ducktapetraffic.winwitherickennedy.com Open in urlscan Pro
209.143.158.10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ducktapetraffic.winwitherickennedy.com/
Submission: On June 07 via api (June 7th 2024, 12:28:22 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 11 HTTP transactions. The main IP is 209.143.158.10, located in United States and belongs to ILAND, US. The main domain is ducktapetraffic.winwitherickennedy.com.
TLS certificate: Issued by Buypass Class 2 CA 5 on May 25th 2024. Valid for: 6 months.

This is the only time ducktapetraffic.winwitherickennedy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	209.143.158.10 209.143.158.10	14127 (ILAND) (ILAND)
1	2606:4700:20:... 2606:4700:20::681a:271	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
11	5

4 209.143.158.10 (United States)

ASN14127 (ILAND, US)
PTR: mail.mailcollab.net

ducktapetraffic.winwitherickennedy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:271 (United States)

ASN13335 (CLOUDFLARENET, US)

images4.pricelesspossibilities.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 9704	188 KB
4	winwitherickennedy.com ducktapetraffic.winwitherickennedy.com	42 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 95
1	pricelesspossibilities.com images4.pricelesspossibilities.com	1018 B
0	mycompanyadmin.com Failed www.mycompanyadmin.com Failed
11	5

	Domain	Requested by
4	blogger.googleusercontent.com	ducktapetraffic.winwitherickennedy.com
4	ducktapetraffic.winwitherickennedy.com	ducktapetraffic.winwitherickennedy.com
1	www.youtube.com	ducktapetraffic.winwitherickennedy.com
1	images4.pricelesspossibilities.com	ducktapetraffic.winwitherickennedy.com
0	www.mycompanyadmin.com Failed	ducktapetraffic.winwitherickennedy.com
11	5

This site contains links to these domains. Also see Links.

Domain
aemailer.club
erickennedy.phghub.com
onlinemarketingacademy.club

Subject Issuer	Validity	Valid
winwitherickennedy.com Buypass Class 2 CA 5	`2024-05-25` - `2024-11-20`	6 months	crt.sh
pricelesspossibilities.com Cloudflare Inc ECC CA-3	`2023-12-27` - `2024-12-26`	a year	crt.sh
*.googleusercontent.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://ducktapetraffic.winwitherickennedy.com/
Frame ID: 068B4CE7230B11155AC30C6834EF3BD2
Requests: 10 HTTP requests in this frame

Frame: https://www.youtube.com/embed/JtV2INvZG_U?si=kauLdSH_yuOJaF2u
Frame ID: B11EA46CE659FDD6D31BA770C964853B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Duck Tape Done Traffic

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Page Statistics

11
Requests

91 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

231 kB
Transfer

229 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://aemailer.club/new-system-training-2021-01-01-091352/
Title: I'm sending you all my advertising SECRETS to your inbox. Can't find it? Look in your promotions or spam folder!

Search URL Search Domain Scan URL

URL: https://erickennedy.phghub.com/autoleads

Search URL Search Domain Scan URL

URL: https://onlinemarketingacademy.club/earnings-disclosure/
Title: REQUIRED EARNINGS DISCLOSURE:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://www.mycompanyadmin.com/admin/ManageWebSite/leadcapture/EditMyPage_ClassicRTE.asp?pageID=748354&salespage=k&from=followup HTTP 302
https://www.mycompanyadmin.com/admin/Login/Login.asp?session=T&R=%2Fadmin%2FManageWebSite%2Fleadcapture%2FEditMyPage%5FClassicRTE%2Easp%3FpageID%3D748354%26salespage%3Dk%26from%3Dfollowup HTTP 302
https://www.mycompanyadmin.com/admin/Login/AdminConnection.asp?session=T&R=%2Fadmin%2FManageWebSite%2Fleadcapture%2FEditMyPage%5FClassicRTE%2Easp%3FpageID%3D748354%26salespage%3Dk%26from%3Dfollowup

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ducktapetraffic.winwitherickennedy.com/ 11 KB
11 KB 1205ms
690ms Document
text/html 209.143.158.10
ILAND

General

Check archive.org

Show headers Download Go to

Full URL: https://ducktapetraffic.winwitherickennedy.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.143.158.10 , United States, ASN14127 (ILAND, US),
Reverse DNS: mail.mailcollab.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 79f8d890f39aebd6e19313a7c0b8078aed6e21a21d5b4eaa8629d6bbeb8c27d9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache
content-length: 10821
content-type: text/html; Charset=utf-8
date: Fri, 07 Jun 2024 12:28:16 GMT
expires: Thu, 06 Jun 2024 12:28:16 GMT
pragma: no-cache
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 bg_image.css
ducktapetraffic.winwitherickennedy.com/site/include/ 377 B
491 B 196ms
189ms Stylesheet
text/css 209.143.158.10
ILAND

