brrdoa.clicks.mlsend.com Open in urlscan Pro
2606:4700::6811:6cef Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://predictiveresponse.net/fwd.htm?redirect=https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter...
Effective URL:
https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMT...
Submission: On September 09 via manual (September 9th 2024, 8:17:34 am UTC) from HK — Scanned from DE

Summary HTTP 12 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 2606:4700::6811:6cef, located in United States and belongs to CLOUDFLARENET, US. The main domain is brrdoa.clicks.mlsend.com.
TLS certificate: Issued by WE1 on August 21st 2024. Valid for: 3 months.

This is the only time brrdoa.clicks.mlsend.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	184.72.233.230 184.72.233.230	14618 (AMAZON-AES) (AMAZON-AES)
1 1	203.194.132.199 203.194.132.199	9729 (IS-AP iAd...) (IS-AP iAdvantage Limited)
2	2606:4700::68... 2606:4700::6811:6cef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:440... 2606:4700:4400::ac40:96be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	3

3 184.72.233.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-233-230.compute-1.amazonaws.com

predictiveresponse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aws.predictiveresponse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.194.132.199 (Hong Kong) 1 redirects

ASN9729 (IS-AP iAdvantage Limited, HK)
PTR: ct.hk

www.ctgoodjobs.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:6cef (United States)

ASN13335 (CLOUDFLARENET, US)

brrdoa.clicks.mlsend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::ac40:96be (United States)

ASN13335 (CLOUDFLARENET, US)

assets.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	mailerlite.com assets.mailerlite.com — Cisco Umbrella Rank: 37460 fonts.mailerlite.com — Cisco Umbrella Rank: 44108	2 MB
3	predictiveresponse.net predictiveresponse.net — Cisco Umbrella Rank: 717724 aws.predictiveresponse.net — Cisco Umbrella Rank: 722132	4 KB
2	mlsend.com brrdoa.clicks.mlsend.com	6 KB
1	ctgoodjobs.hk 1 redirects www.ctgoodjobs.hk	976 B
12	4

	Domain	Requested by
5	assets.mailerlite.com	brrdoa.clicks.mlsend.com
2	fonts.mailerlite.com	assets.mailerlite.com fonts.mailerlite.com
2	brrdoa.clicks.mlsend.com	aws.predictiveresponse.net brrdoa.clicks.mlsend.com
2	aws.predictiveresponse.net	predictiveresponse.net
1	www.ctgoodjobs.hk	1 redirects
1	predictiveresponse.net
12	6

This site contains links to these domains. Also see Links.

Domain
dashboard.mailerlite.com
www.mailerlite.com

Subject Issuer	Validity	Valid
predictiveresponse.net R11	`2024-08-26` - `2024-11-24`	3 months	crt.sh
mlsend.com WE1	`2024-08-21` - `2024-11-20`	3 months	crt.sh
mailerlite.com WE1	`2024-09-06` - `2024-12-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9
Frame ID: 3EF14EB557EEA46F94550FC4E8B192B6
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Not found | MailerLite

Page URL History Show full URLs

https://predictiveresponse.net/fwd.htm?redirect=https://www.ctgoodjobs.hk/english/count/count_banner.asp?ba... Page URL
https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_p... HTTP 302
https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOj... Page URL

Detected technologies

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Page Statistics

12
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

3
IPs

2
Countries

2269 kB
Transfer

13224 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://dashboard.mailerlite.com/dashboard
Title: Back to Dashboard

Search URL Search Domain Scan URL

URL: https://www.mailerlite.com/contact-us
Title: Contact us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://predictiveresponse.net/fwd.htm?redirect=https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_privacy&href=https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9 Page URL
https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_privacy&href=https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9 HTTP 302
https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK fwd.htm Show response
predictiveresponse.net/ 382 B
572 B 378ms
119ms Document
text/html 184.72.233.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://predictiveresponse.net/fwd.htm?redirect=https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_privacy&href=https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.72.233.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-233-230.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 5250551d2d9f229c259cb32144ee2a7309b94b2eb3aa89e2334ff109d08f8cf5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 251
Content-Type: text/html
Date: Mon, 09 Sep 2024 08:17:24 GMT
ETag: "17e-5640117d61668-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Tue, 30 Jan 2018 16:45:41 GMT
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK trac.js Show response
aws.predictiveresponse.net/ 10 KB
3 KB 375ms
116ms Script
application/javascript 184.72.233.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aws.predictiveresponse.net/trac.js
Requested by: Host: predictiveresponse.net
URL: https://predictiveresponse.net/fwd.htm?redirect=https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_privacy&href=https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.72.233.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-233-230.compute-1.amazonaws.com
Software: Apache /
Resource Hash: c172ae011a6dba5c46c1818a6dacc8ea4f6861e50f1d85218f9c43178aafa0b9

Request headers

Referer: https://predictiveresponse.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 09 Sep 2024 08:17:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Oct 2022 09:33:24 GMT
Server: Apache
ETag: "2940-5eaaad9dc8100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2801

GET
H/1.1 200
OK rtrac.php
aws.predictiveresponse.net/ 0
186 B 118ms
118ms Image
text/html 184.72.233.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aws.predictiveresponse.net/rtrac.php?org=null&lea=null&ite=&lvl=2&uvi=FcMCjUZhS1725869845&uvx=undefined&con=null&ctr=&curl=https://predictiveresponse.net/fwd.htm?redirect=https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_privacy*href=https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9&titl=redirect&ref=&sid=null
Requested by: Host: predictiveresponse.net
URL: https://predictiveresponse.net/fwd.htm?redirect=https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_privacy&href=https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.72.233.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-233-230.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Referer: https://predictiveresponse.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 09 Sep 2024 08:17:24 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

404

Primary Request eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9 Show response
brrdoa.clicks.mlsend.com/ty/cl/
Redirect Chain

https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_privacy&href=https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5...
https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9

3 KB
1 KB

170ms
120ms

Document
text/html

2606:4700::6811:6cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9

Requested by

Host: aws.predictiveresponse.net
URL: https://aws.predictiveresponse.net/trac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6cef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

837f92b11532ecdcc3ea5228e50f092ccbc06cb5a5c362a4ca6539685f41754d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://predictiveresponse.net/fwd.htm?redirect=https://www.ctgoodjobs.hk/english/count/count_banner.asp?banner_name=newsletter-cthr_20230930_footer_privacy&href=https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8c05bdecae55d2a1-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 09 Sep 2024 08:17:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mjYCZskWPV%2FQmU%2F15xzoU%2BmOw7oA6nN5R6swboKt2Z%2Bd8FWHpfx03YxNYWFZMVcOj8X3Ga3%2F0JyZOMtPq6r3phIdHxZdOmLQ%2FXMp1FAuV3UafYZDR43XyB%2BgbazF6%2F9fzvm%2BaLMq47ulRa16yD%2FCTw%2Bl%2FT5LPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-ml-d: tec-rb

Redirect headers

Cache-Control: private
Content-Length: 288
Content-Type: text/html
Date: Mon, 09 Sep 2024 08:17:13 GMT
Location: https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9
Server: Microsoft-IIS/8.5

GET
H2 200 app-PvVfT3Yk.css
assets.mailerlite.com/build/assets/ 180 KB
33 KB 95ms
39ms Stylesheet
text/css 2606:4700:4400::ac40:96be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.mailerlite.com/build/assets/app-PvVfT3Yk.css

Requested by

Host: brrdoa.clicks.mlsend.com
URL: https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:96be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ad5f971a1e52175f6cfc04593da4096f9584ebc79330eb5fa91d4f7cd9e504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://brrdoa.clicks.mlsend.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits: 8
date: Mon, 09 Sep 2024 08:17:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 4770
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 06 Sep 2024 12:51:23 GMT
server: cloudflare
etag: W/"66dafacb-2d175"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 8c05bdedc9f38ec7-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
expires: Sat, 14 Sep 2024 08:17:26 GMT

GET
H2 200 app-DgZQTL7T.css
assets.mailerlite.com/build/assets/ 63 KB
13 KB 129ms
73ms Stylesheet
text/css 2606:4700:4400::ac40:96be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.mailerlite.com/build/assets/app-DgZQTL7T.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:96be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

996040ffd865397340782d87f3dbdaa12a6dee9908bde082690dd80786f6b6ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://brrdoa.clicks.mlsend.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits: 14
date: Mon, 09 Sep 2024 08:17:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1343
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 06 Sep 2024 12:51:23 GMT
server: cloudflare
etag: W/"66dafacb-fc49"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 8c05bdedc9f18ec7-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
expires: Sat, 14 Sep 2024 08:17:26 GMT

GET
H3 200 app-aKQ-6uVI.js Show response
assets.mailerlite.com/build/assets/ 8 MB
2 MB 85ms
43ms Script
application/javascript 2606:4700:4400::ac40:96be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.mailerlite.com/build/assets/app-aKQ-6uVI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:96be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa7a4aa27e76b8d9cf6f8ec1bedc3551e4b6ddc79f9a0178f729462c4193c2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://brrdoa.clicks.mlsend.com/
Origin: https://brrdoa.clicks.mlsend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits: 22
date: Mon, 09 Sep 2024 08:17:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 5829
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 06 Sep 2024 12:51:23 GMT
server: cloudflare
etag: W/"66dafacb-7ebbd5"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 8c05bdedbae0d3a2-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
expires: Sat, 14 Sep 2024 08:17:26 GMT

GET
H2 200 rocket-loader.min.js Show response
brrdoa.clicks.mlsend.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 264ms
264ms Script
application/javascript 2606:4700::6811:6cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://brrdoa.clicks.mlsend.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6cef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 08:17:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Sep 2024 18:15:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66d8a3c5-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4zaRJKw04F4HRu2zpDszLXNRpbftSWkPxIJOqvj5po3XbSllatcKIWztsj5YXzI8QhlcgITRr6Oz04kaUihMlc%2FZnoSd0bOJ6MJRadQVZP4Ckmt9j%2FhCBU8GWSGnmmNsLWlbPwNXZYPiyUdBB%2BeNONYtDC4vhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8c05bdef0da7d2a1-FRA
expires: Wed, 11 Sep 2024 08:17:26 GMT

GET
H3 200 css2
fonts.mailerlite.com/ 22 KB
935 B 177ms
142ms Stylesheet
text/css 2606:4700:4400::ac40:96be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.mailerlite.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by: Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/build/assets/app-PvVfT3Yk.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fac3804d8c593e45eae47d92641aee073d3fb2ff96a56b506774390abb360243

Request headers

Referer: https://assets.mailerlite.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 08:17:26 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
cf-ray: 8c05bdee5f1435fe-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 app-aKQ-6uVI.js
assets.mailerlite.com/build/assets/ 5 MB
0 0ms
0ms Script
application/javascript 2606:4700:4400::ac40:96be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.mailerlite.com/build/assets/app-aKQ-6uVI.js
Requested by: Host: brrdoa.clicks.mlsend.com
URL: https://brrdoa.clicks.mlsend.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:96be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://brrdoa.clicks.mlsend.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits: 22
date: Mon, 09 Sep 2024 08:17:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 5829
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 06 Sep 2024 12:51:23 GMT
server: cloudflare
etag: W/"66dafacb-7ebbd5"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 8c05bdedbae0d3a2-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
expires: Sat, 14 Sep 2024 08:17:26 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.mailerlite.com/fonts/s/inter/v18/ 47 KB
48 KB 118ms
93ms Font
font/woff2 2606:4700:4400::ac40:96be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.mailerlite.com/fonts/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.mailerlite.com
URL: https://fonts.mailerlite.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:96be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fonts.mailerlite.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Origin: https://brrdoa.clicks.mlsend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 08:17:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28190
alt-svc: h3=":443"; ma=86400
content-length: 48444
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8c05bdef6be31e4c-FRA
expires: Tue, 09 Sep 2025 08:17:26 GMT

GET
H3 200 favicon-32x32.png
assets.mailerlite.com/images/ 98 B
442 B 73ms
72ms Other
image/webp 2606:4700:4400::ac40:96be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.mailerlite.com/images/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:96be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93c4221e2e67dc6075531998d814d2a1ede443276c835d2ca1c70b2a0b83e49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://brrdoa.clicks.mlsend.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits: 8
date: Mon, 09 Sep 2024 08:17:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 5354
cf-polished: origFmt=png, origSize=274
x-cache: HIT
content-disposition: inline; filename="favicon-32x32.webp"
alt-svc: h3=":443"; ma=86400
content-length: 98
cf-bgj: imgq:85,h2pri
last-modified: Fri, 06 Sep 2024 12:51:15 GMT
server: cloudflare
etag: "66dafac3-112"
vary: Accept
content-type: image/webp
cache-control: public, max-age=432000
accept-ranges: bytes
cf-ray: 8c05bdf048e035fe-FRA
expires: Sat, 14 Sep 2024 08:17:27 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
predictiveresponse.net/	1970-01-21 09:00:29	Name: _pa_user Value: FcMCjUZhS1725869845
.ctgoodjobs.hk/	1970-01-21 08:10:05	Name: visitor_id Value: v20240909161713806790772
.ctgoodjobs.hk/	1969-12-31 23:59:59	Name: isnew Value: Y
.ctgoodjobs.hk/	1969-12-31 23:59:59	Name: CTID Value: C3702837964769FE4AAD72DC68964A813927405650029DCB0AAB207DF9F7910A
.ctgoodjobs.hk/	1969-12-31 23:59:59	Name: sid Value: 806790772
www.ctgoodjobs.hk/	1969-12-31 23:59:59	Name: visitor%5Fid Value: v20240909161713806790772
www.ctgoodjobs.hk/	1969-12-31 23:59:59	Name: ASPSESSIONIDAQQAQSDC Value: GGPJGBADPFKDJGGPCEHONKDN
www.ctgoodjobs.hk/	1969-12-31 23:59:59	Name: BIGipServerpool_ct_http Value: 1616129290.20480.0000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://brrdoa.clicks.mlsend.com/ty/cl/eyJ2Ijoie1wiYVwiOjEwNjM1NDIsXCJsXCI6MTMxNzM5NzgxNjA1MzYxMDMxLFwiclwiOjEzMTczOTc4MTc4MTUyMTQzMn0iLCJzIjoiYmFlNGJjOGYwNzQ2YWQ1YSJ9 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.mailerlite.com
aws.predictiveresponse.net
brrdoa.clicks.mlsend.com
fonts.mailerlite.com
predictiveresponse.net
www.ctgoodjobs.hk
184.72.233.230
203.194.132.199
2606:4700:4400::ac40:96be
2606:4700::6811:6cef
5250551d2d9f229c259cb32144ee2a7309b94b2eb3aa89e2334ff109d08f8cf5
837f92b11532ecdcc3ea5228e50f092ccbc06cb5a5c362a4ca6539685f41754d
93c4221e2e67dc6075531998d814d2a1ede443276c835d2ca1c70b2a0b83e49d
996040ffd865397340782d87f3dbdaa12a6dee9908bde082690dd80786f6b6ba
aa7a4aa27e76b8d9cf6f8ec1bedc3551e4b6ddc79f9a0178f729462c4193c2f1
c172ae011a6dba5c46c1818a6dacc8ea4f6861e50f1d85218f9c43178aafa0b9
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d3ad5f971a1e52175f6cfc04593da4096f9584ebc79330eb5fa91d4f7cd9e504
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
fac3804d8c593e45eae47d92641aee073d3fb2ff96a56b506774390abb360243

brrdoa.clicks.mlsend.com Open in urlscan Pro 2606:4700::6811:6cef Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

50 %IPv6

4 Domains

6 Subdomains

3 IPs

2 Countries

2269 kBTransfer

13224 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

8 Cookies

1 Console Messages

Indicators

brrdoa.clicks.mlsend.com Open in urlscan Pro
2606:4700::6811:6cef Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

3
IPs

2
Countries

2269 kB
Transfer

13224 kB
Size

8
Cookies

12 HTTP transactions
0 data transactions