trk.myaffxyz.com Open in urlscan Pro
2606:4700:3031::ac43:86be  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://ax.quick-redirecting.com/sl/5d6c790d Page URL
2. http://nesto-dia.com/www.faceebook.com?adTagId=5d272000-76a7-11e6-8ec7-0e6b810b9917&cpm=0&keywords=Facebook&domainid=3995&extclickid=e8beabb0c2b727e957cab4f816bf084d&fallbackUrl=http%3A%2F%2Fax.quick-redirecting.com%2Fsl%2F5d6c790d%3Fnwe%3D3287 Page URL
3. http://sedna-aca.com/domredirect?visitid=86e3c700-746b-11ec-937c-12d234195b4b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
4. https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101 Page URL
5. https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	5d6c790d Show response ax.quick-redirecting.com/sl/	25 KB 26 KB	85ms 46ms	Document text/html	157.90.23.32 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://ax.quick-redirecting.com/sl/5d6c790d Protocol HTTP/1.1 Server 157.90.23.32 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.32.23.90.157.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash 9769ea1bf9217177718c20c656f6e2cad25cef54c342f2455b622894b60b0bb3 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-GB,en;q=0.9 Response headers Server nginx/1.18.0 (Ubuntu) Date Thu, 13 Jan 2022 12:22:51 GMT Content-Type text/html;charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Pragma no-cache Expires 0
GET H/1.1	200 OK	www.faceebook.com Show response nesto-dia.com/	998 B 1 KB	430ms 314ms	Document text/html	34.195.129.193 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://nesto-dia.com/www.faceebook.com?adTagId=5d272000-76a7-11e6-8ec7-0e6b810b9917&cpm=0&keywords=Facebook&domainid=3995&extclickid=e8beabb0c2b727e957cab4f816bf084d&fallbackUrl=http%3A%2F%2Fax.quick-redirecting.com%2Fsl%2F5d6c790d%3Fnwe%3D3287 Requested by Host: ax.quick-redirecting.com URL: http://ax.quick-redirecting.com/sl/5d6c790d Protocol HTTP/1.1 Server 34.195.129.193 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-195-129-193.compute-1.amazonaws.com Software YzFGJCJZ / Resource Hash 7a20b78dddf13b993cecd2e525e0cade7d963c23f4830e2d816861e47b61b85d Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer http://ax.quick-redirecting.com/ Response headers Date Thu, 13 Jan 2022 12:22:51 GMT Content-Type text/html;charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Cache-Control no-store, no-cache, pre-check=0, post-check=0 content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP default-src 'self'; script-src 'self' 'unsafe-inline' Server YzFGJCJZ
GET H/1.1	200 OK	domredirect Show response sedna-aca.com/	296 B 782 B	198ms 95ms	Document text/html	34.195.129.193 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://sedna-aca.com/domredirect?visitid=86e3c700-746b-11ec-937c-12d234195b4b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Requested by Host: nesto-dia.com URL: http://nesto-dia.com/www.faceebook.com?adTagId=5d272000-76a7-11e6-8ec7-0e6b810b9917&cpm=0&keywords=Facebook&domainid=3995&extclickid=e8beabb0c2b727e957cab4f816bf084d&fallbackUrl=http%3A%2F%2Fax.quick-redirecting.com%2Fsl%2F5d6c790d%3Fnwe%3D3287 Protocol HTTP/1.1 Server 34.195.129.193 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-195-129-193.compute-1.amazonaws.com Software PKrkVEje / Resource Hash 87b8eb83a921e0e408b859910d739972d227c953048b88bfec83473a107ee63c Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer http://nesto-dia.com/ Response headers Date Thu, 13 Jan 2022 12:22:51 GMT Content-Type text/html;charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Cache-Control no-store, no-cache, pre-check=0, post-check=0 content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP default-src 'self'; script-src 'self' 'unsafe-inline' redirected JS Server PKrkVEje
GET H2	503	click Show response trk.myaffxyz.com/	10 KB 11 KB	110ms 43ms	Document text/html	2606:4700:3031::ac43:86be CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101 Requested by Host: sedna-aca.com URL: http://sedna-aca.com/domredirect?visitid=86e3c700-746b-11ec-937c-12d234195b4b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:86be , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b3895d8ddd5f1b7ff6f296bd8eab14cda7d5afeab63b051d72471a10bb2b999d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer http://sedna-aca.com/ Response headers date Thu, 13 Jan 2022 12:22:52 GMT content-type text/html; charset=UTF-8 x-frame-options SAMEORIGIN permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires Thu, 01 Jan 1970 00:00:01 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7A9LVUAUQygHIViAqm8Z4KRyiGcuQ9VonUSAMROs7S%2FUdYMlJv73O7aSr2F6NguqePyg%2FcH8XuW3YiyAk7%2F2o3yjRvy2LBSgkYVKyEkI6oD2v8WoFSJCZjuibe7bUDMgipNFLhSL%2BC9huYIc8y2i"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 6cce97af6bcb743b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	v1 Show response trk.myaffxyz.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/	37 KB 14 KB	41ms 40ms	Script text/javascript	2606:4700:3031::ac43:86be CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk.myaffxyz.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6cce97af6bcb743b Requested by Host: trk.myaffxyz.com URL: https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:86be , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6649c5198c4c158509768283de36da7169accc7b8f4404b73f1ab032bf20f0fc Request headers Accept-Language en-GB,en;q=0.9 Referer https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101&__cf_chl_rt_tk=AG0Rsgg64u5Ahn1rTDrxoAn79qjjGBUafu3hgirysMY-1642076572-0-gaNycGzNCFE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 12:22:52 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuZr33OzZmLA7RRF%2BQN6UFA9qVjLxRpqiBpqJS4wqs0fyWlGvwsyGW7WXpBRE%2BiGa97MiwhqcDvGMuHUo7oNMsIxFpobCbWXSGQ2ozZGXO5vAH63nYHET8Gq0VSqTE8skYqNXGgEDTKWU8YdjyEy"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=0, must-revalidate cf-ray 6cce97afcc8d743b-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	transparent.gif trk.myaffxyz.com/cdn-cgi/images/trace/jschal/js/	42 B 220 B	25ms 24ms	Image image/gif	2606:4700:3031::ac43:86be CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://trk.myaffxyz.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6cce97af6bcb743b Requested by Host: trk.myaffxyz.com URL: https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101&__cf_chl_rt_tk=AG0Rsgg64u5Ahn1rTDrxoAn79qjjGBUafu3hgirysMY-1642076572-0-gaNycGzNCFE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:86be , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language en-GB,en;q=0.9 Referer https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101&__cf_chl_rt_tk=AG0Rsgg64u5Ahn1rTDrxoAn79qjjGBUafu3hgirysMY-1642076572-0-gaNycGzNCFE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 12:22:52 GMT x-content-type-options nosniff last-modified Wed, 05 Jan 2022 15:17:21 GMT server cloudflare etag "61d5b681-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 6cce97afcc90743b-LHR vary Accept-Encoding content-length 42 expires Thu, 13 Jan 2022 14:22:52 GMT
GET H2	200	transparent.gif trk.myaffxyz.com/cdn-cgi/images/trace/jschal/nojs/	42 B 101 B	25ms 25ms	Image image/gif	2606:4700:3031::ac43:86be CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://trk.myaffxyz.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6cce97af6bcb743b Requested by Host: trk.myaffxyz.com URL: https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101&__cf_chl_rt_tk=AG0Rsgg64u5Ahn1rTDrxoAn79qjjGBUafu3hgirysMY-1642076572-0-gaNycGzNCFE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:86be , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language en-GB,en;q=0.9 Referer https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101&__cf_chl_rt_tk=AG0Rsgg64u5Ahn1rTDrxoAn79qjjGBUafu3hgirysMY-1642076572-0-gaNycGzNCFE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 12:22:52 GMT x-content-type-options nosniff last-modified Wed, 05 Jan 2022 15:17:21 GMT server cloudflare etag "61d5b681-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 6cce97afcc91743b-LHR vary Accept-Encoding content-length 42 expires Thu, 13 Jan 2022 14:22:52 GMT
POST H3	200	e9e6dd26587c40b Show response trk.myaffxyz.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.524208713449339:1642072150:04231d3b47e94dc02d480601f25cebdca4288e9dfd7ca586e1ea70637741f71d/6cce97af6bcb743b/	76 KB 77 KB	73ms 73ms	XHR text/plain	2606:4700:3031::ac43:86be CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk.myaffxyz.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.524208713449339:1642072150:04231d3b47e94dc02d480601f25cebdca4288e9dfd7ca586e1ea70637741f71d/6cce97af6bcb743b/e9e6dd26587c40b Requested by Host: trk.myaffxyz.com URL: https://trk.myaffxyz.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6cce97af6bcb743b Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:86be , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b3208c6d73567d9a30ffd309cff22b1ee1a29f36a9e133e3e47ccb3eb9114acc Request headers Referer https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101 Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 CF-Challenge e9e6dd26587c40b Content-type application/x-www-form-urlencoded Response headers date Thu, 13 Jan 2022 12:22:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6cce97b03c87740f-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViqXPdk3EBsr1B4ehw4MQ3Rpai2RN1p4NPOS418F7Hbg%2FktoEjqKI0Z2XaoCV7clfrxoUAcaGSdQbp9Npew7HNLtneYj8dyrEakByeJXabOBo1yp2yhyiEBUYMNc3LY2oaCL%2FrIvFmm%2FvCCW6X98"}],"group":"cf-nel","max_age":604800}
GET DATA	200 OK	truncated /	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers Accept-Language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	124fe666-c29b-440c-9fe8-c20b361b710e https://trk.myaffxyz.com/	120 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://trk.myaffxyz.com/124fe666-c29b-440c-9fe8-c20b361b710e Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185 Request headers Accept-Language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Length 120 Content-Type application/javascript
GET H3	200	351b18ae17d50c8-1642076572221 trk.myaffxyz.com/cdn-cgi/challenge-platform/h/b/img/6cce97af6bcb743b/2fab545c/	774 B 1 KB	49ms 48ms	Image image/png	2606:4700:3031::ac43:86be CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://trk.myaffxyz.com/cdn-cgi/challenge-platform/h/b/img/6cce97af6bcb743b/2fab545c/351b18ae17d50c8-1642076572221 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:86be , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4326e4f4370fdc08fc63a74dee2b1811a7c5d8315257638a81adf856c9f4582 Request headers Accept-Language en-GB,en;q=0.9 Referer https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 12:22:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3w2mAlXKpqk65Rt%2FFK4IalcCO9iQ0SUXws8G7Ux5HdjCm%2BQO8StTMnGupvtQX5F5%2Fm8cfqJUQLg%2BnC4Bumo%2FjqpyUTtj5YrrmgiltfOzdeNdeDuUdvewEmjFGKh5WMaGlhG2BZjs7ugo%2BxhIc%2BW"}],"group":"cf-nel","max_age":604800} content-type image/png cf-ray 6cce97b76cdc740f-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
POST H3	200	e9e6dd26587c40b Show response trk.myaffxyz.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.524208713449339:1642072150:04231d3b47e94dc02d480601f25cebdca4288e9dfd7ca586e1ea70637741f71d/6cce97af6bcb743b/	2 KB 3 KB	75ms 73ms	XHR text/plain	2606:4700:3031::ac43:86be CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk.myaffxyz.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.524208713449339:1642072150:04231d3b47e94dc02d480601f25cebdca4288e9dfd7ca586e1ea70637741f71d/6cce97af6bcb743b/e9e6dd26587c40b Requested by Host: trk.myaffxyz.com URL: https://trk.myaffxyz.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6cce97af6bcb743b Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:86be , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b035b4e68a13080d8090fc7f90b180795fe1dfd1d00938eacc836270ce584fa Request headers Referer https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101 Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 CF-Challenge e9e6dd26587c40b Content-type application/x-www-form-urlencoded Response headers date Thu, 13 Jan 2022 12:22:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf_chl_out 1psQVpgdKcoxBNDjJNeQltlg8h8jOCRQymgGbGfmosvtalOiP4VQ9CLd3r/W8G/0HuNjdCF0oQxAPOqq1x2XUw==$7TBknxidqMu0DD2XzhGWtA== expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7o7RSxj8zIcu3%2BGbKu%2BQUX579dFNRVH2pic6P6KraZg5CsU9c6rGrn7PpBX2CK1YiWkKpJ9vBWkDMKxv0E0a2s8AOZvgsO9W4cBv%2BBCn2dat0zFdWvok716tHBjyCuWeyGv9fIReWKPxC2UQ6vV"}],"group":"cf-nel","max_age":604800} cf_chl_out_s wkUkO7p07/woYW0XBjFxn79tdswN5eVBZ2/jvkIowIb2/mpWROhD2M2FJ3+ctBd/Xeds9treHhg/+3YwrAazKVk7mr01PHAKkQLySJivJehlpSmafvQd6heGHnBYsjfX6OxsbxXvqz8x7ITjfMPheHOlnrFR5GWySeMmjNtRyHKPqs8nRl6C12iSLQgKbNrQkxGkze1tB935+cI9WOg4R8XzsZo8p9JdbataGoX2NF7XJtjxUvgtDJXqmwSC0dOot3TiMEdrjYQfdcHEf4dz0fWFjip6mdnQBMx1Bl/vHUQ=$qg6ts+2A3KiomM62WkKP9w== cf-ray 6cce97baa877740f-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	403	Primary Request click Show response trk.myaffxyz.com/	13 KB 7 KB	33ms 33ms	Document text/html	2606:4700:3031::ac43:86be CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101 Requested by Host: ax.quick-redirecting.com URL: http://ax.quick-redirecting.com/sl/5d6c790d Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:86be , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1000a2cc84a8e9aba66a10da51e6162a1f5146ad2e4bc10ee5737b99abe06bb9 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101 Response headers date Thu, 13 Jan 2022 12:22:55 GMT content-type text/html; charset=UTF-8 permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires Thu, 01 Jan 1970 00:00:01 GMT x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9HTsi9TDX0WXLGH0Vn2vI47oHSPGLqACkxgmAXmue1hGapp08GiRNhHvulIYgTVB2mDvwxMqcvsbIsGSlKQyQMnqBjZCtCpsKZjeUujoDuwMrvxQc6mXRHuPghluDYKs2fTyI3MSY%2BBej6lsqHM"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 6cce97c7af5a740f-LHR content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	cf.errors.css trk.myaffxyz.com/cdn-cgi/styles/	23 KB 4 KB	27ms 27ms	Stylesheet text/css	2606:4700:3031::ac43:86be CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk.myaffxyz.com/cdn-cgi/styles/cf.errors.css Requested by Host: trk.myaffxyz.com URL: https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:86be , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16fd28061d42cf29268600418d5aa26b585435027ca599a42141cbc820f2547c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language en-GB,en;q=0.9 Referer https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 12:22:55 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 05 Jan 2022 15:17:21 GMT server cloudflare etag W/"61d5b681-5c88" x-frame-options DENY content-type text/css cache-control max-age=7200, public cf-ray 6cce97c7ff96740f-LHR vary Accept-Encoding expires Thu, 13 Jan 2022 14:22:55 GMT
GET H3	200	v1 Show response trk.myaffxyz.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/	40 KB 15 KB	52ms 52ms	Script text/javascript	2606:4700:3031::ac43:86be CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk.myaffxyz.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=6cce97c7af5a740f Requested by Host: trk.myaffxyz.com URL: https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:86be , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 618c4068d364a647c4ac9e91e098f2c7058532023dc32b88d7a4ca40b2b330cc Request headers Accept-Language en-GB,en;q=0.9 Referer https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101&__cf_chl_rt_tk=P2GyCI4PjC91cBYsA6aLb0cvG7M2EjeA1HH4KDd0Sto-1642076575-0-gaNycGzNBmU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 12:22:56 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKLzQpHYreryebSaJEFiiv2VOo8nTlYr4en4jxN%2BhdcTG8GbtRGCPo7izKaUX4bXHZOl5AzBVInRRkbjsTpgUMDmQpPydyTrx%2FJXV0sanZN8l4L5hGoKnu1gEttKF6BfPumQ%2Fje2XNig9agxblvx"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=0, must-revalidate cf-ray 6cce97c82fd1740f-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	transparent.gif trk.myaffxyz.com/cdn-cgi/images/trace/managed/js/	42 B 222 B	27ms 26ms	Image image/gif	2606:4700:3031::ac43:86be CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://trk.myaffxyz.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=6cce97c7af5a740f Requested by Host: trk.myaffxyz.com URL: https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101&__cf_chl_rt_tk=P2GyCI4PjC91cBYsA6aLb0cvG7M2EjeA1HH4KDd0Sto-1642076575-0-gaNycGzNBmU Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:86be , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language en-GB,en;q=0.9 Referer https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101&__cf_chl_rt_tk=P2GyCI4PjC91cBYsA6aLb0cvG7M2EjeA1HH4KDd0Sto-1642076575-0-gaNycGzNBmU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 12:22:56 GMT x-content-type-options nosniff last-modified Wed, 05 Jan 2022 15:17:21 GMT server cloudflare etag "61d5b681-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 6cce97c82fd2740f-LHR vary Accept-Encoding content-length 42 expires Thu, 13 Jan 2022 14:22:56 GMT
GET H3	200	transparent.gif trk.myaffxyz.com/cdn-cgi/images/trace/captcha/nojs/h/	42 B 222 B	26ms 26ms	Image image/gif	2606:4700:3031::ac43:86be CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://trk.myaffxyz.com/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=6cce97c7af5a740f Requested by Host: trk.myaffxyz.com URL: https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101&__cf_chl_rt_tk=P2GyCI4PjC91cBYsA6aLb0cvG7M2EjeA1HH4KDd0Sto-1642076575-0-gaNycGzNBmU Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:86be , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language en-GB,en;q=0.9 Referer https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101&__cf_chl_rt_tk=P2GyCI4PjC91cBYsA6aLb0cvG7M2EjeA1HH4KDd0Sto-1642076575-0-gaNycGzNBmU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 12:22:56 GMT x-content-type-options nosniff last-modified Wed, 05 Jan 2022 15:17:21 GMT server cloudflare etag "61d5b681-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 6cce97c82fd3740f-LHR vary Accept-Encoding content-length 42 expires Thu, 13 Jan 2022 14:22:56 GMT
GET H3	200	browser-bar.png trk.myaffxyz.com/cdn-cgi/images/	715 B 897 B	26ms 25ms	Image image/png	2606:4700:3031::ac43:86be CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://trk.myaffxyz.com/cdn-cgi/images/browser-bar.png?1376755637 Requested by Host: trk.myaffxyz.com URL: https://trk.myaffxyz.com/cdn-cgi/styles/cf.errors.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:86be , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language en-GB,en;q=0.9 Referer https://trk.myaffxyz.com/cdn-cgi/styles/cf.errors.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 12:22:56 GMT x-content-type-options nosniff last-modified Wed, 05 Jan 2022 15:17:21 GMT server cloudflare etag "61d5b681-2cb" x-frame-options DENY content-type image/png cache-control max-age=7200, public accept-ranges bytes cf-ray 6cce97c82fd4740f-LHR vary Accept-Encoding content-length 715 expires Thu, 13 Jan 2022 14:22:56 GMT
GET H3	200	cf-no-screenshot-warn.png trk.myaffxyz.com/cdn-cgi/images/	3 KB 3 KB	27ms 26ms	Image image/png	2606:4700:3031::ac43:86be CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://trk.myaffxyz.com/cdn-cgi/images/cf-no-screenshot-warn.png Requested by Host: trk.myaffxyz.com URL: https://trk.myaffxyz.com/cdn-cgi/styles/cf.errors.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:86be , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language en-GB,en;q=0.9 Referer https://trk.myaffxyz.com/cdn-cgi/styles/cf.errors.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 12:22:56 GMT x-content-type-options nosniff last-modified Wed, 05 Jan 2022 15:17:21 GMT server cloudflare etag "61d5b681-a20" x-frame-options DENY content-type image/png cache-control max-age=7200, public accept-ranges bytes cf-ray 6cce97c82fd5740f-LHR vary Accept-Encoding content-length 2592 expires Thu, 13 Jan 2022 14:22:56 GMT
GET		api.js hcaptcha.com/1/	0 0
POST		2fa53147ac57812 trk.myaffxyz.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7513084102836961:1642072165:b2478a380a02266f7a4378da3ec72ce518cf6fb5f22dbf75128a3396c8a18b2a/6cce97c7af5a740f/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

hcaptcha.com

URL

https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload

Domain

trk.myaffxyz.com

URL

https://trk.myaffxyz.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7513084102836961:1642072165:b2478a380a02266f7a4378da3ec72ce518cf6fb5f22dbf75128a3396c8a18b2a/6cce97c7af5a740f/2fa53147ac57812

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange object| _cf_chl_opt function| _cf_chl_enter function| SHA256 boolean| _cf_chl_done_ran function| _cf_chl_done function| sendRequest function| _cf_atob object| _cf_chl_ctx function| _ string| prop

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ax.quick-redirecting.com/	1970-01-20 02:17:32	Name: user_key Value: 1649852571%7CYTM2NmJmNzFlYmRmMzcwN2E5ZjgyZTE3YzU3MWQ3Mjk%3D%7Ca2fe2aa839ad00ec624561a6ca2b400f78d0aee5
			ax.quick-redirecting.com/	1970-01-20 00:08:39	Name: visited.5d6c790d Value: 1642119771%7CYToxOntpOjMyODc7aToxO30%3D%7C2229d1e8d8d67c0bce771cce31166ae32d4d5a79
			ax.quick-redirecting.com/	1970-01-20 00:08:39	Name: visited_time.5d6c790d Value: 1642119771%7CMTY0MjExOTc3MQ%3D%3D%7C3eebf2568c7185ed93a0a7525dac0cb1a78c2842
			ax.quick-redirecting.com/	1970-01-20 00:09:22	Name: tracking.1.5d6c790d Value: 1642162971%7CMQ%3D%3D%7C070bda9d206590d329d0fa4012282c40f2c174db
			ax.quick-redirecting.com/	1970-01-20 00:12:15	Name: tracking.1.5d6c790d-3287 Value: 1642335771%7CMQ%3D%3D%7C73013432873098524013859ff898a84cd8bce512
			trk.myaffxyz.com/	1970-01-20 00:08:00	Name: cf_chl_prog Value: F10
			trk.myaffxyz.com/	1970-01-20 00:08:00	Name: cf_chl_rc_ni Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101 Message: Failed to load resource: the server responded with a status of 503 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://trk.myaffxyz.com/click?campaign_id=480&pub_id=101 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ax.quick-redirecting.com
hcaptcha.com
nesto-dia.com
sedna-aca.com
trk.myaffxyz.com
hcaptcha.com
trk.myaffxyz.com
157.90.23.32
2606:4700:3031::ac43:86be
34.195.129.193
1000a2cc84a8e9aba66a10da51e6162a1f5146ad2e4bc10ee5737b99abe06bb9
16fd28061d42cf29268600418d5aa26b585435027ca599a42141cbc820f2547c
4b035b4e68a13080d8090fc7f90b180795fe1dfd1d00938eacc836270ce584fa
618c4068d364a647c4ac9e91e098f2c7058532023dc32b88d7a4ca40b2b330cc
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6649c5198c4c158509768283de36da7169accc7b8f4404b73f1ab032bf20f0fc
7a20b78dddf13b993cecd2e525e0cade7d963c23f4830e2d816861e47b61b85d
87b8eb83a921e0e408b859910d739972d227c953048b88bfec83473a107ee63c
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
9769ea1bf9217177718c20c656f6e2cad25cef54c342f2455b622894b60b0bb3
b3208c6d73567d9a30ffd309cff22b1ee1a29f36a9e133e3e47ccb3eb9114acc
b3895d8ddd5f1b7ff6f296bd8eab14cda7d5afeab63b051d72471a10bb2b999d
c4326e4f4370fdc08fc63a74dee2b1811a7c5d8315257638a81adf856c9f4582
c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629