brrdoa.clicks.mlsend.com Open in urlscan Pro
2606:4700::6811:6bef Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://predictiveresponse.net/fwd.htm?redirect=https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter...
Effective URL:
https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMT...
Submission: On October 16 via manual (October 16th 2024, 10:02:25 am UTC) from DE — Scanned from DE

Summary HTTP 13 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 2606:4700::6811:6bef, located in United States and belongs to CLOUDFLARENET, US. The main domain is brrdoa.clicks.mlsend.com.
TLS certificate: Issued by WE1 on August 21st 2024. Valid for: 3 months.

This is the only time brrdoa.clicks.mlsend.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	184.72.233.230 184.72.233.230	14618 (AMAZON-AES) (AMAZON-AES)
1 1	203.194.132.199 203.194.132.199	9729 (IS-AP iAd...) (IS-AP iAdvantage Limited)
2	2606:4700::68... 2606:4700::6811:6bef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:440... 2606:4700:4400::6812:2542	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	3

4 184.72.233.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-233-230.compute-1.amazonaws.com

predictiveresponse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aws.predictiveresponse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.194.132.199 (Hong Kong) 1 redirects

ASN9729 (IS-AP iAdvantage Limited, HK)
PTR: ctgoodjobs.hk

www.ctgoodjobs.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:6bef (United States)

ASN13335 (CLOUDFLARENET, US)

brrdoa.clicks.mlsend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::6812:2542 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	mailerlite.com assets.mailerlite.com — Cisco Umbrella Rank: 27774 fonts.mailerlite.com — Cisco Umbrella Rank: 28717	2 MB
4	predictiveresponse.net predictiveresponse.net — Cisco Umbrella Rank: 75427 aws.predictiveresponse.net — Cisco Umbrella Rank: 75498	5 KB
2	mlsend.com brrdoa.clicks.mlsend.com	6 KB
1	ctgoodjobs.hk 1 redirects www.ctgoodjobs.hk — Cisco Umbrella Rank: 720667	976 B
13	4

	Domain	Requested by
5	assets.mailerlite.com	brrdoa.clicks.mlsend.com
2	fonts.mailerlite.com	assets.mailerlite.com fonts.mailerlite.com
2	brrdoa.clicks.mlsend.com	aws.predictiveresponse.net brrdoa.clicks.mlsend.com
2	aws.predictiveresponse.net	predictiveresponse.net
2	predictiveresponse.net
1	www.ctgoodjobs.hk	1 redirects
13	6

This site contains links to these domains. Also see Links.

Domain
dashboard.mailerlite.com
www.mailerlite.com

Subject Issuer	Validity	Valid
predictiveresponse.net R11	`2024-08-26` - `2024-11-24`	3 months	crt.sh
mlsend.com WE1	`2024-08-21` - `2024-11-20`	3 months	crt.sh
mailerlite.com WE1	`2024-09-06` - `2024-12-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9
Frame ID: A577CCD010E9BED99406E8661B5FFDE3
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Not found | MailerLite

Page URL History Show full URLs

https://predictiveresponse.net/fwd.htm?redirect=https://www.ctgoodjobs.hk/english/count/count_banner.asp?ba... Page URL
https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_p... HTTP 302
https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOj... Page URL

Detected technologies

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Page Statistics

13
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

3
IPs

2
Countries

2279 kB
Transfer

11697 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://dashboard.mailerlite.com/dashboard
Title: Back to Dashboard

Search URL Search Domain Scan URL

URL: https://www.mailerlite.com/contact-us
Title: Contact us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://predictiveresponse.net/fwd.htm?redirect=https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_privacy&href=https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9 Page URL
https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_privacy&href=https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9 HTTP 302
https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK fwd.htm Show response
predictiveresponse.net/ 382 B
572 B 561ms
138ms Document
text/html 184.72.233.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://predictiveresponse.net/fwd.htm?redirect=https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_privacy&href=https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.72.233.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-233-230.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 5250551d2d9f229c259cb32144ee2a7309b94b2eb3aa89e2334ff109d08f8cf5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 251
Content-Type: text/html
Date: Wed, 16 Oct 2024 10:02:11 GMT
ETag: "17e-5640117d61668-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Tue, 30 Jan 2018 16:45:41 GMT
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK trac.js Show response
aws.predictiveresponse.net/ 10 KB
3 KB 511ms
93ms Script
application/javascript 184.72.233.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aws.predictiveresponse.net/trac.js
Requested by: Host: predictiveresponse.net
URL: https://predictiveresponse.net/fwd.htm?redirect=https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_privacy&href=https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.72.233.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-233-230.compute-1.amazonaws.com
Software: Apache /
Resource Hash: c172ae011a6dba5c46c1818a6dacc8ea4f6861e50f1d85218f9c43178aafa0b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://predictiveresponse.net/

Response headers

Content-Encoding: gzip
ETag: "2940-5eaaad9dc8100-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2801
Keep-Alive: timeout=5, max=100
Date: Wed, 16 Oct 2024 10:02:12 GMT
Last-Modified: Mon, 10 Oct 2022 09:33:24 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: application/javascript

GET
H/1.1 200
OK rtrac.php
aws.predictiveresponse.net/ 0
186 B 96ms
96ms Image
text/html 184.72.233.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aws.predictiveresponse.net/rtrac.php?org=null&lea=null&ite=&lvl=2&uvi=U8qzTMlJD1729072932&uvx=undefined&con=null&ctr=&curl=https://predictiveresponse.net/fwd.htm?redirect=https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_privacy*href=https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9&titl=redirect&ref=&sid=null
Requested by: Host: predictiveresponse.net
URL: https://predictiveresponse.net/fwd.htm?redirect=https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_privacy&href=https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.72.233.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-233-230.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://predictiveresponse.net/

Response headers

Keep-Alive: timeout=5, max=99
Content-Length: 0
Date: Wed, 16 Oct 2024 10:02:12 GMT
Content-Type: text/html; charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H2

404

Primary Request eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9 Show response
brrdoa.clicks.mlsend.com/ty/cl/
Redirect Chain

https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_privacy&href=https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5...
https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9

3 KB
1 KB

237ms
198ms

Document
text/html

2606:4700::6811:6bef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9

Requested by

Host: aws.predictiveresponse.net
URL: https://aws.predictiveresponse.net/trac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6bef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39de196e44e5f412371ccd1ed6064935af4cf8ff01f4a95b9fcb2805e6474c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://predictiveresponse.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8d37364f4a7f9960-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 16 Oct 2024 10:02:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LU0rH7LoUcyzbXg8zxEtN2ZNj6R6Wgy%2FUJCSJNWUXXdGJlceSLA7xqyiDgCk8wfSkCH2n1deLseowtSLRo8VIwm%2FblWvkYY9388AdcBJAeB388CwwWh9UVpb3PLxW0ma73yA9C7uJ0bVWjxwx1OZJ5jVJ3T9zA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-ml-d: tec-rb

Redirect headers

Cache-Control: private
Content-Length: 288
Content-Type: text/html
Date: Wed, 16 Oct 2024 10:02:12 GMT
Location: https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9
Server: Microsoft-IIS/8.5

GET
H/1.1 200
OK favicon.ico
predictiveresponse.net/ 638 B
921 B 98ms
98ms Other
image/vnd.microsoft.icon 184.72.233.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://predictiveresponse.net/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.72.233.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-233-230.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://predictiveresponse.net/fwd.htm?redirect=https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_privacy&href=https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9

Response headers

ETag: "27e-5e7bc9c1b45e7"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 638
Keep-Alive: timeout=5, max=99
Date: Wed, 16 Oct 2024 10:02:12 GMT
Last-Modified: Sat, 03 Sep 2022 02:29:02 GMT
Content-Type: image/vnd.microsoft.icon
Server: Apache

GET
H3 200 app-XH7NR2Ac.css
assets.mailerlite.com/build/assets/ 181 KB
33 KB 189ms
65ms Stylesheet
text/css 2606:4700:4400::6812:2542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.mailerlite.com/build/assets/app-XH7NR2Ac.css

Requested by

Host: brrdoa.clicks.mlsend.com
URL: https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eef3cc5bd797fc41cfaa6f643c605d9abdce4bea4143a88374d2315859efad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://brrdoa.clicks.mlsend.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"670f8184-2d5d1"
age: 3239
access-control-allow-methods: GET, OPTIONS
expires: Mon, 21 Oct 2024 10:02:14 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfExtPri
date: Wed, 16 Oct 2024 10:02:14 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 1
last-modified: Wed, 16 Oct 2024 09:04:04 GMT
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=432000
cf-ray: 8d3736519a419c01-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 app-4XKvA3D8.css
assets.mailerlite.com/build/assets/ 63 KB
13 KB 180ms
57ms Stylesheet
text/css 2606:4700:4400::6812:2542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.mailerlite.com/build/assets/app-4XKvA3D8.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2e1c48f053a3032cc2e2915daf636d8dbdb90f8dfb2c085f90751f8537765df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://brrdoa.clicks.mlsend.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"670f8184-fc49"
age: 3239
access-control-allow-methods: GET, OPTIONS
expires: Mon, 21 Oct 2024 10:02:14 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfExtPri
date: Wed, 16 Oct 2024 10:02:14 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 2
last-modified: Wed, 16 Oct 2024 09:04:04 GMT
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=432000
cf-ray: 8d3736519a3e9c01-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 app-yC6r1GHt.js Show response
assets.mailerlite.com/build/assets/ 8 MB
2 MB 206ms
83ms Script
application/javascript 2606:4700:4400::6812:2542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.mailerlite.com/build/assets/app-yC6r1GHt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5da73c42b0ba744a326ace009a56f2434c261cd8f7fc6e544f99584c76b074e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://brrdoa.clicks.mlsend.com
Referer: https://brrdoa.clicks.mlsend.com/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"670f8184-7f58a7"
access-control-allow-methods: GET, OPTIONS
expires: Mon, 21 Oct 2024 10:02:14 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfExtPri
date: Wed, 16 Oct 2024 10:02:14 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 13
last-modified: Wed, 16 Oct 2024 09:04:04 GMT
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=432000
cf-ray: 8d3736519f2edb07-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 rocket-loader.min.js Show response
brrdoa.clicks.mlsend.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 16ms
11ms Script
application/javascript 2606:4700::6811:6bef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://brrdoa.clicks.mlsend.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6bef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"670ce4f9-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pYw8XzXPsVo%2BNsLEsLrVcmEA5tfXV5QW1dpk38WKXlZtexI2f1Y4ZU36pxzsR%2BApQehK14Pp5kQtoWoaPVGnNKWmfWY8DCulwdrTPT7zmAf%2Ff7sexZhsF2wPFGoBKbh%2BWcqpNJewffPEaEAP9uzIbZT7G9rZkA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d3736514c8a9960-FRA
expires: Fri, 18 Oct 2024 10:02:14 GMT
date: Wed, 16 Oct 2024 10:02:14 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 09:31:37 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 css2
fonts.mailerlite.com/ 22 KB
949 B 469ms
459ms Stylesheet
text/css 2606:4700:4400::6812:2542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.mailerlite.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/build/assets/app-XH7NR2Ac.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fac3804d8c593e45eae47d92641aee073d3fb2ff96a56b506774390abb360243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://assets.mailerlite.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=86400, stale-while-revalidate=604800
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 8d3736522ac29c01-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 10:02:14 GMT
content-type: text/css; charset=utf-8
server: cloudflare

