aff.return24h.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://aff.return24h.com/
Effective URL:
https://aff.return24h.com/
Submission: On November 15 via api (November 15th 2023, 10:34:52 pm UTC) from US — Scanned from NL

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is aff.return24h.com.
TLS certificate: Issued by GTS CA 1P5 on October 26th 2023. Valid for: 3 months.

This is the only time aff.return24h.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
4	104.21.75.122 104.21.75.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
10	4

5 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

aff.return24h.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.75.122 (None, )

ASN13335 (CLOUDFLARENET, US)

notifyskylot44.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	return24h.com 1 redirects aff.return24h.com	312 KB
4	notifyskylot44.net notifyskylot44.net	1 KB
1	gstatic.com fonts.gstatic.com	19 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	878 B
10	4

	Domain	Requested by
5	aff.return24h.com	1 redirects aff.return24h.com
4	notifyskylot44.net	aff.return24h.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	aff.return24h.com
10	4

This site contains no links.

Subject Issuer	Validity	Valid
return24h.com GTS CA 1P5	`2023-10-26` - `2024-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
notifyskylot44.net GTS CA 1P5	`2023-09-26` - `2023-12-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://aff.return24h.com/
Frame ID: A9E730FB60A43EFF168110C5055D62FB
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Return24 - สมัครสมาชิก

Page URL History Show full URLs

http://aff.return24h.com/ HTTP 301
https://aff.return24h.com/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

333 kB
Transfer

839 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://aff.return24h.com/ HTTP 301
https://aff.return24h.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
aff.return24h.com/
Redirect Chain

http://aff.return24h.com/
https://aff.return24h.com/

696 B
791 B

1019ms
671ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aff.return24h.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 608f43c4a81f39844d015b6198d7d9551c62e3f4b302e5303e06def020ad41b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826af699a9d81959-FRA
content-encoding: br
content-type: text/html
date: Wed, 15 Nov 2023 22:34:44 GMT
last-modified: Sat, 28 Oct 2023 15:23:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14l3AxbLdbJq8IcfgS1ERZ5c2JT1KmHrG9J%2F45cd5wRKi0U4cPooKS1Wo6ROUL%2F9V9k28zXCvNP%2FuiiSeQ4nvLho4aIEKbd6qskuWdhA1q%2B4NM8X0VOJ1NuJJeaA1xlGlfqwyA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 826af6974f1b9164-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 15 Nov 2023 22:34:43 GMT
Expires: Wed, 15 Nov 2023 23:34:43 GMT
Location: https://aff.return24h.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BG9RbzbteCcE947N5sottjG1CEIhVc4FE5aPayXGX%2FNihsfsbwZ8FAnJ5yonunCH7hx4rKPj5gkpBHfZIrnt%2BSxakW3g2R6yP92jQoDFejsm0vqsIcEeyUeoLSoNxCsKjvpRw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 1 KB
878 B 386ms
29ms Stylesheet
text/css 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Kanit

Requested by

Host: aff.return24h.com
URL: https://aff.return24h.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

ESF /

Resource Hash

d3397f6abfbf5a41f42cdeaf9521d956595a5141a62b0dea5068f246681f94ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aff.return24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Nov 2023 22:34:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 22:14:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Nov 2023 22:34:45 GMT

GET
H2 200 main.c8e9bb1f.js Show response
aff.return24h.com/static/js/ 439 KB
132 KB 197ms
196ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aff.return24h.com/static/js/main.c8e9bb1f.js
Requested by: Host: aff.return24h.com
URL: https://aff.return24h.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80ed6cf052b15ad04df678bf581901bb83c68ebe9aaeca921daeccdeb315f906

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aff.return24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 22:34:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 28 Oct 2023 15:23:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"653d278d-6dbad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVN7jso7FQnNcm7ZV6jrE5HcIAp%2FTDJryAmaOzA4nn%2BI8hLa%2F%2BpK8I%2FUSJX2an5MALhgN5Ia73PhqDO5RhN8FSX1iyn8BeVLnFtdWUWBfz3bEvk4k3s%2BYmn2uzkR9KRnLAYOGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 826af69ded921959-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.f9328caa.css
aff.return24h.com/static/css/ 241 KB
40 KB 1170ms
1170ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aff.return24h.com/static/css/main.f9328caa.css
Requested by: Host: aff.return24h.com
URL: https://aff.return24h.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c14ef71c6e29f981e402e9f3edcea50fbf0c82ddd7e213ff794c8a7621b742c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aff.return24h.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 22:34:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 28 Oct 2023 15:23:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"653d278b-3c47c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QM%2Fc3nxaTp927%2FwPZw0oiaJX29rJI%2BpOpRWHjSZV%2FyBa%2ByRVc54oft5R063wBu%2F9QNjcfas4AfwBPV1CsUpkHQ3DBE8TFAxMxleg955P55lk055uG8GNxAWgOyaJQY8AUYNpOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 826af69ded911959-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
notifyskylot44.net/socket.io/ 96 B
528 B 577ms
197ms XHR
text/plain 104.21.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://notifyskylot44.net/socket.io/?EIO=4&transport=polling&t=OlL7sDE
Requested by: Host: aff.return24h.com
URL: https://aff.return24h.com/static/js/main.c8e9bb1f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.75.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2369a348d6329dc5aefde9d1c610628ab6d170665742d64836e8057aeb56faef

Request headers

Accept: */*
Referer: https://aff.return24h.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 22:34:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLJ9XhxSg%2FJtJxEIp099L9UTRGSKYQcsVuY%2F1pVf9d4Jx2AMJ6ywtnDWn3EKzPRK1aTQla9oYpiSBeA9mWhvTgyMMLGj1%2BN2mGfx9cS3G5060457cjbosx3f820K%2FdiONavrOu8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cf-ray: 826af6a7bfd665c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bgstyle4.c2fcaa242cffc13b7970.jpg
aff.return24h.com/static/media/ 138 KB
138 KB 705ms
705ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aff.return24h.com/static/media/bgstyle4.c2fcaa242cffc13b7970.jpg
Requested by: Host: aff.return24h.com
URL: https://aff.return24h.com/static/css/main.f9328caa.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 847cbd6bd53df5efd597505b5614f19734cbaff3149d8fbb0b36cc24da4548b0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aff.return24h.com/static/css/main.f9328caa.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 22:34:46 GMT
cf-cache-status: HIT
last-modified: Sat, 28 Oct 2023 15:24:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653d2795-226bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FHd3F9j8eLPIgJsOgFgrb5vaTkMss69snzHk0VXfsNjF4vGA5T%2BMW8X966e9j5ziuUD85f7an1SVWKgxMomkrD6ANeHvQ4dT93m%2BWO882gLjofRAYt%2Fe%2BZRsgH7lzMe0esmLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826af6a56bf51959-FRA
alt-svc: h3=":443"; ma=86400
content-length: 140989

GET
H2 200 nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v15/ 19 KB
19 KB 376ms
20ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kanit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aff.return24h.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:39:51 GMT
x-content-type-options: nosniff
age: 89695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19388
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:53:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 21:39:51 GMT

POST
H2 200 / Show response
notifyskylot44.net/socket.io/ 2 B
283 B 222ms
222ms XHR
text/html 104.21.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://notifyskylot44.net/socket.io/?EIO=4&transport=polling&t=OlL7sMI&sid=TIUwo7JtIPTBVdbdwx2v
Requested by: Host: aff.return24h.com
URL: https://aff.return24h.com/static/js/main.c8e9bb1f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.75.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: */*
Referer: https://aff.return24h.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Nov 2023 22:34:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BcB%2Frrxa4WWdNAVm415sGpRSAngFdCAdMhp9L82wVeelDlBg3EoN66U6JQhXyhW2hyy9beja2%2B3%2BDZ1kssYa0T9fdWAHCdZLcLSOuO4p05LxiRJL5Fj1DhwIkAy21KCNdwj9Pk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
cf-ray: 826af6a8f8f465c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
notifyskylot44.net/socket.io/ 32 B
299 B 203ms
203ms XHR
text/plain 104.21.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://notifyskylot44.net/socket.io/?EIO=4&transport=polling&t=OlL7sMK&sid=TIUwo7JtIPTBVdbdwx2v
Requested by: Host: aff.return24h.com
URL: https://aff.return24h.com/static/js/main.c8e9bb1f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.75.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7dd435d0b55a59febf7f6e8050ad94ebf86ecfb8f29ac8985acbcdec19e9a2a

Request headers

Accept: */*
Referer: https://aff.return24h.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 22:34:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3Ko49LDTXy12lAH2XsPmmzW6gcPcCGVd8lmhWUBNJHoIO1pn5p0erZ0xxTuYrgF8XmWiHU5e2uetEBuUXctToTzgd8CYu03p97azhGljwN6pS4pQZVTRF2KXz6O2L52kFNyLEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cf-ray: 826af6a8f8f765c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 32

GET
H2 200 / Show response
notifyskylot44.net/socket.io/ 1 B
296 B 1146ms
1146ms XHR
text/plain 104.21.75.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://notifyskylot44.net/socket.io/?EIO=4&transport=polling&t=OlL7sPX&sid=TIUwo7JtIPTBVdbdwx2v
Requested by: Host: aff.return24h.com
URL: https://aff.return24h.com/static/js/main.c8e9bb1f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.75.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

Accept: */*
Referer: https://aff.return24h.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 22:34:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lnk%2Bvhox1e3Sk2UY2hI7m%2BCtBiXWal9bJIDiu8scq7s1LKVKMqbNs3ojJmnLt%2F26ET6pOyOGNmIvp34hxn%2Bj%2F9swNgddSdS5CJagyLKEYTGz6BRhdT6mHrumTVapDIAY5cM15UI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cf-ray: 826af6aa4a9365c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackChunkmc_blue

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aff.return24h.com
fonts.googleapis.com
fonts.gstatic.com
notifyskylot44.net
104.21.75.122
142.250.185.227
142.250.186.106
188.114.97.3
2369a348d6329dc5aefde9d1c610628ab6d170665742d64836e8057aeb56faef
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
608f43c4a81f39844d015b6198d7d9551c62e3f4b302e5303e06def020ad41b9
7c14ef71c6e29f981e402e9f3edcea50fbf0c82ddd7e213ff794c8a7621b742c
80ed6cf052b15ad04df678bf581901bb83c68ebe9aaeca921daeccdeb315f906
847cbd6bd53df5efd597505b5614f19734cbaff3149d8fbb0b36cc24da4548b0
a7dd435d0b55a59febf7f6e8050ad94ebf86ecfb8f29ac8985acbcdec19e9a2a
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
d3397f6abfbf5a41f42cdeaf9521d956595a5141a62b0dea5068f246681f94ac
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

aff.return24h.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

333 kBTransfer

839 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

aff.return24h.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

333 kB
Transfer

839 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions