mekawe.thriftytradetreasures.com Open in urlscan Pro
2606:4700:3034::ac43:bf2b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newz.newz-tech.com/index.php/campaigns/tt093erqw50b4/track-url/ct167cswxzc65/5557eb1808647d7b835f2e60c47787471b17322a
Effective URL:
https://mekawe.thriftytradetreasures.com/kidedo/tizuba/xuwo/mo/index.php
Submission: On January 21 via api (January 21st 2024, 10:22:43 pm UTC) from US — Scanned from US

Summary HTTP 5 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 5 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3034::ac43:bf2b, located in and belongs to . The main domain is mekawe.thriftytradetreasures.com.
TLS certificate: Issued by GTS CA 1P5 on December 15th 2023. Valid for: 3 months.

This is the only time mekawe.thriftytradetreasures.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::ac43:c2f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.171.127.123 104.171.127.123	31863 (DACEN-2) (DACEN-2)
1	2606:4700:303... 2606:4700:3035::6815:3476	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:46c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.158.224.59 192.158.224.59	397423 (TIER-NET) (TIER-NET)
1 1	2606:4700:303... 2606:4700:3036::ac43:c680	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3030::6815:3197	() ()
1	2606:4700:303... 2606:4700:3034::ac43:bf2b	() ()
5	4

1 2606:4700:3031::ac43:c2f5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

newz.newz-tech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.171.127.123 (United States) 1 redirects

ASN31863 (DACEN-2, US)
PTR: intelligentmedia.co

trksnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:3476 (United States)

ASN13335 (CLOUDFLARENET, US)

t1.aaflnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:46c (United States)

ASN13335 (CLOUDFLARENET, US)

www.ipqscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.158.224.59 (Charlotte, United States)

ASN397423 (TIER-NET, US)
PTR: intimeclick.com

fn.us.ipqscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:c680 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t1.aaflnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:3197 (None, ) 1 redirects

ASN- ()

mekawe.thriftytradetreasures.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:bf2b (None, )

ASN- ()

mekawe.thriftytradetreasures.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	ipqscdn.com www.ipqscdn.com — Cisco Umbrella Rank: 35826 fn.us.ipqscdn.com — Cisco Umbrella Rank: 35307	69 KB
2	thriftytradetreasures.com 1 redirects mekawe.thriftytradetreasures.com	3 KB
2	aaflnow.com 1 redirects t1.aaflnow.com	3 KB
1	trksnet.com 1 redirects trksnet.com	633 B
1	newz-tech.com 1 redirects newz.newz-tech.com	939 B
5	5

	Domain	Requested by
2	mekawe.thriftytradetreasures.com	1 redirects t1.aaflnow.com
2	fn.us.ipqscdn.com	t1.aaflnow.com
2	t1.aaflnow.com	1 redirects
1	www.ipqscdn.com	t1.aaflnow.com
1	trksnet.com	1 redirects
1	newz.newz-tech.com	1 redirects
5	6

This site contains no links.

Subject Issuer	Validity	Valid
ipqscdn.com GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
fn.us.ipqscdn.com R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
thriftytradetreasures.com GTS CA 1P5	`2023-12-15` - `2024-03-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mekawe.thriftytradetreasures.com/kidedo/tizuba/xuwo/mo/index.php
Frame ID: 2A32909F4501743D9CE27521D4807934
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://newz.newz-tech.com/index.php/campaigns/tt093erqw50b4/track-url/ct167cswxzc65/5557eb1808647d7b83... HTTP 301
https://trksnet.com/click.php?camp=6858&pubid=407& HTTP 302
http://t1.aaflnow.com/aff_c?offer_id=437&aff_id=1519&aff_sub=hul-eff&aff_sub2=INMe36219f30541c27&a... Page URL
https://t1.aaflnow.com/aff_c?offer_id=437&aff_id=1519&aff_sub=hul-eff&aff_sub2=INMe36219f30541c27&a... HTTP 302
http://mekawe.thriftytradetreasures.com/fclkv2/ichu?bbb=1&cc=us&c=%7C437&clickid=w1audpktqcvugekuiejtq2ao&id=w1audpk... HTTP 302
https://mekawe.thriftytradetreasures.com/kidedo/tizuba/xuwo/mo/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

5
Requests

80 %
HTTPS

75 %
IPv6

5
Domains

6
Subdomains

4
IPs

1
Countries

70 kB
Transfer

142 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newz.newz-tech.com/index.php/campaigns/tt093erqw50b4/track-url/ct167cswxzc65/5557eb1808647d7b835f2e60c47787471b17322a HTTP 301
https://trksnet.com/click.php?camp=6858&pubid=407& HTTP 302
http://t1.aaflnow.com/aff_c?offer_id=437&aff_id=1519&aff_sub=hul-eff&aff_sub2=INMe36219f30541c27&aff_sub3=407 Page URL
https://t1.aaflnow.com/aff_c?offer_id=437&aff_id=1519&aff_sub=hul-eff&aff_sub2=INMe36219f30541c27&aff_sub3=407&tsrc=KP9TngySzG|aac85b47afc8c40e1b91c75644a18b72c81cf8d0daf20fd06297364828d09e96|100 HTTP 302
http://mekawe.thriftytradetreasures.com/fclkv2/ichu?bbb=1&cc=us&c=%7C437&clickid=w1audpktqcvugekuiejtq2ao&id=w1audpktqcvugekuiejtq2ao&k=hul-eff&s=1519&src=&lpc=1705875760362&region=Florida&privacy=1&cep=r16I7GhXdS-wjQvm7e4eUbEnL32VCu6T_3uEwcni66QvDLVfLo4gKSrUnI2njhs-hOROBSfRMM74KtCVavXZOvhpn8vVg63xqj7coecV99sxXEUssIA0Uk_rx2CQCuyhGxxy0-nBdiukHYRR3ib1TDE-ZKmlqK7RdREe16DhLiXsxL2X5-MRJEaZOCUrDFM3HzU339p_BxH_zidsYgQjvkt-HAUUIliuekH4XPDtax88C2VEnMWYBrYdhApQsHsyYAvX35gHLCjwTA3pe18qgXv4KB_U8BrlDcuL11c0IdSry_LRUqG1cGON_BTHzNYGTEzwr62wQrupohJKH8fXt-27FvfSNqRMrqng_nqMbgedz2tVCUsxyDXubjFKCzSf82yq7qXMQIS98-4UE_tSiGoQ00nLt7woEXgsHYV-kt76HtTvzMVLXthqW8TQUaQ0ySW2rbltRzyXmVvWPasJzeWe7qzlF24U3yyMXGDtbY6KWxKAxY50cFOblqUg_7bKRQSzWwK2ftOcu6t2wJgs7XLYz8u4j3tiAqhDO9FkFp4Tcptoz08b7TVCM091OGZwFJAlAxkoGet8ca-Avi5LE-L84UR7bQ3UBm6IP80RNb2gWBp45U6ZYBVn2GRffQPp&lptoken=1726053e8755755260da&offer_id=437&keyword=hul-eff&source=&affiliate_id=1519&aff_sub2=INMe36219f30541c27&aff_sub3=407&aff_sub4=&aff_sub5=&aff_id=push_aff_id&vid=IPQS_100&cpc=0.0&modifier=&view=KP9TngySzG&tracker=surfadvance.com&oho=t1.aaflnow.com&ptf=26934eb377001f66e37289a5c93fe284 HTTP 302
https://mekawe.thriftytradetreasures.com/kidedo/tizuba/xuwo/mo/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://newz.newz-tech.com/index.php/campaigns/tt093erqw50b4/track-url/ct167cswxzc65/5557eb1808647d7b835f2e60c47787471b17322a HTTP 301
https://trksnet.com/click.php?camp=6858&pubid=407& HTTP 302
http://t1.aaflnow.com/aff_c?offer_id=437&aff_id=1519&aff_sub=hul-eff&aff_sub2=INMe36219f30541c27&aff_sub3=407

