urlscan.io logo urlscan.io
SecurityTrails logo

trk.contentquestclub.com Open in urlscan Pro
2606:4700:3037::ac43:b668  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://kaobao.shop/rd/c6795CYvtX99aFKU10427dBc224294QjGj546
Effective URL: https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed...
Submission: On July 11 via api from BE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3037::ac43:b668, located in United States and belongs to CLOUDFLARENET, US. The main domain is trk.contentquestclub.com.
TLS certificate: Issued by E1 on July 10th 2022. Valid for: 3 months.
This is the only time trk.contentquestclub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 68.183.205.155 14061 (DIGITALOC...)
2 2 20.91.223.9 8075 (MICROSOFT...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 12 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
18 6
2    68.183.205.155 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
kaobao.shop
2    20.91.223.9 (Gävle, Sweden)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.striketechs.com
www.thedailyyami.com
1    2606:4700:3031::6815:28fa (United States)

ASN13335 (CLOUDFLARENET, US)
trk.wawug.com
12    2606:4700:3037::ac43:b668 (United States)

ASN13335 (CLOUDFLARENET, US)
trk.contentquestclub.com
assets.contentquestclub.com
1    2607:f8b0:4006:81e::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4006:824::200a (New York, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2607:f8b0:4006:807::2003 (New York, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 contentquestclub.com
trk.contentquestclub.com
assets.contentquestclub.com
125 KB
3 gstatic.com
fonts.gstatic.com
24 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
ajax.googleapis.com — Cisco Umbrella Rank: 307
31 KB
2 kaobao.shop
kaobao.shop
415 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
5 KB
1 wawug.com
trk.wawug.com
804 B
1 thedailyyami.com
www.thedailyyami.com
580 B
1 striketechs.com
www.striketechs.com
557 B
18 8
Domain Requested by
9 assets.contentquestclub.com trk.contentquestclub.com
3 fonts.gstatic.com fonts.googleapis.com
3 trk.contentquestclub.com 1 redirects kaobao.shop
assets.contentquestclub.com
2 kaobao.shop 1 redirects
1 cdnjs.cloudflare.com trk.contentquestclub.com
1 ajax.googleapis.com trk.contentquestclub.com
1 fonts.googleapis.com trk.contentquestclub.com
1 trk.wawug.com 1 redirects
1 www.thedailyyami.com 1 redirects
1 www.striketechs.com 1 redirects
18 10

This site contains links to these domains. Also see Links.

Domain
content-quest.com
Subject Issuer Validity Valid
kaobao.shop
R3		 2022-06-22 -
2022-09-20		 3 months crt.sh
*.contentquestclub.com
E1		 2022-07-10 -
2022-10-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz
Frame ID: 8A6F5E6E835B2E84ED77C09CF3B159C5
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Content Quest

Page URL History Show full URLs

  1. https://kaobao.shop/rd/c6795CYvtX99aFKU10427dBc224294QjGj546 Page URL
  2. https://kaobao.shop/track/c6795CYvtX99aFKU10427dBc224294QjGj546 HTTP 302
    https://www.striketechs.com/6N4HMCW/RDX8342/?sub1=15&sub2=546-6795&sub3=99-10427-224294 HTTP 302
    https://www.thedailyyami.com/cmp/4494R8Q/FFX5M/?__rpt=0&__po=12661&__ptid=3914bf22e0b74517b17857d41a2567d... HTTP 302
    https://trk.wawug.com/16061c82-840f-ce69-bfa2-6a8118f4eb33?transaction_id=1ba82abf0c064ed2b0bab8d7... HTTP 302
    https://trk.contentquestclub.com/campaign/474fd127917991e1020105a42085693287d07ab6?transaction_id=1ba82abf0c0... HTTP 302
    https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transactio... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

10
Subdomains

6
IPs

3
Countries

184 kB
Transfer

281 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kaobao.shop/rd/c6795CYvtX99aFKU10427dBc224294QjGj546 Page URL
  2. https://kaobao.shop/track/c6795CYvtX99aFKU10427dBc224294QjGj546 HTTP 302
    https://www.striketechs.com/6N4HMCW/RDX8342/?sub1=15&sub2=546-6795&sub3=99-10427-224294 HTTP 302
    https://www.thedailyyami.com/cmp/4494R8Q/FFX5M/?__rpt=0&__po=12661&__ptid=3914bf22e0b74517b17857d41a2567db&__rpa=1&__rc=1&sub1=15&sub2=546-6795&sub3=99-10427-224294&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
    https://trk.wawug.com/16061c82-840f-ce69-bfa2-6a8118f4eb33?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&aff_sub= HTTP 302
    https://trk.contentquestclub.com/campaign/474fd127917991e1020105a42085693287d07ab6?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&aff_sub=&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ HTTP 302
    https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
c6795CYvtX99aFKU10427dBc224294QjGj546
kaobao.shop/rd/ 		235 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://kaobao.shop/rd/c6795CYvtX99aFKU10427dBc224294QjGj546
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.183.205.155 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
235
content-type
text/html; charset=utf-8
date
Mon, 11 Jul 2022 20:15:21 GMT
Primary Request /
trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/
Redirect Chain
  • https://kaobao.shop/track/c6795CYvtX99aFKU10427dBc224294QjGj546
  • https://www.striketechs.com/6N4HMCW/RDX8342/?sub1=15&sub2=546-6795&sub3=99-10427-224294
  • https://www.thedailyyami.com/cmp/4494R8Q/FFX5M/?__rpt=0&__po=12661&__ptid=3914bf22e0b74517b17857d41a2567db&__rpa=1&__rc=1&sub1=15&sub2=546-6795&sub3=99-10427-224294&sub4=&sub5=&source_id=&__pcd=9
  • https://trk.wawug.com/16061c82-840f-ce69-bfa2-6a8118f4eb33?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&aff_sub=
  • https://trk.contentquestclub.com/campaign/474fd127917991e1020105a42085693287d07ab6?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&aff_sub=&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=...
  • https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825e...
41 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz
Requested by
Host: kaobao.shop
URL: https://kaobao.shop/rd/c6795CYvtX99aFKU10427dBc224294QjGj546
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
85a812dc54356cebb93e2c8800c28a15c9dedbd36da93e051cf1d5573ddeea3b

Request headers

Referer
https://kaobao.shop/rd/c6795CYvtX99aFKU10427dBc224294QjGj546
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
72943607ea4eca47-YUL
content-encoding
br
content-type
text/html
date
Mon, 11 Jul 2022 20:15:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6bgbRsEc55o95jLwrE%2F91v0IAQfcK0lFfNScjc%2BUKAxpmOfXlSv5ieJKL5v4Q5pd2uOzg3KC3DrSdPE%2B3%2FZ59ORPNlmnhRN2%2FXvXVYj83rZxE2XigTQvRdTBSltc506M9osnR1AVe7miwQZO65gzIeG2mkYBFg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
729436030ba0ca47-YUL
content-type
text/html
date
Mon, 11 Jul 2022 20:15:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHZLOKMtP%2BhjpM7EBr%2Bt2qkZhYOTr0JFSNaJMsJqIopM8stQKAcE52EXDs8L3mtQ6g8kYl7dBKYRMKAFUfe4DZ1TzvguRbI9gtE9D64k5l7m%2F5jNqNFc%2F9fwlSGzxmJ%2FxA0TvS7ox5ZKdoqBIg941hKYiKdsYOc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
css2
fonts.googleapis.com/ 		3 KB
1010 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;800&display=swap
Requested by
Host: trk.contentquestclub.com
URL: https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8a08d72e6f1e9844a2398be22298a6fb9e4f46d9849522bb16ac5c34eff86e9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk.contentquestclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:15:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 11 Jul 2022 20:15:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Jul 2022 20:15:26 GMT
banner.png
assets.contentquestclub.com/assets/CA/ContentQuest/two-col-giftcard-amazon-alt-free-no-trial/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.contentquestclub.com/assets/CA/ContentQuest/two-col-giftcard-amazon-alt-free-no-trial/img/banner.png
Requested by
Host: trk.contentquestclub.com
URL: https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d8eac37d07df09590ef5adc17d8da06c2886429fb398b13b28a4912352c58de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk.contentquestclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 20:15:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1318
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2275
last-modified
Tue, 14 Jun 2022 12:27:46 GMT
server
cloudflare
etag
"8e3-5e167883976f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kh4KFWe5P0kS8K01tJMl9Wk01skocIEbOF6YDu05RxK0fdigdNDmNaohiNcl1d4ThUx1bHWoFCvRbz4iuFK5iCiRu93ydCx5RWnHoopLlex0AH%2BiiuWI%2BJ%2BSmvuqnvEv4j02q%2Bj5b378B531nxZuJZezUHaNjs2kp5U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7294360b7e90ca47-YUL
extra-img.png
assets.contentquestclub.com/assets/CA/ContentQuest/two-col-giftcard-amazon-alt-free-no-trial/img/ 		95 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.contentquestclub.com/assets/CA/ContentQuest/two-col-giftcard-amazon-alt-free-no-trial/img/extra-img.png
Requested by
Host: trk.contentquestclub.com
URL: https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk.contentquestclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 20:15:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1318
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
95
last-modified
Tue, 14 Jun 2022 12:27:46 GMT
server
cloudflare
etag
"5f-5e16788397ad8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9ab5u08a%2F2VC%2B7thEt0LgSIU8x%2BHUxgBadRyoDkHRMCfWYV0X275hbEFhMzmHEgWknTHY9r1PXu%2FJG7yXGCGIBCcshqHit9M0VhO75VkPSEdmhuLLvC6GY4UcfW8MrtIgGCzYq7SpYLUDULify28cXhgwXJQn2vSbY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7294360b7e92ca47-YUL
input-icon-msisdn.png
assets.contentquestclub.com/assets/CA/ContentQuest/two-col-giftcard-amazon-alt-free-no-trial/img/ 		258 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.contentquestclub.com/assets/CA/ContentQuest/two-col-giftcard-amazon-alt-free-no-trial/img/input-icon-msisdn.png
Requested by
Host: trk.contentquestclub.com
URL: https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cb7be7d7aae5dfa9a1f0ac4337bf7ff0678d74056fbed0087ef3b4c28e14af4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk.contentquestclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 20:15:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1318
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
258
last-modified
Tue, 14 Jun 2022 12:27:46 GMT
server
cloudflare
etag
"102-5e16788397ad8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EtoxGGaYo5JoAr9ML6Oqt3yyRHvhI3C4Hzn%2FCYvGXql1lK8WAooWYnxUM834NwG28LhbD%2BfXqdFo8LoXAHQOU0lPzaIByFzTaKECaQacYeh2pNO1nv16flO1RMtsx%2FtMHwpwa1yYQ35fSW9%2FSlpCXUD11YEBlR1eSA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7294360b7e91ca47-YUL
placeholder.png
assets.contentquestclub.com/assets/global/elements/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.contentquestclub.com/assets/global/elements/placeholder.png
Requested by
Host: trk.contentquestclub.com
URL: https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0e5ffc7a359a7722e862c83fad9f327f5fe0def1e883f9ad130c4b8d6e616ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk.contentquestclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 20:15:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2515
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1573
last-modified
Tue, 07 Jul 2020 09:24:38 GMT
server
cloudflare
etag
"625-5a9d68f75d6ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRO7654DO48fgE3vfDsz3JEd6Q1tcVvkLhFb%2FxYW8oEQeIVnM4GbMayDaJKIq58xavq2Z3c8ZvWC%2BEA5hUJr5MZevvtxFqR7qGuqXpuhrOe0k2rfyHE4QzpUiVKSh5DEnpDm38rQmDREH9uBn9Waw3WsaU4epV5%2BrFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7294360b7e99ca47-YUL
input-icon-pin.png
assets.contentquestclub.com/assets/CA/ContentQuest/two-col-giftcard-amazon-alt-free-no-trial/img/ 		431 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.contentquestclub.com/assets/CA/ContentQuest/two-col-giftcard-amazon-alt-free-no-trial/img/input-icon-pin.png
Requested by
Host: trk.contentquestclub.com
URL: https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb43f8dd69cab29d99fd0708f42ce144beb3b65517f6f1c459df354feb183ce8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk.contentquestclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 20:15:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1317
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
431
last-modified
Tue, 14 Jun 2022 12:27:46 GMT
server
cloudflare
etag
"1af-5e16788397ad8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxAbYWAWZ%2FslzDMifsujSUydxCJ86OunTFpBqk4AANfVI0KlAljc7yskbGlvh6XTft5OI2aR0O7xUbvdxJHAfS3q5vOLTMo9wjsefSSg5%2Bw1XxKdcf0ZOJXqZVGhFrpp2yY68B%2Fx0tiWBRIGWu4EpGpW%2Bln3fU13bKY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7294360b7e95ca47-YUL
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: trk.contentquestclub.com
URL: https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk.contentquestclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 02:26:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 02:26:09 GMT
iframeResizer.contentWindow.min.js
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.8/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.8/iframeResizer.contentWindow.min.js
Requested by
Host: trk.contentquestclub.com
URL: https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d4773ada09d3d362bd0eda5e5d872e60ddbc5eeef5103b106c1f50476124f06
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk.contentquestclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 20:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2748817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4554
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9f-367d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWinG2441ttc9ylXdSTCJoWT%2BIShxni3ItQAhHiOVX5ZHkNfZBiQJDcjX5JvY52Njb065kxEIamyVS3LHU64MLTseAU02GbIDzjMfM4MNDEZXn8e54mqZmlPj8p3chm4Zhfvb6hpPfJz3XTGFZdAAUmX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7294360b89994bbf-YUL
expires
Sat, 01 Jul 2023 20:15:26 GMT
elephant.js
assets.contentquestclub.com/global-scripts/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.contentquestclub.com/global-scripts/js/elephant.js?rc=R-CT-P-SC&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&partner=amz_cq_ca_c1_sh288_inf_biz&transaction_id=1ba82abf0c064ed2b0bab8d73350b716&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz
Requested by
Host: trk.contentquestclub.com
URL: https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
b730405c3cd560f64ae24372386bb1ca5cbdf77568dc1342316dc107ae9ab9fa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk.contentquestclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 20:15:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 11 Jul 2022 20:15:26 GMT
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2kobK%2BGjgH1lqJlCtvo8O5EGnVPrA38QwKgmE8p1HtAyXk3zx3Gcv98V0MdTjy%2BbJVmuRNydkMeSk7W91Ksp8m6SUg7fa4GVTOHCCs97dSUF98WuXLRf7MN6cQXYleHgn%2F%2Bq8RLDMqUikh%2BLH9S1XqfNRcgxBz6LMk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7294360b7e8fca47-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lazy_loader.js
assets.contentquestclub.com/global-scripts/js/function/ 		770 B
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.contentquestclub.com/global-scripts/js/function/lazy_loader.js
Requested by
Host: trk.contentquestclub.com
URL: https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75fda61b6fe4483c08c1f1d8f05876d6a2d96788104900b50fed574c37cf3652

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk.contentquestclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 20:15:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Mar 2020 12:12:20 GMT
server
cloudflare
age
2515
etag
W/"302-5a1848c071609"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VS6p3g7%2BzIw8uorE6RySltmDP4m1bcJztmQxZDzdxITEzhC7ITfdMfY%2FR5EUnZ2I4DYzSnrvGS0zx63ZsmmXr7MBUBu0cG0qYeJZpzMz0OCr2iblBYSasQ0foHjOhraFQVuXlms%2BdDC8Qdc8w%2BBK85Rj3P9m8Yrystg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7294360bae4becee-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
stattag_v2.js
assets.contentquestclub.com/global-scripts/js/function/ 		821 B
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.contentquestclub.com/global-scripts/js/function/stattag_v2.js
Requested by
Host: trk.contentquestclub.com
URL: https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94676b5f061ca6a21a44ee0c6e9b0fb6039fecfeb45ec70bcd534319ee9ea4b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk.contentquestclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 20:15:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 May 2022 13:18:26 GMT
server
cloudflare
age
2515
etag
W/"335-5df4917a93041"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00%2BL8PudB%2BVPylZFNHhQOF9Kued2gHEOsstvD69OkMXvDpJEqCWE%2B4jzVZ%2Bd7NfZQfxAy5%2BHipHw%2F0i9vrkj1SgUmlOrjrkpVeVql4synA6K6OTi32YqNScLpqcdtzrBDkroCYgn3yuXmilYOdR%2BlNIZn1uWrhYQ9lc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7294360bae4cecee-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trk.contentquestclub.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 05:50:56 GMT
x-content-type-options
nosniff
age
570270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 05:50:56 GMT
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trk.contentquestclub.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 06:17:38 GMT
x-content-type-options
nosniff
age
568668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7824
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:52:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 06:17:38 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trk.contentquestclub.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 09:10:11 GMT
x-content-type-options
nosniff
age
558315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 09:10:11 GMT
desktop-img.png
assets.contentquestclub.com/assets/CA/ContentQuest/two-col-giftcard-amazon-alt-free-no-trial/img/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.contentquestclub.com/assets/CA/ContentQuest/two-col-giftcard-amazon-alt-free-no-trial/img/desktop-img.png
Requested by
Host: trk.contentquestclub.com
URL: https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c738ddbab48787774b57c49b1104576e8f6296e2d8f0d74beb72fb0683fef0ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk.contentquestclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 20:15:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1316
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
103057
last-modified
Tue, 14 Jun 2022 12:27:46 GMT
server
cloudflare
etag
"19291-5e16788397ad8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ledVc%2FDtL1KKIdPneZaVW7aSh%2BtecrV8ZHWkkWrHKJZVlyBzCScueuFhonZIbzQQsUfMfxRpgaZvWxDw9vV0xZCF3P55hllR2EQvUermhRRQ1Sp9oQJzvWBa8HEuqIrVlof9LwKCvgeHXy4BEDedqfMt83knOXiJAmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7294360faa28ecee-YUL
/
trk.contentquestclub.com/api/logger/post_interaction/ 		59 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trk.contentquestclub.com/api/logger/post_interaction/
Requested by
Host: assets.contentquestclub.com
URL: https://assets.contentquestclub.com/global-scripts/js/elephant.js?rc=R-CT-P-SC&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&partner=amz_cq_ca_c1_sh288_inf_biz&transaction_id=1ba82abf0c064ed2b0bab8d73350b716&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:b668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
9280d577524fbfe76d271aaa4816fb71f45c5eefd2950bd1f8e781e47a9c1249

Request headers

Referer
https://trk.contentquestclub.com//zcampaign/474fd127917991e1020105a42085693287d07ab6/inf001/start/?transaction_id=1ba82abf0c064ed2b0bab8d73350b716&aff_id=3505&sl1=a1fb5e1e-feea-b994-87f6-1c859c825ee2&sl2=U0tr26dh&sl3=ZVcfRIVD&sl4=UdX3AmKZ&rc=R-CT-P-SC&pl=685528967&pc_session_id=68g6nv9q5on6n3pprqvh1q8gi6-36429&sid=68g6nv9q5on6n3pprqvh1q8gi6-36429&pc_synd_id=amz_cq_ca_c1_sh288_inf_biz&partner=amz_cq_ca_c1_sh288_inf_biz
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/json

Response headers

date
Mon, 11 Jul 2022 20:15:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.4.16
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XF0Nm8trcq0TnMQqTxc66ZZbNSixK67YIzk%2Bh8%2BZ%2FyhPt5gnRSN%2Fvtai3rDB99QFgoKRZYSAjSEJMedhQVhKTj%2BMOEbvNgsiWmsUmS%2BLaCMy%2BO%2B0hA77xyK2JE44AuJ8INMNfW%2BtSGcHxqKJradNyjRn8AFlKM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
729436101aa0ecee-YUL
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| assets_domain string| bckLink function| $ function| jQuery object| Logger function| warn function| error string| req_rc string| req_sid string| req_partner string| req_transaction_id string| req_pl string| req_pc_session_id string| req_pc_synd_id string| baseUrl object| warn_log function| _warn_log object| error_log function| _erro_log function| RespondToVisibility function| stattag function| responsive_image function| JsAlertMessages function| landerMsisdnHandle function| landerPINHandle function| prefillMSISDN function| switchLangFunc function| setShortcode string| lang string| mobile_not_valid_en string| mobile_not_valid_fr string| something_went_wrong_en string| something_went_wrong_fr string| product_not_available_en string| product_not_available_fr function| msisdn_validation function| show_error function| hide_error function| showMsisdnPanel function| showPinPanel function| showSuccessPanel function| setupFinalUrl function| formatMsisdn string| log_cat undefined| pre boolean| check string| mobile_not_valid string| something_went_wrong string| product_not_available

4 Cookies

Domain/Path Name / Value
www.thedailyyami.com/ Name: uniqueClick_FFX5M
Value: ff15168d-b7b0-415a-9e40-f0fd06ac1025:1657570523
www.thedailyyami.com/ Name: transaction_id
Value: 1ba82abf0c064ed2b0bab8d73350b716
trk.wawug.com/ Name: PHPSESSID
Value: kgep9ptark262okad6c0g63tl4
trk.contentquestclub.com/ Name: PHPSESSID
Value: 68g6nv9q5on6n3pprqvh1q8gi6-36429

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.contentquestclub.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
kaobao.shop
trk.contentquestclub.com
trk.wawug.com
www.striketechs.com
www.thedailyyami.com
20.91.223.9
2606:4700:3031::6815:28fa
2606:4700:3037::ac43:b668
2606:4700::6811:190e
2607:f8b0:4006:807::2003
2607:f8b0:4006:81e::200a
2607:f8b0:4006:824::200a
68.183.205.155
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
5d8eac37d07df09590ef5adc17d8da06c2886429fb398b13b28a4912352c58de
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
6cb7be7d7aae5dfa9a1f0ac4337bf7ff0678d74056fbed0087ef3b4c28e14af4
75fda61b6fe4483c08c1f1d8f05876d6a2d96788104900b50fed574c37cf3652
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
85a812dc54356cebb93e2c8800c28a15c9dedbd36da93e051cf1d5573ddeea3b
8a08d72e6f1e9844a2398be22298a6fb9e4f46d9849522bb16ac5c34eff86e9f
8d4773ada09d3d362bd0eda5e5d872e60ddbc5eeef5103b106c1f50476124f06
9280d577524fbfe76d271aaa4816fb71f45c5eefd2950bd1f8e781e47a9c1249
94676b5f061ca6a21a44ee0c6e9b0fb6039fecfeb45ec70bcd534319ee9ea4b0
b730405c3cd560f64ae24372386bb1ca5cbdf77568dc1342316dc107ae9ab9fa
c0e5ffc7a359a7722e862c83fad9f327f5fe0def1e883f9ad130c4b8d6e616ce
c738ddbab48787774b57c49b1104576e8f6296e2d8f0d74beb72fb0683fef0ea
eb43f8dd69cab29d99fd0708f42ce144beb3b65517f6f1c459df354feb183ce8
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149