General

Check archive.org

Show headers Download Go to

Full URL: https://ducktapetraffic.winwitherickennedy.com/site/include/bg_image.css
Requested by: Host: ducktapetraffic.winwitherickennedy.com
URL: https://ducktapetraffic.winwitherickennedy.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.143.158.10 , United States, ASN14127 (ILAND, US),
Reverse DNS: mail.mailcollab.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b737811ae36bc0328892142edfa55032d4e5b2aa5cf37a006da0cf61705a2d5f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ducktapetraffic.winwitherickennedy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:28:17 GMT
last-modified: Sun, 21 Mar 2021 10:06:24 GMT
server: Microsoft-IIS/10.0
etag: "30d8d9d9391ed71:0"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 377

GET
H2 200 back51.jpg
images4.pricelesspossibilities.com/PLS/BG/ 469 B
1018 B 503ms
373ms Image
image/jpeg 2606:4700:20::681a:271
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.pricelesspossibilities.com/PLS/BG/back51.jpg
Requested by: Host: ducktapetraffic.winwitherickennedy.com
URL: https://ducktapetraffic.winwitherickennedy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:271 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5c9b9cca2e82469c6b8cb22982cfab8c74efa411e11b9664704fdcff37d686f4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ducktapetraffic.winwitherickennedy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:28:17 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Mon, 02 Sep 2019 05:59:25 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "c051f7925361d51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=61jvv2nbr7QRmtpe74cFORCMwoiV6%2Bx2toHT2%2Bv63PUHIhsjY%2FzCD0rmqYImHJcAO%2BeJpsc5Gl2QcHA7%2BBeeylnY2m4SWUr5czPubVYXsDVIrZwQFnI6KOIBbF4%2B%2B43Kup5pSStcLtcwLBRGntS%2BU1BXly4UhgKwoprOKhK%2BMEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8900a41fda219bdc-FRA
content-length: 469

GET
H2 200 Who%20Needs%20Traffic%20BANNER%20(1200%20x%20300%20px)%20(1).png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2nSEU8StAKbBUuNYw-PGkSKZ6PMVNnmBEWJ6EgKn95j7DgXql7Gf7h5hFz5omxfDmpENOyJeIdD025dV-y0YbeJYaHoZABQ1c36c6OtC6qloFabt5fJcr-1dFMsRoRi-8H6ii9YAmYPS26pcE... 115 KB
116 KB 553ms
446ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2nSEU8StAKbBUuNYw-PGkSKZ6PMVNnmBEWJ6EgKn95j7DgXql7Gf7h5hFz5omxfDmpENOyJeIdD025dV-y0YbeJYaHoZABQ1c36c6OtC6qloFabt5fJcr-1dFMsRoRi-8H6ii9YAmYPS26pcEGvToiNAwemMqb34ADoC-EwpkXmXJAeYwVROPKijDlOjF/s1200/Who%20Needs%20Traffic%20BANNER%20(1200%20x%20300%20px)%20(1).png

Requested by

Host: ducktapetraffic.winwitherickennedy.com
URL: https://ducktapetraffic.winwitherickennedy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a55b56ecd18aa1ef6844a9f116d7c1f28403b901a5c67dff318b1c11d2252429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ducktapetraffic.winwitherickennedy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:28:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v73f5"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Who Needs Traffic BANNER (1200 x 300 px) (1).png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118210
x-xss-protection: 0
expires: Sat, 08 Jun 2024 12:28:17 GMT

GET
H2 200 Warning%20Sign%20PNG%20(1).png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgA7wimjWqqElzXID2VIJKmJWzsE29TNlrUG3prMU3AwV9D9_nv6pXHEcTRoCfS2t1Krpyr3iXANZtzI_BRdaTM-e6QMuVF5IMWkxaGrooODiQV6aT_UCy8WdxebhyphenhyphenDubPjfz_MU6... 10 KB
11 KB 679ms
590ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgA7wimjWqqElzXID2VIJKmJWzsE29TNlrUG3prMU3AwV9D9_nv6pXHEcTRoCfS2t1Krpyr3iXANZtzI_BRdaTM-e6QMuVF5IMWkxaGrooODiQV6aT_UCy8WdxebhyphenhyphenDubPjfz_MU6Wjh8ryMe0-9vtLKLH2tb6ZIWdqt0qmZizhpmu6o94EEfBaphD4hMTO/s200/Warning%20Sign%20PNG%20(1).png

Requested by

Host: ducktapetraffic.winwitherickennedy.com
URL: https://ducktapetraffic.winwitherickennedy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ce8745ab6f7f6e9728368f955f46154d2001299211362924efb0988edd5f2ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ducktapetraffic.winwitherickennedy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:28:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v7364"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Warning Sign PNG (1).png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10733
x-xss-protection: 0
expires: Sat, 08 Jun 2024 12:28:17 GMT

GET
H2 200 Money%20in%20hand%20with%20girl%20(400x400)%20(1).png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEoLdLL-JhurlDiTlTTJCraSMvM_Q3r6uzH8eSwg87MIXfzrwvmGE2LDP3K0Ci4ZgjIpJzcd1NNyPNhhfJzBMDqMJgHAM40Ngr8iqvUJ3w71BcZiBCYDZDppOLq18pL77ik362i3ulsvJ473aG... 55 KB
56 KB 651ms
562ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEoLdLL-JhurlDiTlTTJCraSMvM_Q3r6uzH8eSwg87MIXfzrwvmGE2LDP3K0Ci4ZgjIpJzcd1NNyPNhhfJzBMDqMJgHAM40Ngr8iqvUJ3w71BcZiBCYDZDppOLq18pL77ik362i3ulsvJ473aGO7kmxDebNfkv1XSWgeYQIKgB9QzvSrpdWqgeyTJJleVF/s400/Money%20in%20hand%20with%20girl%20(400x400)%20(1).png

Requested by

Host: ducktapetraffic.winwitherickennedy.com
URL: https://ducktapetraffic.winwitherickennedy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

983c1274d3109900e9d47202dd828e643337796f5a7bdc37af9bb68828f6fcb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ducktapetraffic.winwitherickennedy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:28:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v6922"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Money in hand with girl (400x400) (1).png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56823
x-xss-protection: 0
expires: Sat, 08 Jun 2024 12:28:17 GMT

GET
H2 200 Red%20Button%20YES!%20(500%20%C3%97%20200%20px)%20(1).png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBhFfrzzvKhrjpe4Jf-wB_Gi_0_q7zopUx6EXyQ8fPxDz9FfBWJPiMFpKB-1CQhwvfvKs3eTUpmOKodjLnCbOoLwJ8bSUg9f4yB0wOKxoOZNvkdOvCc2nmbAeQVgAlsJPqa2R5hgJOUEUghkYK... 6 KB
6 KB 367ms
278ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBhFfrzzvKhrjpe4Jf-wB_Gi_0_q7zopUx6EXyQ8fPxDz9FfBWJPiMFpKB-1CQhwvfvKs3eTUpmOKodjLnCbOoLwJ8bSUg9f4yB0wOKxoOZNvkdOvCc2nmbAeQVgAlsJPqa2R5hgJOUEUghkYKgmVkRlzrMOHpVFXEnPhzTk3e9qfmjnk42YsRX6mCZzze/s500/Red%20Button%20YES!%20(500%20%C3%97%20200%20px)%20(1).png

Requested by

Host: ducktapetraffic.winwitherickennedy.com
URL: https://ducktapetraffic.winwitherickennedy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1984db00e6b798e5fb2996113b5aa5a72b8e071658674df595033d12a3627cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ducktapetraffic.winwitherickennedy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:28:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v6929"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Red Button YES! (500 _ 200 px) (1).png";filename*=UTF-8''Red%20Button%20YES!%20(500%20%C3%97%20200%20px)%20(1).png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6128
x-xss-protection: 0
expires: Sat, 08 Jun 2024 12:28:17 GMT

GET
H2 200 Call_me2a.jpg
ducktapetraffic.winwitherickennedy.com/imagesrte/d1135890/ 29 KB
29 KB 182ms
181ms Image
image/jpeg 209.143.158.10
ILAND

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ducktapetraffic.winwitherickennedy.com/imagesrte/d1135890/Call_me2a.jpg
Requested by: Host: ducktapetraffic.winwitherickennedy.com
URL: https://ducktapetraffic.winwitherickennedy.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.143.158.10 , United States, ASN14127 (ILAND, US),
Reverse DNS: mail.mailcollab.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0c4a692f161f8eeb4b7d6b3a75f8aa4457765b9650b01350edc09767b420675a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ducktapetraffic.winwitherickennedy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:28:17 GMT
last-modified: Wed, 06 Dec 2023 06:23:29 GMT
server: Microsoft-IIS/10.0
etag: "ee3175bac28da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 29723

GET
H2 200 JtV2INvZG_U
www.youtube.com/embed/ Frame B11E 0
0 239ms
147ms Document
text/html 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/JtV2INvZG_U?si=kauLdSH_yuOJaF2u

Requested by

Host: ducktapetraffic.winwitherickennedy.com
URL: https://ducktapetraffic.winwitherickennedy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ducktapetraffic.winwitherickennedy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jun 2024 12:28:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET

AdminConnection.asp
www.mycompanyadmin.com/admin/Login/
Redirect Chain

https://www.mycompanyadmin.com/admin/ManageWebSite/leadcapture/EditMyPage_ClassicRTE.asp?pageID=748354&salespage=k&from=followup
https://www.mycompanyadmin.com/admin/Login/Login.asp?session=T&R=%2Fadmin%2FManageWebSite%2Fleadcapture%2FEditMyPage%5FClassicRTE%2Easp%3FpageID%3D748354%26salespage%3Dk%26from%3Dfollowup
https://www.mycompanyadmin.com/admin/Login/AdminConnection.asp?session=T&R=%2Fadmin%2FManageWebSite%2Fleadcapture%2FEditMyPage%5FClassicRTE%2Easp%3FpageID%3D748354%26salespage%3Dk%26from%3Dfollowup

0
0

GET
H2 200 favicon.ico
ducktapetraffic.winwitherickennedy.com/ 1019 B
1 KB 201ms
200ms Other
image/x-icon 209.143.158.10
ILAND

General

Check archive.org

Show headers Download Go to

Full URL: https://ducktapetraffic.winwitherickennedy.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.143.158.10 , United States, ASN14127 (ILAND, US),
Reverse DNS: mail.mailcollab.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 49bccea345b0704cf5efab41de690b61b4727224633c44c791ffdd9a7378143b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ducktapetraffic.winwitherickennedy.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:28:19 GMT
last-modified: Sun, 21 Mar 2021 03:51:43 GMT
server: Microsoft-IIS/10.0
etag: "4217388251ed71:0"
x-powered-by: ASP.NET
content-type: image/x-icon
accept-ranges: bytes
content-length: 1019

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.mycompanyadmin.com
URL: https://www.mycompanyadmin.com/admin/Login/AdminConnection.asp?session=T&R=%2Fadmin%2FManageWebSite%2Fleadcapture%2FEditMyPage%5FClassicRTE%2Easp%3FpageID%3D748354%26salespage%3Dk%26from%3Dfollowup

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ducktapetraffic.winwitherickennedy.com/	1970-01-21 05:54:39	Name: SITE Value: distributor%5FID=1135890
ducktapetraffic.winwitherickennedy.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDQGQDSDTS Value: GINGGDGBBKDOEIDPHHEKCHKJ
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: DHWGh6MhhfM
.youtube.com/	1970-01-21 01:28:35	Name: VISITOR_INFO1_LIVE Value: tJir1INEcds
.youtube.com/	1970-01-21 01:28:35	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgDg%3D%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ducktapetraffic.winwitherickennedy.com/(Line 41) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
ducktapetraffic.winwitherickennedy.com
images4.pricelesspossibilities.com
www.mycompanyadmin.com
www.youtube.com
www.mycompanyadmin.com
209.143.158.10
2606:4700:20::681a:271
2a00:1450:4001:80f::2001
2a00:1450:4001:81d::200e
0c4a692f161f8eeb4b7d6b3a75f8aa4457765b9650b01350edc09767b420675a
1984db00e6b798e5fb2996113b5aa5a72b8e071658674df595033d12a3627cc8
49bccea345b0704cf5efab41de690b61b4727224633c44c791ffdd9a7378143b
5c9b9cca2e82469c6b8cb22982cfab8c74efa411e11b9664704fdcff37d686f4
79f8d890f39aebd6e19313a7c0b8078aed6e21a21d5b4eaa8629d6bbeb8c27d9
983c1274d3109900e9d47202dd828e643337796f5a7bdc37af9bb68828f6fcb1
a55b56ecd18aa1ef6844a9f116d7c1f28403b901a5c67dff318b1c11d2252429
b737811ae36bc0328892142edfa55032d4e5b2aa5cf37a006da0cf61705a2d5f
ce8745ab6f7f6e9728368f955f46154d2001299211362924efb0988edd5f2ea2

ducktapetraffic.winwitherickennedy.com Open in urlscan Pro 209.143.158.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

75 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

231 kBTransfer

229 kBSize

5 Cookies

3 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

5 Cookies

1 Console Messages

Indicators

ducktapetraffic.winwitherickennedy.com Open in urlscan Pro
209.143.158.10 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

231 kB
Transfer

229 kB
Size

5
Cookies

11 HTTP transactions
0 data transactions