mtzenhigqg.com
Open in
urlscan Pro
198.134.112.243
Public Scan
Effective URL: https://mtzenhigqg.com/mg55d04t9w?key=5e8b8280638e71e3643e70cfb1a2c49c
Submission: On March 01 via api from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on January 12th 2020. Valid for: 3 months.
This is the only time mtzenhigqg.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 184.168.131.241 184.168.131.241 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
1 1 | 103.224.212.222 103.224.212.222 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 4 | 103.224.182.206 103.224.182.206 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 2 | 116.202.81.140 116.202.81.140 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 3 | 198.143.165.219 198.143.165.219 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC) | |
1 | 205.147.93.131 205.147.93.131 | 393676 (ZENEDGE) (ZENEDGE) | |
1 2 | 3.226.77.126 3.226.77.126 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 198.134.112.243 198.134.112.243 | 27257 (WEBAIR-IN...) (WEBAIR-INTERNET) | |
9 | 7 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net
prompt.cannabisrxdoc.com |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-222.above.com
nnlis.wausauultimate.com |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
bidr.trellian.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.140.81.202.116.clients.your-server.de
secure.clicktrkservices.com | |
secure.click2partner.com |
ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
click.amazingtechsavings.xyz |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-77-126.compute-1.amazonaws.com
getad.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
trellian.com
1 redirects
bidr.trellian.com |
3 KB |
3 |
amazingtechsavings.xyz
2 redirects
click.amazingtechsavings.xyz |
3 KB |
2 |
getad.xyz
getad.xyz Failed |
761 B |
1 |
mtzenhigqg.com
mtzenhigqg.com |
515 B |
1 |
yltenim.com
yltenim.com |
4 KB |
1 |
click2partner.com
secure.click2partner.com |
298 B |
1 |
clicktrkservices.com
1 redirects
secure.clicktrkservices.com |
314 B |
1 |
wausauultimate.com
1 redirects
nnlis.wausauultimate.com |
1 KB |
1 |
cannabisrxdoc.com
1 redirects
prompt.cannabisrxdoc.com |
221 B |
9 | 9 |
Domain | Requested by | |
---|---|---|
4 | bidr.trellian.com |
1 redirects
bidr.trellian.com
|
3 | click.amazingtechsavings.xyz | 2 redirects |
2 | getad.xyz |
yltenim.com
|
1 | mtzenhigqg.com |
getad.xyz
|
1 | yltenim.com |
click.amazingtechsavings.xyz
|
1 | secure.click2partner.com |
bidr.trellian.com
|
1 | secure.clicktrkservices.com | 1 redirects |
1 | nnlis.wausauultimate.com | 1 redirects |
1 | prompt.cannabisrxdoc.com | 1 redirects |
9 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
terraclicks.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
secure.click2partner.com Let's Encrypt Authority X3 |
2020-02-08 - 2020-05-08 |
3 months | crt.sh |
click.amazingtechsavings.xyz Let's Encrypt Authority X3 |
2020-01-15 - 2020-04-14 |
3 months | crt.sh |
yltenim.com Let's Encrypt Authority X3 |
2020-02-21 - 2020-05-21 |
3 months | crt.sh |
mtzenhigqg.com Let's Encrypt Authority X3 |
2020-01-12 - 2020-04-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://mtzenhigqg.com/mg55d04t9w?key=5e8b8280638e71e3643e70cfb1a2c49c
Frame ID: DAF6410F50F851FDCE156EE7DFC0B540
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://prompt.cannabisrxdoc.com/wonderful
HTTP 302
http://nnlis.wausauultimate.com/wonderful HTTP 302
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yOqyxJs68zXDe7YVicxac4IVcTAfMnZ2BLEyGN4hYymDUi%... Page URL
-
http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrkservices.com%2Findex.php%3Fkey%3Dz6lzic...
HTTP 302
https://secure.clicktrkservices.com/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=1027333381&sid=2020030123... HTTP 302
https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campai... Page URL
-
https://click.amazingtechsavings.xyz/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2...
HTTP 302
https://click.amazingtechsavings.xyz/?utm_term=6799221675293409523&clickverify=1 Page URL
-
https://click.amazingtechsavings.xyz/proc.php?69537d93125641738723b625bf8061af329f7f3a
HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_... Page URL
- http://getad.xyz/go/216668/456926 Page URL
-
http://getad.xyz/ad/ad?p=216668&w=456926&t=04dff734ac7010d3&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmN...
HTTP 303
https://mtzenhigqg.com/mg55d04t9w?key=5e8b8280638e71e3643e70cfb1a2c49c Page URL
Detected technologies
Debian (Operating Systems) ExpandDetected patterns
- headers server /Debian/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Anonymous Proxy detected, click here.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://prompt.cannabisrxdoc.com/wonderful
HTTP 302
http://nnlis.wausauultimate.com/wonderful HTTP 302
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yOqyxJs68zXDe7YVicxac4IVcTAfMnZ2BLEyGN4hYymDUi%2BzNVj6EvyPn7xXdylixIXWGCfgC%2FLNCMvVBxyUZuz9lDJSncCoLfAo7nsh1exD7voxJ4aiJ2SgTjmBPVfb6kAf4GcQWioOEzFeaxpjeOJQ%2Bp%2FyEL%2BdpyjG09fA%2FrcI7e3QSDDa2zc5TyuQ6fygzc1uOfA1K82DY0XHg8nBe3uVdaM4cHk2FLXnWaj0YFlKthweJrmCxpAGds%2FxzexhNYz27y6USaraSMdMqMP2A%2FUAQoOVUiDr3AoebzwwDgslp2LxFoKJGEx0H2VsI7jFXQ2aeDmx8W5O%2FNaFxTXCouk61FyBCo%2B6uOoMUjK%2Fw75esLObJ9uw0LPBHCPXB2DYazd9II%2B%2BAZF59avy%2B6nQyzYEhNkXDoUr2uqswByvLD%2BGrBruIw87%2FNnOr0ryKjOpTujO7I0RstbpAbkZF28b5XgOp7hPUmAp1dcBy%2FytFak1%2F3XlJMvrCxMOeCYUDRyDh2L3HNuPUHFYfw0Rr%2BtGBmHWiZXcg%2F69k%2BN8zaNtMfHUDzO1MwOErXXXygFKHZBFcHJHjLpaehlf1IHnOSzpPd5GztIHgaGFb9hvAjG1oh%2F%2F56Okt8IJLwNNKLI2UzezyeVfO54GRewNeBCcw%2BiLnjVkFGcuUVOB3xmId9fw9SRQZ%2BWQyGe%2BMz%2BBfPBrpqXWGxYN0RgSe04aU7MHA4IiWSyGpzXwKy8WeCxuUGnTX1FfeunfDo38woCef5H0RL2sHUlBwc6s0TrhuPt4ZnkONWUtGMlnJvI%2BLmvUbzhNwHkdVnTxJHSGILKlrOanoa1TP5rRzj9MLIKSNHd2OgA%2FznM%3D Page URL
-
http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrkservices.com%2Findex.php%3Fkey%3Dz6lzicrucf3l6lfp558m%26cpv%3D0.005%26subid%3D1027333381%26sid%3D20200301235236eaad524d117ab65671&s=j
HTTP 302
https://secure.clicktrkservices.com/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=1027333381&sid=20200301235236eaad524d117ab65671 HTTP 302
https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=9ef1firejocq528f&url_bnm_redirect=https://click.amazingtechsavings.xyz/ Page URL
-
https://click.amazingtechsavings.xyz/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=9ef1firejocq528f
HTTP 302
https://click.amazingtechsavings.xyz/?utm_term=6799221675293409523&clickverify=1 Page URL
-
https://click.amazingtechsavings.xyz/proc.php?69537d93125641738723b625bf8061af329f7f3a
HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_MS_Feb20&subid=6799221675293409523&ext1=240 Page URL
- http://getad.xyz/go/216668/456926 Page URL
-
http://getad.xyz/ad/ad?p=216668&w=456926&t=04dff734ac7010d3&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmNvbSUyRg==&vw=1600&vh=1200
HTTP 303
https://mtzenhigqg.com/mg55d04t9w?key=5e8b8280638e71e3643e70cfb1a2c49c Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://prompt.cannabisrxdoc.com/wonderful HTTP 302
- http://nnlis.wausauultimate.com/wonderful HTTP 302
- http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yOqyxJs68zXDe7YVicxac4IVcTAfMnZ2BLEyGN4hYymDUi%2BzNVj6EvyPn7xXdylixIXWGCfgC%2FLNCMvVBxyUZuz9lDJSncCoLfAo7nsh1exD7voxJ4aiJ2SgTjmBPVfb6kAf4GcQWioOEzFeaxpjeOJQ%2Bp%2FyEL%2BdpyjG09fA%2FrcI7e3QSDDa2zc5TyuQ6fygzc1uOfA1K82DY0XHg8nBe3uVdaM4cHk2FLXnWaj0YFlKthweJrmCxpAGds%2FxzexhNYz27y6USaraSMdMqMP2A%2FUAQoOVUiDr3AoebzwwDgslp2LxFoKJGEx0H2VsI7jFXQ2aeDmx8W5O%2FNaFxTXCouk61FyBCo%2B6uOoMUjK%2Fw75esLObJ9uw0LPBHCPXB2DYazd9II%2B%2BAZF59avy%2B6nQyzYEhNkXDoUr2uqswByvLD%2BGrBruIw87%2FNnOr0ryKjOpTujO7I0RstbpAbkZF28b5XgOp7hPUmAp1dcBy%2FytFak1%2F3XlJMvrCxMOeCYUDRyDh2L3HNuPUHFYfw0Rr%2BtGBmHWiZXcg%2F69k%2BN8zaNtMfHUDzO1MwOErXXXygFKHZBFcHJHjLpaehlf1IHnOSzpPd5GztIHgaGFb9hvAjG1oh%2F%2F56Okt8IJLwNNKLI2UzezyeVfO54GRewNeBCcw%2BiLnjVkFGcuUVOB3xmId9fw9SRQZ%2BWQyGe%2BMz%2BBfPBrpqXWGxYN0RgSe04aU7MHA4IiWSyGpzXwKy8WeCxuUGnTX1FfeunfDo38woCef5H0RL2sHUlBwc6s0TrhuPt4ZnkONWUtGMlnJvI%2BLmvUbzhNwHkdVnTxJHSGILKlrOanoa1TP5rRzj9MLIKSNHd2OgA%2FznM%3D
- http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrkservices.com%2Findex.php%3Fkey%3Dz6lzicrucf3l6lfp558m%26cpv%3D0.005%26subid%3D1027333381%26sid%3D20200301235236eaad524d117ab65671&s=j HTTP 302
- https://secure.clicktrkservices.com/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=1027333381&sid=20200301235236eaad524d117ab65671 HTTP 302
- https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=9ef1firejocq528f&url_bnm_redirect=https://click.amazingtechsavings.xyz/
- https://click.amazingtechsavings.xyz/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=9ef1firejocq528f HTTP 302
- https://click.amazingtechsavings.xyz/?utm_term=6799221675293409523&clickverify=1
- https://click.amazingtechsavings.xyz/proc.php?69537d93125641738723b625bf8061af329f7f3a HTTP 302
- https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m?diM=WW_MS_Feb20&subid=6799221675293409523&ext1=240
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
r2.php
bidr.trellian.com/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jscheck.js
bidr.trellian.com/javascript/ |
858 B 701 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jscheck.php
bidr.trellian.com/ |
0 166 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.php
secure.click2partner.com/nlp/ Redirect Chain
|
179 B 298 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
click.amazingtechsavings.xyz/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JGLJgY-JXI7dCF0hEEPEzsWwHNQ4sNfptIX6cqz9_8IvUF2vJ91m
yltenim.com/nh4ea/ciqM/fC6c/ Redirect Chain
|
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
456926
getad.xyz/go/216668/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
456926
getad.xyz/go/216668/ |
466 B 517 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
mg55d04t9w
mtzenhigqg.com/ Redirect Chain
|
103 B 515 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- getad.xyz
- URL
- http://getad.xyz/go/216668/456926?
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mtzenhigqg.com/ | Name: u_pl Value: 14393656 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bidr.trellian.com
click.amazingtechsavings.xyz
getad.xyz
mtzenhigqg.com
nnlis.wausauultimate.com
prompt.cannabisrxdoc.com
secure.click2partner.com
secure.clicktrkservices.com
yltenim.com
getad.xyz
103.224.182.206
103.224.212.222
116.202.81.140
184.168.131.241
198.134.112.243
198.143.165.219
205.147.93.131
3.226.77.126
04cf5d49c262a1573f910c4bc9ad21dd8c0f08d82eba82f802bb00296e52803a
0766f527fcf931c99f93825401ea5d39f6cfe63b56bfd1050f9d1689a8266ab4
3b5554a7700b4f8dd10fbbe3053e882244fc01f181291433ca4f1646143e1982
4c57d9113c646335efe6600d71938167bb1545dcff70b2190c0399c616201700
85943dd2ac3db905fd812672143762d2be4818c6f13492796a87bdefa6986a98
ab030a8588ef9530d38a74d9e14b36ccdd792323af6352d4d5da9d19b9b95341
c73acf5ab220140fe3e3811ae395e1f760a5bd0559fb17e7c574eeb9f0d283cd