FlaToMPmMC7bY9yBOZ3GMP7blFYrlHWEtgOPZ9bRYRN9v5fcb0E%2F%2BW87eNbzk6FGNj64apLGi%2B%2B%2Fi0%2FeNltwBfJ1z%2FH%2BVN96DU1JJcCrqNU9wy%2FXOuNzvGSf8sHakWNj%2BZHoBQPvjK%2FTSuq3YptH06ok1I7PkHRxgS4MTXoS3tulTuZsOFEPfQrodaggcTyLTujrUyq0YOwrExmXqMK8mGZ7T9zGy4zpWvkjsaPPdJn4TH3VcEEkWt0p%2Byb20FOtz3JnxU%2B33kIwfwI4Tshp%2FyAkIXddSPra%2F6M3u3%2FQRwpexgo%2FTRXqLDC4BARenbN0TQe5G43aXZIeFo135lRKB6FXcvg2RlXxERLCRoGz6hdxkioePoGSA62b0PRLmPj4tdBHFgZeedPlJcokeemRpUZxj5atuSODwFfCEIzPl7%2FA9hlYWqRD8JBA5FdVWyPRtojo4vAS86XNCR19aj2K32lrtl2NRqWcybLzLj8fJjbghH71I%2FKIoD%2FXDh%2B5t%2FS%2F%2BfglanspDKH%2F64H%2BjxAgQYvMVTkM%2B%2B5RBNjaEBbb46oWRi6HZhzsFCol2LXkouKdNsF0PAlrr5OaJD3gRJn4YCLPQOATjyyKnkSapauj0%2FT0zqcWOMKNL2J6r1LgsvKeqv4sv77q2W9FncYiMWldR0iyf4kgwuDatCMSkDdRaKA2Uk4uixhUd2hL6CQMFKQMNXQB%2B%2Fj53xkNwj%2FEo9ZEK8WGu0EprPCLJ4o04%2FhKa%2Bn1e6vKSdWbsBCZ4njStfuwUSL%2F3g9hzL5zed7bmPz5%2FThUwJi0n%2Fbm6NAdNk2qQr1t8h6T3BjmJJd2%2F5p5idzut%2FNbejhxUvwjdsUHPpU80DjiClreACY1RkFoxICp%2BsVIBdbftPhqoF5RMKJjR8ssCSdJzCV8zCuKqsKF%2FamSYKKRgqmQt0%2BJGdk3eydgkEvPQQ3sZqiCbQofuSX8IRcG9PqTvJQGWgBk0GSRoHPjjuALl2dhgYtG6ZxHOHh92fORx5yQzpDkw67dik4RHWpJAsbzywRJ8IACMEbJvtnmYEEe231N9j84zq9dlJHMxgltNI0AkCjA%2FzwAbtunPZeQaIfbb9FMZ6z%2Bx8buEDbnlF322N7GLPlpdQHAekeNzGWXPv8BB9EZOePR0DlhgrcLlYPSpfO1QCgSioziHPhyiX5hrJ90uAWtTl%2BdZZ8z6zKRPjghdX1gJFBMn43c0ywGmLGr7uBhl0f5iR0esHD%2FSHoydUa0hXnMPhvdnoz5QGt3mxjxnbVcW2%2BBmwqjxusuRRKt1uU3jsTFovkzrdQwEfvMZz6cuYHdwXstHQ5EMcYcNn9dtryqST9puLsy9hmoDGZRHIejPIqvhO7DNtRf04NfcMMbbXVJxdLXGORzXgPPbI7daibcG1MOhUsfw5iOeZJ24NSRETgIxpGNo5vpC98TgHiE17pGZiy9AY453FxG%2BVPDdRkKd7prDzYQlo1KzQqzKN3HxCyqzxgx0dsUQ9TmnDh4lZAr1UuFQrJMm%2FtjULeZi793ppudXiJhYL53hU5oFvJrfMETxZEnl8eurK%2Bc0xAjyzbLZrZI79Gh38RYvZQMZtNeTsaXP7%2Bb4hi8nkVB9t0JBITc9RJWHxyg2VTbKtLUn83JuQMV%2Fd9mqJ0a5dgRwo9z71fkBBCqFG739tmPddLSsxTFKvRuRtSB%2FootxMgC%2FPfGF1JTAOzVgS6HuqaBwhVdhgRZUEUruAQX4yNKzYMUQ7g7Q57OYgRsgR%2Fg0sUtbvFdpvFbcPrbGWHGhS6WCUJFyXn%2BzlZMVhT6b8JnQlSHZZwUgLqIuetDrxXr1cB%2BT5Ua4peR%2BgKPKt7lnZyxnuNGqxmDeQeP9OiBNLrXldcneVA7Q87RZ%2BEQG5K7dv%2BTWfkSbIL3%2BEfoTpRRWUvo%2Bd%2BsWmjmCv4fkI0dzw5f2inQKmRwfDqzS1h6yhN%2FVSaOPTqn8eUSKtlyeYz4QK8NFFv%2FH1sOWf1%2FB5DgL0eU%2BZuGUVG95RNiafArhftZyYO2k4jOVdvRg%2FRATV5Vpji%2B36ydhwQAeEz3G3UNcZrKzXLjYTfBlrBPs04o%2BW1d%2BKoCG0F0EOj6EaIj8rEjsSN7u%2FkcPRra4OOr9mP6pgbjlfK%2BfGFpqMVjJRc9XQ0l6LeJtzw3kmdfG3Cyc%2BKnSyI278kVrwgtycXllwcRJrDDLmEBZsjV9nT0WmYtFF8h44s6L65laTHzd%2FXkhtiHaBV9ii8ysycOsVMmGAWO8RryJ0b1%2BDMG%2BOzVbGPtE9mzX%2FS2N0IesWpdjSXg0gOsPupEdjeINBPJk%2Bba%2ByUiRiFX5JmuvuVtrz%2FVvNExN997Megu5pi0umE%2FU6KF7C5hj2ZnCT%2FqIxMA53yojml935ztV1JOHi5uRdDLsjz&redirectType=js&inIframe=false&inPopUp=false
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
Date: Fri, 27 Oct 2023 01:22:47 GMT
Server: WRZNOzKA
Transfer-Encoding: chunked
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Length: 352
Content-Type: text/html; charset=utf-8
Date: Fri, 27 Oct 2023 01:22:47 GMT
Expires: 0
Keep-Alive: timeout=5
Location: http://ganda-ljo.com/zclkvisitor/5566ad72-7467-11ee-8a61-0a894831c01f/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=4b644170-2bc4-11ee-a6a0-123f4a2b6bb7
Surrogate-Control: no-store
Vary: Accept
X-Powered-By: Express