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	aff_c Show response t1.aaflnow.com/ Redirect Chain http://newz.newz-tech.com/index.php/campaigns/tt093erqw50b4/track-url/ct167cswxzc65/5557eb1808647d7b835f2e60c47787471b17322a https://trksnet.com/click.php?camp=6858&pubid=407& http://t1.aaflnow.com/aff_c?offer_id=437&aff_id=1519&aff_sub=hul-eff&aff_sub2=INMe36219f30541c27&aff_sub3=407	1 KB 1 KB	581ms 524ms	Document text/html	2606:4700:3035::6815:3476 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://t1.aaflnow.com/aff_c?offer_id=437&aff_id=1519&aff_sub=hul-eff&aff_sub2=INMe36219f30541c27&aff_sub3=407 Protocol HTTP/1.1 Server 2606:4700:3035::6815:3476 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `51df605198fbd21f68ede088e51f68f97aed1e937fc21385c82ef8ca100011bf` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 8492f4f9ed1c497e-MIA Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sun, 21 Jan 2024 22:22:37 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpKP0pB7l1B69LS59slzdbWy%2F6KmuQ38EL7mUTjrusnYlTnswXRBsLRKUevveYpj9bfxKJEdCR0VvO%2FnGy%2FDQHqOM1Zx5NrZqEoSUixRO5OzOWzQu4dCkymMladK%2FISd4hpMPCSg3J3pHDetWQ%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400 Redirect headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Content-Length 0 Content-Type text/html; charset=UTF-8 Date Sun, 21 Jan 2024 22:22:36 GMT Expires Mon, 26 Jul 1997 05:00:00 GMT Last-Modified Sun, 21 Jan 2024 22:22:36 GMT Pragma no-cache Server Apache/2.4.52 (cPanel) OpenSSL/1.1.1m mod_bwlimited/1.4 X-Frame-Options ALLOW-FROM http://intelligentmedia.co/ location http://t1.aaflnow.com/aff_c?offer_id=437&aff_id=1519&aff_sub=hul-eff&aff_sub2=INMe36219f30541c27&aff_sub3=407
GET H2	200	learn.js Show response www.ipqscdn.com/api/*/iS1filCPb0DlseaEfHRo7QhJkQiiPgpnyeDmRp9BRSqgPdQim7Ok3DtfUJEnll6B9lShpvNxI5SVbAr60ZQnytHwENJJwRh0ZjWPmZxAxHluFthNxJZYkLVBQpjn2RU3s5yaqRwCYp8N35fNWDsFGgOPTDOJpqRkXwAFDYjsSmntorP...	138 KB 68 KB	152ms 48ms	Script application/javascript	2606:4700:3030::6815:46c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ipqscdn.com/api//iS1filCPb0DlseaEfHRo7QhJkQiiPgpnyeDmRp9BRSqgPdQim7Ok3DtfUJEnll6B9lShpvNxI5SVbAr60ZQnytHwENJJwRh0ZjWPmZxAxHluFthNxJZYkLVBQpjn2RU3s5yaqRwCYp8N35fNWDsFGgOPTDOJpqRkXwAFDYjsSmntorPiAKQ7wXitUZfARTr7jQGA0tJPo5CnlfkYpfY6NMdsoQxLTRzYRqOMbEFn0tkqtIFAnMPPFeX3nhSH9U5C/learn.js Requested by* Host: t1.aaflnow.com URL: http://t1.aaflnow.com/aff_c?offer_id=437&aff_id=1519&aff_sub=hul-eff&aff_sub2=INMe36219f30541c27&aff_sub3=407 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:46c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d6f3d7d5baf59ad92ef44b928736ff67d7ae9071bfc3e83b26f7dcd712c4ba50` Request headers Referer http://t1.aaflnow.com/ Origin http://t1.aaflnow.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 22:22:37 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2324 alt-svc h3=":443"; ma=86400 pragma cache last-modified Sun, 21 Jan 2024 21:43:53 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3JSLXYmvuw2da5An6yfA5AoNbD0jsSXSzqrc3uieprCM3C1xtVRhR%2F7AmBeEXIrbJrfc6Qw%2BSqI98VltD1tBp%2FGf2PIgH%2FnBU3QhqmntTyNVqM5Z9uPMMbKqYBmMf6fVTGWadHGG9KgCDIdQhE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-robots-tag noindex cf-ray 8492f4fdddd17416-MIA expires Mon, 22 Jan 2024 16:43:53 GMT
GET H/1.1	200 OK	udid.json Show response fn.us.ipqscdn.com/udid/	28 B 306 B	479ms 50ms	XHR application/json	192.158.224.59 TIER-NET
General Check archive.org Show headers Download Go to Full URL https://fn.us.ipqscdn.com/udid/udid.json Requested by Host: t1.aaflnow.com URL: http://t1.aaflnow.com/aff_c?offer_id=437&aff_id=1519&aff_sub=hul-eff&aff_sub2=INMe36219f30541c27&aff_sub3=407 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.158.224.59 Charlotte, United States, ASN397423 (TIER-NET, US), Reverse DNS intimeclick.com Software / Resource Hash `aaecc5f6cb2d64f2fa7c7338f07bd9755f174a6857285f57c7bdedcdb5032006` Request headers accept-language en-US,en;q=0.9 Referer http://t1.aaflnow.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 21 Jan 2024 22:22:38 GMT Last-Modified Sun, 21 Jan 2024 22:22:38 GMT Content-Type application/json Access-Control-Allow-Origin * Cache-Control max-age=31536000 Connection close Content-Length 28 Expires Tue, 21 Jan 2025 22:22:38 GMT
POST H/1.1	200 OK	fetch fn.us.ipqscdn.com/api/*/iS1filCPb0DlseaEfHRo7QhJkQiiPgpnyeDmRp9BRSqgPdQim7Ok3DtfUJEnll6B9lShpvNxI5SVbAr60ZQnytHwENJJwRh0ZjWPmZxAxHluFthNxJZYkLVBQpjn2RU3s5yaqRwCYp8N35fNWDsFGgOPTDOJpqRkXwAFDYjsSmnto...	1 KB 1 KB	991ms 990ms	XHR application/json	192.158.224.59 TIER-NET
General Check archive.org Show headers Download Go to Full URL https://fn.us.ipqscdn.com/api//iS1filCPb0DlseaEfHRo7QhJkQiiPgpnyeDmRp9BRSqgPdQim7Ok3DtfUJEnll6B9lShpvNxI5SVbAr60ZQnytHwENJJwRh0ZjWPmZxAxHluFthNxJZYkLVBQpjn2RU3s5yaqRwCYp8N35fNWDsFGgOPTDOJpqRkXwAFDYjsSmntorPiAKQ7wXitUZfARTr7jQGA0tJPo5CnlfkYpfY6NMdsoQxLTRzYRqOMbEFn0tkqtIFAnMPPFeX3nhSH9U5C/learn/fetch Requested by* Host: t1.aaflnow.com URL: http://t1.aaflnow.com/aff_c?offer_id=437&aff_id=1519&aff_sub=hul-eff&aff_sub2=INMe36219f30541c27&aff_sub3=407 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 192.158.224.59 Charlotte, United States, ASN397423 (TIER-NET, US), Reverse DNS intimeclick.com Software nginx / Resource Hash Request headers Referer http://t1.aaflnow.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Access-Control-Allow-Origin * Date Sun, 21 Jan 2024 22:22:39 GMT Server nginx Connection close X-Robots-Tag noindex Transfer-Encoding chunked Content-Type application/json; charset=UTF-8
GET H2	200	Primary Request index.php mekawe.thriftytradetreasures.com/kidedo/tizuba/xuwo/mo/ Redirect Chain https://t1.aaflnow.com/aff_c?offer_id=437&aff_id=1519&aff_sub=hul-eff&aff_sub2=INMe36219f30541c27&aff_sub3=407&tsrc=KP9TngySzG\|aac85b47afc8c40e1b91c75644a18b72c81cf8d0daf20fd06297364828d09e96\|100 http://mekawe.thriftytradetreasures.com/fclkv2/ichu?bbb=1&cc=us&c=%7C437&clickid=w1audpktqcvugekuiejtq2ao&id=w1audpktqcvugekuiejtq2ao&k=hul-eff&s=1519&src=&lpc=1705875760362&region=Florida&privacy=... https://mekawe.thriftytradetreasures.com/kidedo/tizuba/xuwo/mo/index.php	1 KB 0	760ms 516ms	Document text/html	2606:4700:3034::ac43:bf2b
General Check archive.org Show headers Download Go to Full URL https://mekawe.thriftytradetreasures.com/kidedo/tizuba/xuwo/mo/index.php Requested by Host: t1.aaflnow.com URL: http://t1.aaflnow.com/aff_c?offer_id=437&aff_id=1519&aff_sub=hul-eff&aff_sub2=INMe36219f30541c27&aff_sub3=407 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:bf2b -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://t1.aaflnow.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8492f51cffca2576-MIA content-encoding br content-type text/html; charset=UTF-8 date Sun, 21 Jan 2024 22:22:43 GMT location https://mekawe.thriftytradetreasures.com/kidedo/tizuba/xuwo/mo/index.php?tasose=xozalecovitijuja nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9K%2FIbywtz%2BeVeonz6wpYjnsirPVVlaqMAqL9WZ64sKtBlY0qwmrfx3kIxODlLDwr6UoVghxBooZBNcIEQi%2BGOfa0k4fkXGk0IpkRZBiKgafKjaEnKJhTJBqhiHM%2FklXTSf0SaQbH24h9lxInXoFHG3SxGI5RSFCX8hJO182EQg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers CF-Cache-Status DYNAMIC CF-RAY 8492f51188d9dab1-MIA Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Type text/html; charset=UTF-8 Date Sun, 21 Jan 2024 22:22:42 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Location https://mekawe.thriftytradetreasures.com/kidedo/tizuba/xuwo/mo/index.php#/kidedo/tizuba/xuwo/mo/index.php?rpclk=iPiUSL%2BhgtW1X%2BWhqj%2BpFya29QSAX8sr0oWQUjATnM0hQjymoevqbhTwFKj%2FQ%2B9y692ZICXBveMBvrseSIG3qIrr2l8lbVSOK3hztedMCMw%2BXB3Y%2F8Xfv2fx6gukKdVfkGQGjYhT6z%2F6S5p5DGA5SOENJw03ejUfpGEpqCDyYS3TTW4p2iR6lrCkIU9KzRIOUefckGkdqv2eJMoWlB92TxINQTFZpYx%2FaLQtXGSTevv6sJhCQNOpcrKT%2BygKHSQzy88IfC9tnOseIhmfM5UodP%2BU1ky1UKHMOqsiQ19PNK91OpXTsycGYl2bHLW9P4sofszUzcWlR30JdTl4jXMShzIatfRwYZQexw%2F75LBZ84UgvsOUpQlOgRDhDrwz5DaJuob8VE%2FB4%2BNtEti4Ootkw2r5G8BoKuaCRl8ypdGWhqaZ7JYg79KoiM8oMb8AjNqrzFWElqkJTbiwuEDxKs6hZqMRjq9KPNrgvIUa1ivJ7%2BDrnAdGN9PigUEHvhKv2Wx1ErYx%2FnU87%2FrbNNR5WKD3A9KSCore19f5yODWxOk3Ufoyreri%2BFuZ%2BoDIlcj7%2FDKIeb0CoJ5s%2BeRbWtt2Gvr1E7YdI9Gkkv0TCSIxEs1h0MOz2c0zxEVmoUU%2BaSD0LFlsiKAM3I1YlFTVr2uC2VZeSXCo2G0BFIZ5xQzi7lVHZlhopGmqmkzmltpmtq4HTAlm3k3FKE0TosIVSP4uADpadxgcmG6DnZ4DAcalM5pUtPwx7nlFAq6h0FVWlAwOwuiv3RE7kir70d1rVuZNxufHe9xVkMZ4xHW6cOx366VlI85bOb%2BQLfs45ZWogRZMQuBbcn7YUaJ0HibpKvDzG3soewk71qbG87f9d0MOdsWOc4hD96Qs1ZUjLiFmHXf%2BlLjny%2Feha0onOoKKWqzjHJS16B4gYM0pOkMW8j9jhoH%2BWY3CemIjOLBgWTHBzM5T2ZoqUMw97Dm1hsNLwE3ZR3HNrzQjajsFGGzFkYAKJyeb4NJ8LMeFLxpFBQlSP56kEoBAEugLp2D1Y0%2B0EbY9SE4Hos%2Bvf9VrxT%2FStxeXgGA5saNHCfcBt783OS6Zgv%2FvO1WatkyCsWTpqxwe6pah8QpYJ%2BIdv3cSDfrKeoS31ZSmMz8jpDETpvAudJkrnjZ2MHQuK6Qq28XBQXNVjidsuq69D3g%2BN75Ka9BF5YsAOI3ogXLwugW4ARpx3IAUHcjUL07%2Faqj2%2Bceyoy9GqjaHs4UaOO414aPadbV7qMTRb96SwyHsBbtSiM3CZjLD99ZFBqWcQ0C8tI%2FKBNmfW3%2F8Rg8lRh6uR8n%2FHLWgcRrwjb9z953%2B%2FE9ffZuL6tu2dp%2B%2B61U5AyRKOH61akiEQiPkgLpTKU2q6ROLybXuE5m4FScE4pBOt8zXOPsNvXPkd%2FF6I03%2B2ui5ikKpWxQzQQfh9gl7wnx7Rtua0UEu%2FBMlHVLO%2BL26HdsbAB1clRvIIKbvA5AYsFz95z3iok5zZ5eZN8bemt50n06lA71JGP5rmf4VqPiGO0sf%2FbK1PsNTgfeKTLbvNqZ%2B6mUP7DwZGe7f2CCgCWWvAyws9WSFFwLEx2RR86P89iHaXiNMBDH0mW8Fd8b8ec630%2BW%2B4EurEYAWIBpb0bTPP%2F69v13PL2dHNTnQf4ScBIjkh%2BUMKQ%3D%3D%3A%3Aefef593000310b07569d7793086c533b&p=cC348VITrZJ5MXGDpGA%3D%3A%3A90c17df6360c9c099da0f8d13f1239d7 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Pragma no-cache Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pr5eZMl8Qh2b%2F8TcGa2OE7ZeBAQm6IlwVYo4O%2F%2Bdf0YWN9KF56Vo1ozZZoYaILrJso6EtVukbuxWhz6Rf2DmNgoB0zOW%2Blp8TfJ3uQ0bzdgaOFfwiL3BZAPc%2BLh8%2By0k9GA4xsFHko2LJzBGuTOUGIsGWj6j4oYhaDlqsySIaA%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
trksnet.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: b5602lbff10a73uo87mas35k40
t1.aaflnow.com/	1970-01-21 02:36:51	Name: ipqsd Value: 276233614096608130
.t1.aaflnow.com/	1970-01-21 03:27:15	Name: device_id_1705875759 Value: KP9TngySzG-1705875759
t1.aaflnow.com/	1970-01-20 17:52:42	Name: fe9ecf68-6582-48ba-8fd6-8415647123fe-v4 Value: ZBi2qx99jV60xC8ooKckRjkcjel8vmGCbbEoI36-5Yc
t1.aaflnow.com/	1970-01-20 17:52:42	Name: cep-v4 Value: gjPWvR-vXENODGLX5JuJCimz3Wvi5T50oIs7rJQi2Kdxk_w_vcdeGLW0yBIlJLSABhAz520BPZztEE4DAi3anFxlwtaQx2gqKV4K8hbLzoQIs7mnB35SLcLqzvZ8xSJLKsbOzEGKq9OGVSJ3GrjTKSb49imgGPeLf4Bim-DZ5UbFp46NJzd5NEBaQQUZydJb3rkaPAEup2zTWmN1s1IF8rMWYnvld2Gn3xHTrTUnmBysv7OddXJFCla8OD3hh6VE_KHPqusdm_SmCY6SfPppk2e8SyuNsvVLOJ1Ytn7JIucn4VDkyuJ3epwkh61G_FOH7Zy9l1IDYI6hVN2ECGh1UEhbI7CF7sPDbmvfbMDqb-kAliKBRuUNujDJH0CXw9c7zthwpyrMoIkMlRgiwBz0l6HikvYP0AFWPJTC5cHLg-TiPMR4AATK0U0Us_h_IZmKZBB_GgTBRQb3lLLZdIsTMn92tFQAMbfaesb8fM03Mph1TKYeaciGZOokBh9IPGaSM7r5CU7d2wqsBSp5N4sOTn6xCmI2wd7E7XlUWvGhLChUIyXrBjjQG91qqKjKiCsmnSOj4tn3kZiBwLh10Ie0mGyRmB6rpFRujQOMWrl7eJjHYePIJry7UvFgwWvPN0Hv
mekawe.thriftytradetreasures.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: kfktbem0km717k48460n75vuk5

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fn.us.ipqscdn.com
mekawe.thriftytradetreasures.com
newz.newz-tech.com
t1.aaflnow.com
trksnet.com
www.ipqscdn.com
104.171.127.123
192.158.224.59
2606:4700:3030::6815:3197
2606:4700:3030::6815:46c
2606:4700:3031::ac43:c2f5
2606:4700:3034::ac43:bf2b
2606:4700:3035::6815:3476
2606:4700:3036::ac43:c680
51df605198fbd21f68ede088e51f68f97aed1e937fc21385c82ef8ca100011bf
aaecc5f6cb2d64f2fa7c7338f07bd9755f174a6857285f57c7bdedcdb5032006
d6f3d7d5baf59ad92ef44b928736ff67d7ae9071bfc3e83b26f7dcd712c4ba50

mekawe.thriftytradetreasures.com Open in urlscan Pro 2606:4700:3034::ac43:bf2b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

80 %HTTPS

75 %IPv6

5 Domains

6 Subdomains

4 IPs

1 Countries

70 kBTransfer

142 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

6 Cookies

2 Console Messages

Indicators

mekawe.thriftytradetreasures.com Open in urlscan Pro
2606:4700:3034::ac43:bf2b Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

80 %
HTTPS

75 %
IPv6

5
Domains

6
Subdomains

4
IPs

1
Countries

70 kB
Transfer

142 kB
Size

6
Cookies

5 HTTP transactions
0 data transactions