GET
H3 200 app-yC6r1GHt.js
assets.mailerlite.com/build/assets/ 3 MB
0 2ms
2ms Script
application/javascript 2606:4700:4400::6812:2542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.mailerlite.com/build/assets/app-yC6r1GHt.js
Requested by: Host: brrdoa.clicks.mlsend.com
URL: https://brrdoa.clicks.mlsend.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://brrdoa.clicks.mlsend.com/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"670f8184-7f58a7"
access-control-allow-methods: GET, OPTIONS
expires: Mon, 21 Oct 2024 10:02:14 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfExtPri
date: Wed, 16 Oct 2024 10:02:14 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 13
last-modified: Wed, 16 Oct 2024 09:04:04 GMT
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cache-control: public, max-age=432000
cf-ray: 8d3736519f2edb07-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.mailerlite.com/fonts/s/inter/v18/ 47 KB
48 KB 218ms
47ms Font
font/woff2 2606:4700:4400::6812:2542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.mailerlite.com/fonts/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.mailerlite.com
URL: https://fonts.mailerlite.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://brrdoa.clicks.mlsend.com
Referer: https://fonts.mailerlite.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=432000
cf-cache-status: MISS
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-ray: 8d3736562c3c3635-FRA
expires: Mon, 21 Oct 2024 10:02:15 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 10:02:15 GMT
content-type: font/woff2
last-modified: Wed, 16 Oct 2024 10:02:15 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 favicon-32x32.png
assets.mailerlite.com/images/ 98 B
461 B 52ms
52ms Other
image/webp 2606:4700:4400::6812:2542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.mailerlite.com/images/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93c4221e2e67dc6075531998d814d2a1ede443276c835d2ca1c70b2a0b83e49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://brrdoa.clicks.mlsend.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "670f817d-112"
age: 3240
cf-cache-status: HIT
expires: Mon, 21 Oct 2024 10:02:15 GMT
cf-polished: origFmt=png, origSize=274
x-cache: HIT
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 10:02:15 GMT
content-type: image/webp
content-disposition: inline; filename="favicon-32x32.webp"
x-cache-hits: 8
last-modified: Wed, 16 Oct 2024 09:03:57 GMT
vary: Accept
strict-transport-security: max-age=31536000; includeSubDomains
server-timing: cfExtPri
cache-control: public, max-age=432000
cf-ray: 8d37365718cb9c01-FRA
accept-ranges: bytes
content-length: 98
server: cloudflare

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
predictiveresponse.net/	1970-01-21 09:53:52	Name: _pa_user Value: U8qzTMlJD1729072932
.ctgoodjobs.hk/	1970-01-21 09:03:28	Name: visitor_id Value: v20241016180212912179362
.ctgoodjobs.hk/	1969-12-31 23:59:59	Name: isnew Value: Y
.ctgoodjobs.hk/	1969-12-31 23:59:59	Name: CTID Value: 5DD2FA6CB0881BCD1F86821C1D03B74B592055FD8FF2BDD310468E3ACEBB72FF
.ctgoodjobs.hk/	1969-12-31 23:59:59	Name: sid Value: 912179362
www.ctgoodjobs.hk/	1969-12-31 23:59:59	Name: visitor%5Fid Value: v20241016180212912179362
www.ctgoodjobs.hk/	1969-12-31 23:59:59	Name: ASPSESSIONIDAATRQBSQ Value: HPFLOFGDIPBMGBLFNFNEPGID
www.ctgoodjobs.hk/	1969-12-31 23:59:59	Name: BIGipServerpool_ct_http Value: 1616129290.20480.0000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.mailerlite.com
aws.predictiveresponse.net
brrdoa.clicks.mlsend.com
fonts.mailerlite.com
predictiveresponse.net
www.ctgoodjobs.hk
184.72.233.230
203.194.132.199
2606:4700:4400::6812:2542
2606:4700::6811:6bef
2eef3cc5bd797fc41cfaa6f643c605d9abdce4bea4143a88374d2315859efad4
39de196e44e5f412371ccd1ed6064935af4cf8ff01f4a95b9fcb2805e6474c7b
5250551d2d9f229c259cb32144ee2a7309b94b2eb3aa89e2334ff109d08f8cf5
93c4221e2e67dc6075531998d814d2a1ede443276c835d2ca1c70b2a0b83e49d
b5da73c42b0ba744a326ace009a56f2434c261cd8f7fc6e544f99584c76b074e
c172ae011a6dba5c46c1818a6dacc8ea4f6861e50f1d85218f9c43178aafa0b9
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f2e1c48f053a3032cc2e2915daf636d8dbdb90f8dfb2c085f90751f8537765df
fac3804d8c593e45eae47d92641aee073d3fb2ff96a56b506774390abb360243

brrdoa.clicks.mlsend.com Open in urlscan Pro 2606:4700::6811:6bef Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

50 %IPv6

4 Domains

6 Subdomains

3 IPs

2 Countries

2279 kBTransfer

11697 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

8 Cookies

1 Console Messages

Indicators

brrdoa.clicks.mlsend.com Open in urlscan Pro
2606:4700::6811:6bef Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

3
IPs

2
Countries

2279 kB
Transfer

11697 kB
Size

8
Cookies

13 HTTP transactions
0 data transactions