GET
H/1.1 200 zclkredirect
ganda-ljo.com/ 584 B
1 KB 41ms
36ms Document
text/html 34.200.193.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://ganda-ljo.com/zclkredirect?visitid=5566ad72-7467-11ee-8a61-0a894831c01f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false

Requested by

Host: ganda-ljo.com
URL: http://ganda-ljo.com/zclkvisitor/5566ad72-7467-11ee-8a61-0a894831c01f/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=4b644170-2bc4-11ee-a6a0-123f4a2b6bb7

Protocol

HTTP/1.1

Server

34.200.193.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-193-204.compute-1.amazonaws.com

Software

lUGhxMkV /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer: http://ganda-ljo.com/zclkvisitor/5566ad72-7467-11ee-8a61-0a894831c01f/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=4b644170-2bc4-11ee-a6a0-123f4a2b6bb7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
Date: Fri, 27 Oct 2023 01:22:47 GMT
Server: lUGhxMkV
Transfer-Encoding: chunked
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
redirected: JS
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'

GET
H/1.1

404
Not Found

Primary Request tvR7Zmuho4rVTjemDQp9zjXUBC7cwGmAOcn3vueruiI Show response
runprecisehighlyinfo-program.info/
Redirect Chain

https://wsafeguardpush.com/mc-test/f5bee1ea7c99920772438a653a04d1e7/index.php?cid=zr5566ad72746711ee8a610a894831c01ff3424a82de664bcebd028dbd49e6173507730507b286b73137&dom=lima-tag-krjwzj8djq&s=0.02...
https://pro.finalice.net/ZGzGXN/?utm_source=24300&utm_campaign=14461906&cid=[CLICK_ID]&sid=[SUB_ID]
https://runprecisehighlyinfo-program.info/tvR7Zmuho4rVTjemDQp9zjXUBC7cwGmAOcn3vueruiI?cid=[CLICK_ID]&sid=[SUB_ID]

552 B
700 B

352ms
111ms

Document
text/html

50.17.153.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://runprecisehighlyinfo-program.info/tvR7Zmuho4rVTjemDQp9zjXUBC7cwGmAOcn3vueruiI?cid=[CLICK_ID]&sid=[SUB_ID]
Requested by: Host: ganda-ljo.com
URL: http://ganda-ljo.com/zclkredirect?visitid=5566ad72-7467-11ee-8a61-0a894831c01f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.153.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-153-178.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb

Request headers

Referer: http://ganda-ljo.com/zclkredirect?visitid=5566ad72-7467-11ee-8a61-0a894831c01f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 552
Content-Type: text/html
Date: Fri, 27 Oct 2023 01:22:48 GMT
Server: nginx

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81c7214b1c1f4259-EWR
content-type: text/html
date: Fri, 27 Oct 2023 01:22:48 GMT
location: https://runprecisehighlyinfo-program.info/tvR7Zmuho4rVTjemDQp9zjXUBC7cwGmAOcn3vueruiI?cid=[CLICK_ID]&sid=[SUB_ID]
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPJ7FVkfivrghf2Lvnl5dipcuyC5K8j%2BekYlNJ9zl5tAiXmvn0tCEsfhpuHAH4RquWpsT3Ia5naA%2BPoJ%2BZZW5PsFk%2BcENIrXhx9pJBcPzq6k5ONwfFRgo3iJ%2BZqGRwXqXBrb%2B5KEs2IjopwEoCQZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			wsafeguardpush.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6ed57lbqjo9rra8fnefce26ag6

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://runprecisehighlyinfo-program.info/tvR7Zmuho4rVTjemDQp9zjXUBC7cwGmAOcn3vueruiI?cid=[CLICK_ID]&sid=[SUB_ID] Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ganda-ljo.com
gitlab.salinamontessori.com
pro.finalice.net
redir.blowingwind.xyz
runprecisehighlyinfo-program.info
wsafeguardpush.com
www.toromclick.com
142.93.240.225
198.211.113.186
2606:4700:3037::6815:5c18
3.93.251.206
34.200.193.204
50.17.153.178
64.91.248.15
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb

runprecisehighlyinfo-program.info Open in urlscan Pro 50.17.153.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

5 Requests

20 %HTTPS

14 %IPv6

7 Domains

7 Subdomains

3 IPs

1 Countries

22 kBTransfer

20 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

runprecisehighlyinfo-program.info Open in urlscan Pro
50.17.153.178 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

20 %
HTTPS

14 %
IPv6

7
Domains

7
Subdomains

3
IPs

1
Countries

22 kB
Transfer

20 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions