urlscan.io logo urlscan.io
SecurityTrails logo

trk-ca.xiyfi.com Open in urlscan Pro
104.21.43.126  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dsicover.live/rd/c6421znrhw1456941KPqL2800Grp34373coSQ101
Effective URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d4...
Submission: On August 17 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 31 HTTP transactions. The main IP is 104.21.43.126, located in and belongs to CLOUDFLARENET, US. The main domain is trk-ca.xiyfi.com.
TLS certificate: Issued by GTS CA 1P5 on July 3rd 2023. Valid for: 3 months.
This is the only time trk-ca.xiyfi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 185.176.221.161 39845 (LV-2CLOUD...)
1 1 185.141.164.35 61317 (ASDETUK w...)
1 1 104.21.43.48 13335 (CLOUDFLAR...)
2 15 104.21.43.126 13335 (CLOUDFLAR...)
2 142.250.80.106 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
2 142.251.40.99 15169 (GOOGLE)
2 18.164.124.65 16509 (AMAZON-02)
6 172.67.179.134 13335 (CLOUDFLAR...)
2 3.224.105.215 14618 (AMAZON-AES)
2 34.203.15.26 14618 (AMAZON-AES)
31 9
2    185.176.221.161 (Riga, Latvia)

ASN39845 (LV-2CLOUD-ASN16, LV)
PTR: 301917.2cloud.eu
dsicover.live
1    185.141.164.35 (Frankfurt am Main, Germany)

ASN61317 (ASDETUK www.heficed.com, US)
www.binankle.com
1    104.21.43.48 (None, )

ASN13335 (CLOUDFLARENET, US)
trk.kryru.com
15    104.21.43.126 (None, )

ASN13335 (CLOUDFLARENET, US)
trk-ca.xiyfi.com
cdn-ca.xiyfi.com
2    142.250.80.106 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f10.1e100.net
fonts.googleapis.com
ajax.googleapis.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    142.251.40.99 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f3.1e100.net
fonts.gstatic.com
2    18.164.124.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-65.jfk50.r.cloudfront.net
api.pushnami.com
6    172.67.179.134 (United States)

ASN13335 (CLOUDFLARENET, US)
trk.xiyfi.com
2    3.224.105.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-105-215.compute-1.amazonaws.com
trc.pushnami.com
2    34.203.15.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-15-26.compute-1.amazonaws.com
psp.pushnami.com
Apex Domain
Subdomains		 Transfer
21 xiyfi.com
trk-ca.xiyfi.com
cdn-ca.xiyfi.com
trk.xiyfi.com
167 KB
6 pushnami.com
api.pushnami.com — Cisco Umbrella Rank: 5586
trc.pushnami.com — Cisco Umbrella Rank: 5834
psp.pushnami.com — Cisco Umbrella Rank: 21995
20 KB
2 gstatic.com
fonts.gstatic.com
16 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
ajax.googleapis.com — Cisco Umbrella Rank: 424
31 KB
2 dsicover.live
dsicover.live
579 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 277
5 KB
1 kryru.com
trk.kryru.com
720 B
1 binankle.com
www.binankle.com
653 B
31 8
Domain Requested by
11 cdn-ca.xiyfi.com trk-ca.xiyfi.com
6 trk.xiyfi.com cdn-ca.xiyfi.com
4 trk-ca.xiyfi.com 2 redirects dsicover.live
trk-ca.xiyfi.com
2 psp.pushnami.com api.pushnami.com
2 trc.pushnami.com api.pushnami.com
2 api.pushnami.com cdn-ca.xiyfi.com
api.pushnami.com
2 fonts.gstatic.com fonts.googleapis.com
2 dsicover.live 1 redirects
1 cdnjs.cloudflare.com trk-ca.xiyfi.com
1 ajax.googleapis.com trk-ca.xiyfi.com
1 fonts.googleapis.com trk-ca.xiyfi.com
1 trk.kryru.com 1 redirects
1 www.binankle.com 1 redirects
31 13

This site contains links to these domains. Also see Links.

Domain
wow-deals.co.uk
Subject Issuer Validity Valid
xiyfi.com
GTS CA 1P5		 2023-07-03 -
2023-10-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.pushnami.com
Amazon RSA 2048 M01		 2023-03-04 -
2024-04-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Frame ID: FD3AD4A31F8E12F2D10E4FC9A621A860
Requests: 25 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: FFFDAD1BC10210FB0710EA5AD0BDE09D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WOW Deals

Page URL History Show full URLs

  1. http://dsicover.live/rd/c6421znrhw1456941KPqL2800Grp34373coSQ101 Page URL
  2. http://dsicover.live/track/c6421znrhw1456941KPqL2800Grp34373coSQ101 HTTP 302
    https://www.binankle.com/7TFK5NZ/213D4LHT/?sub1=9&sub2=101-6421&sub3=1456941-2800-34373 HTTP 302
    https://trk.kryru.com/02801ba3-0c84-07b2-58d2-ca452a1cb19d/?transaction_id=ac8a91935ade4923ba98601... HTTP 302
    https://trk-ca.xiyfi.com/campaign/5a93326698eeb8d4476ebe9c5896c3f972632cd4?transaction_id=ac8a91935ad... HTTP 302
    https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&... HTTP 302
    https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • api\.pushnami\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

13
Subdomains

9
IPs

4
Countries

238 kB
Transfer

404 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dsicover.live/rd/c6421znrhw1456941KPqL2800Grp34373coSQ101 Page URL
  2. http://dsicover.live/track/c6421znrhw1456941KPqL2800Grp34373coSQ101 HTTP 302
    https://www.binankle.com/7TFK5NZ/213D4LHT/?sub1=9&sub2=101-6421&sub3=1456941-2800-34373 HTTP 302
    https://trk.kryru.com/02801ba3-0c84-07b2-58d2-ca452a1cb19d/?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&aff_sub= HTTP 302
    https://trk-ca.xiyfi.com/campaign/5a93326698eeb8d4476ebe9c5896c3f972632cd4?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&aff_sub=&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792 HTTP 302
    https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz HTTP 302
    https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
c6421znrhw1456941KPqL2800Grp34373coSQ101
dsicover.live/rd/ 		243 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
http://dsicover.live/rd/c6421znrhw1456941KPqL2800Grp34373coSQ101
Protocol
HTTP/1.1
Server
185.176.221.161 Riga, Latvia, ASN39845 (LV-2CLOUD-ASN16, LV),
Reverse DNS
301917.2cloud.eu
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
243
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Aug 2023 15:03:00 GMT
Primary Request loader_only.php
trk-ca.xiyfi.com/
Redirect Chain
  • http://dsicover.live/track/c6421znrhw1456941KPqL2800Grp34373coSQ101
  • https://www.binankle.com/7TFK5NZ/213D4LHT/?sub1=9&sub2=101-6421&sub3=1456941-2800-34373
  • https://trk.kryru.com/02801ba3-0c84-07b2-58d2-ca452a1cb19d/?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&aff_sub=
  • https://trk-ca.xiyfi.com/campaign/5a93326698eeb8d4476ebe9c5896c3f972632cd4?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&aff_sub=&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt...
  • https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-169228...
  • https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-169228...
21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Requested by
Host: dsicover.live
URL: http://dsicover.live/rd/c6421znrhw1456941KPqL2800Grp34373coSQ101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
5b30c445144621c0a699ceb86d9651d5b9f94151b7bfb3fdda0d9f5b6180ed7e

Request headers

Referer
http://dsicover.live/rd/c6421znrhw1456941KPqL2800Grp34373coSQ101
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7f82cd348c0ba1ed-YYZ
content-encoding
br
content-type
text/html
date
Thu, 17 Aug 2023 15:03:03 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FENWFnSiQPyIOvytLPGIOwyoIkZrjJNuamNmm%2FhFYpn2uJE651AfgURliqECim2UHi7C1pkV1%2BlUycneci8IWhXLVZldprkw5Se2l1jylvVVNpfFLZgFJSQLNDBE29FW1M9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7f82cd332cfea1e0-YYZ
content-type
text/html
date
Thu, 17 Aug 2023 15:03:03 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
//trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2B%2FiKJ83hbUqjT54pzHOYDGITsMEW0cp39ZIoBvWweefhcAu0DiAe1sumksq9hJBSgUAJuPf9Pxz95R9PjLDJY83h7TmQtVog2kNlgHPossAoTQnt%2Fi%2FfJxsfr%2FWCTat1Rba"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
css2
fonts.googleapis.com/ 		10 KB
915 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: trk-ca.xiyfi.com
URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.106 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f10.1e100.net
Software
ESF /
Resource Hash
ad26ec8a3728c7ab759a937b415be68bb65886fb81ac6a3d1c050d2989c512a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.xiyfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 15:03:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 13:41:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 15:03:03 GMT
clock.svg
cdn-ca.xiyfi.com/prelanders/uk/amz/loyalty/img/ 		1 KB
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ca.xiyfi.com/prelanders/uk/amz/loyalty/img/clock.svg
Requested by
Host: trk-ca.xiyfi.com
URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.43.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7080e089dab3a0ae988d8605e0228194997e26bbb43079ac5772315032c966a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.xiyfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:03:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 01 Dec 2021 13:33:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"53e-5d215b98f4119"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlviyknLNTJVo6gzrk41GfPodwbi7tVZZ5yrVArerf%2BrmzwerzmfSTj7ayX53t7hYSk4LY8jmOIwdY4XwX%2FmoTi7iioBTTHXmbphzTRJpWhtF3BXFAYkp8by2%2BIPWYo8V7Zm"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7f82cd36791ea1e0-YYZ
alt-svc
h3=":443"; ma=86400
animated-loading.gif
cdn-ca.xiyfi.com/assets/global/loading/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ca.xiyfi.com/assets/global/loading/animated-loading.gif
Requested by
Host: trk-ca.xiyfi.com
URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.43.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d1d94e30886b697e5ea71ac71e37c1dfd3d22a0f90a4dea73393dbfb273eae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.xiyfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:03:03 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 04 May 2020 15:12:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a18-5a4d3f6df20f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUt84f0SlntX8cNWkmXEChN03HPGig4q4GHzoZ9uSEfoLnwpqoEs%2FjyrvLFPOMKt%2BbOB6dnwyNFvb9pydRJcNSW5pJ3Q8Hnu7BWxpKJezWu50sCP3ZngXFUABcUwAuEZQLYv"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f82cd36791fa1e0-YYZ
alt-svc
h3=":443"; ma=86400
content-length
2584
email-decode.min.js
trk-ca.xiyfi.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-ca.xiyfi.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: trk-ca.xiyfi.com
URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:03:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Aug 2023 10:14:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64d9fe95-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BNi59p3wBgrAL85VVPEzU4M%2FpoYw9LO5kSC%2FGLf5XPVS6dGL3RsK3eLbH1%2FpH0conzMTYdHuq3h2mzW8g1ylHtdm9TQiqVq48ezrzK0JVA0HwuFQnXCleoKUeIoTfCTou0k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7f82cd36cfbaa1ed-YYZ
expires
Sat, 19 Aug 2023 15:03:03 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: trk-ca.xiyfi.com
URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.106 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f10.1e100.net
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.xiyfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:16:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 22:16:26 GMT
iframeResizer.contentWindow.min.js
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.8/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.8/iframeResizer.contentWindow.min.js
Requested by
Host: trk-ca.xiyfi.com
URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d4773ada09d3d362bd0eda5e5d872e60ddbc5eeef5103b106c1f50476124f06
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.xiyfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:03:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4844072
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4554
last-modified
Mon, 04 May 2020 16:11:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9f-367d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niMFxo27cR4v57A7S6WCCiz%2FjG8TCMLgCGzI9VO5mgmdSJ5tQxJg04crDyTnL%2BGRkxW9EPSUsCRiENy7nMJlc1OSTOmdUYzGbtxaQrRcFfMSGWDB4WVXAoILM1OZ5t7rg8ueitr7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f82cd371a6a39cc-YYZ
expires
Tue, 06 Aug 2024 15:03:03 GMT
elephant.js
cdn-ca.xiyfi.com/global-scripts/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ca.xiyfi.com/global-scripts/js/elephant.js
Requested by
Host: trk-ca.xiyfi.com
URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.43.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
7edecdbd869f64ec3ec3b09ad60f1735d37b04664bbad566dda002f2b5a02fea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.xiyfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:03:03 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 17 Aug 2023 10:37:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPpxEfcqU9I9%2BmvCR27GAM7GuCf2usqBTQnWEgoBaQ5HwdMqTDAbytB2wZZg%2FnOacYzXNpP2OpS12RJPXMFNoyh45QjiJE%2FgaexWYpbZ5fqbYqOZINYG8ZXJN34eETcYjYxv"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
cf-ray
7f82cd36c99ca1e0-YYZ
alt-svc
h3=":443"; ma=86400
manageCookies.js
cdn-ca.xiyfi.com/global-scripts/js/ 		741 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ca.xiyfi.com/global-scripts/js/manageCookies.js
Requested by
Host: trk-ca.xiyfi.com
URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.43.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
290b1a4f50d2b5d32b9d8bcb6f8369e9bca2372da8604d320903ec8a9cdc058a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.xiyfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:03:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 03 Oct 2022 10:03:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2e5-5ea1e75272a48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ty97bLmAVyDac9vubKXRD%2FomiRR%2FLVhjixoNz6EKIAVRHj1tY%2F%2FbS2KrsS8VhQchcNd0FBUK3ifprd2Vg1yTnXrxPx1AFvMSSA3bOITbnwYlo6YX8cglhAw1DrxweUHQNxjo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f82cd36c99ea1e0-YYZ
alt-svc
h3=":443"; ma=86400
paypal_preload.js
cdn-ca.xiyfi.com/global-scripts/js/paypal/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ca.xiyfi.com/global-scripts/js/paypal/paypal_preload.js
Requested by
Host: trk-ca.xiyfi.com
URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.43.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73f080060b9b1ceaba549b22a84e5bd0ef64078e0327a42becb1554b714a417e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.xiyfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:03:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 23 Dec 2022 09:19:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1fc2-5f07b4a1423ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdxyohwyfFTSc%2FjAUPnaZ3exGUuoqceow1uNPvu4QsV28jqCoA162OF8QZJsLvYOjemjLdOOrv8WufQ6O09rDtK3aIbvy3HkbtDllmiuzL%2FC1A19e%2F6bdwKY34wVgStE9c7P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f82cd36c9a1a1e0-YYZ
alt-svc
h3=":443"; ma=86400
lazy_loader.js
cdn-ca.xiyfi.com/global-scripts/js/function/ 		770 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ca.xiyfi.com/global-scripts/js/function/lazy_loader.js
Requested by
Host: trk-ca.xiyfi.com
URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.43.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75fda61b6fe4483c08c1f1d8f05876d6a2d96788104900b50fed574c37cf3652

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.xiyfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:03:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Mar 2020 12:12:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"302-5a1848c071609"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOjXfO6hky8thufQ7eS9BxM7WYFmfLXCmHMRdYLejX2pbLFycASqCKbsFU4vYghQGRf8qwTG9c2uyz2aHCksUCmUuT5egqjppE3g2zT%2FNfE42FrH1q0ZKH6yE%2F0znbw21H8C"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f82cd36c9a2a1e0-YYZ
alt-svc
h3=":443"; ma=86400
stattag_v2.js
cdn-ca.xiyfi.com/global-scripts/js/function/ 		957 B
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ca.xiyfi.com/global-scripts/js/function/stattag_v2.js
Requested by
Host: trk-ca.xiyfi.com
URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77bdc7fd849a25672e3c844617cd1a64e9141db0b884fab0291b27af3934973c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.xiyfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:03:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 06 Apr 2023 08:12:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3bd-5f8a67881b0b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpUvavrfb9A9k7HQZWzJN34UWCsX1CQ5POG5lXTqCdEO0t7NeDgv9zkWtFI%2B5%2FUsHN4%2BBiRiC1jZpd9PQ1hwHxanbCf1Z9D0GbfAAPL9AF2Tc%2BWmD1hSwlA67VdMbsluZLu9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f82cd37f93ea1ed-YYZ
alt-svc
h3=":443"; ma=86400
pushnami.js
cdn-ca.xiyfi.com/global-scripts/js/ 		403 B
671 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ca.xiyfi.com/global-scripts/js/pushnami.js
Requested by
Host: trk-ca.xiyfi.com
URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f195d77f488e0191e8379591ba731fb1ef3a8eaf9cebddddbec0744d5960b313

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.xiyfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:03:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 07 Feb 2023 15:49:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"193-5f41e18e7211f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQXX7gAQ7Ww52jijGuuIjmZDEEbIGHBPcdGmS8P0cajcw%2FXAH0vVRhSWaS%2BpWR02vPsmvkCmIt6bKjAdsmLEv%2BLwIJyEIo%2B6mJN%2BZdnhEHh250XeHIoCFiFBVB%2FeJZ%2F%2Fe7ds"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f82cd37f940a1ed-YYZ
alt-svc
h3=":443"; ma=86400
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.99 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trk-ca.xiyfi.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 08:45:28 GMT
x-content-type-options
nosniff
age
22655
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Aug 2024 08:45:28 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.99 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trk-ca.xiyfi.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 17:15:42 GMT
x-content-type-options
nosniff
age
510441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 17:15:42 GMT
rating.png
cdn-ca.xiyfi.com/assets/CA/WOWDeals/fdx-lander-ca/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ca.xiyfi.com/assets/CA/WOWDeals/fdx-lander-ca/img/rating.png
Requested by
Host: trk-ca.xiyfi.com
URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaf3c62d91707d3bb5e75e08a27fbacbb8771ca90ac50da8928d927402b998f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.xiyfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:03:03 GMT
cf-cache-status
MISS
last-modified
Wed, 23 Nov 2022 14:44:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"148f-5ee2452d72d4d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2Cx99FVMBo2R3xoTLE8sZV2PGsLWIvwZ34KAB%2B8N3y%2BCd5iK7XBdwhmentXd6spcleuodqk41fcZgZKPKHbd%2FgV8dBC9O3NrfciFEvwPtTiO8A4OeDxhtveg390eQu%2FlaLr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f82cd3889d0a1ed-YYZ
alt-svc
h3=":443"; ma=86400
content-length
5263
desktop-img.png
cdn-ca.xiyfi.com/assets/CA/WOWDeals/fdx-lander-ca/img/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ca.xiyfi.com/assets/CA/WOWDeals/fdx-lander-ca/img/desktop-img.png
Requested by
Host: trk-ca.xiyfi.com
URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c903a2914e8ec72bcbee715cf570add78ce7f7efee2085008eb9d6c0b1dabe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.xiyfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:03:04 GMT
cf-cache-status
MISS
last-modified
Wed, 23 Nov 2022 14:44:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"20e8d-5ee2452d4b47e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHUwfRvFiceUf7Ib785rq8jaA7uEBlVBd0n%2BMJwqAUBuYIUHefYDbIlyDpqCj7xZFVxw6IQafY%2B6fEFD8DT%2BjmdP%2FsjvUZbrb98qhTAUP6jU99ZnTfPoCa94HUbtBS7Z0CdI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f82cd3889d1a1ed-YYZ
alt-svc
h3=":443"; ma=86400
content-length
134797
poweredBy.png
cdn-ca.xiyfi.com/assets/CA/WOWDeals/fdx-lander-ca/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ca.xiyfi.com/assets/CA/WOWDeals/fdx-lander-ca/img/poweredBy.png
Requested by
Host: trk-ca.xiyfi.com
URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
978cca3cb41f552073f24add2674a6b734268d2d222d87c135a0e9b131aeaae8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.xiyfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:03:03 GMT
cf-cache-status
MISS
last-modified
Wed, 23 Nov 2022 14:44:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1668-5ee2452d5ecfe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pHH%2FVn1fypE%2FwL%2FUCTuJOu0jHqQyELbLOBYesjMA%2F5kNZZx%2FTcW1RLbKFHxWIJvo9KEv8Dune2WjE9fAPQpVfuSHG1YRPeLLt1BAXkbQwfLaDv8ZMuL%2B9ZyIJwEe49CfgaW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f82cd3889d4a1ed-YYZ
alt-svc
h3=":443"; ma=86400
content-length
5736
62792cab399de000134a7e97
api.pushnami.com/scripts/v1/pushnami-adv/ 		88 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/62792cab399de000134a7e97
Requested by
Host: cdn-ca.xiyfi.com
URL: https://cdn-ca.xiyfi.com/global-scripts/js/pushnami.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-65.jfk50.r.cloudfront.net
Software
/
Resource Hash
6e20694257cdee19591c605668d73b5f32d67099b4c97d6827184024a049e201

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.xiyfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 15:00:28 GMT
content-encoding
gzip
via
1.1 d0abe8e02f00bbb3378a9a4149801740.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P7
age
155
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-id
l_Qm-Xg2fLWMOOssctXWrduUg-swaB1FmCYf1i7sEVTY8mheMLxo4w==
/
trk.xiyfi.com/api/logger/post_interaction/ 		60 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trk.xiyfi.com/api/logger/post_interaction/
Requested by
Host: cdn-ca.xiyfi.com
URL: https://cdn-ca.xiyfi.com/global-scripts/js/elephant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.179.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
c6881be3e42cd8b7eefa99b1582345c8fb1c57314c4cbc35d96a916f0d443a92

Request headers

Referer
https://trk-ca.xiyfi.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 17 Aug 2023 15:03:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.4.16
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfLPwycU7zrSirCrIx3bzhaKL6XfFHsCgw2suujaKsnmKOb2RbhFM9u5sMgX8a2vyfAsCQHmuk73YDR0FkGZoIkuLARZkAndQRI3RFN%2FrZ6yZ2UAjDHgRG2xG5bJKEQJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
7f82cd3b699fa20e-YYZ
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
trk.xiyfi.com/api/logger/post_interaction/ 		60 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trk.xiyfi.com/api/logger/post_interaction/
Requested by
Host: cdn-ca.xiyfi.com
URL: https://cdn-ca.xiyfi.com/global-scripts/js/elephant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.179.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
c6ef020bff818c41cf9101a69413d510ebd8e698c17cc5da836bb8032715bcb8

Request headers

Referer
https://trk-ca.xiyfi.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 17 Aug 2023 15:03:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.4.16
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fbo1jWfOPi8P6E3A5Xlke%2Blo%2FZ%2BuwajdYWNYsag7EvR5Yimf3AeAnT9ZDs%2B%2Bkw%2FePGIXET%2FEPkMkd4dQuQwW9zASXC0IhECpwnTRYypynEiCbdhSGOBxqARG1%2BsMoPoQ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
7f82cd3b69a1a20e-YYZ
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
trk.xiyfi.com/api/logger/post_interaction/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trk.xiyfi.com/api/logger/post_interaction/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.179.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://trk-ca.xiyfi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-requested-with
access-control-allow-methods
GET, POST, DELETE, UPDATE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f82cd39fff0a20e-YYZ
content-encoding
br
content-type
text/html
date
Thu, 17 Aug 2023 15:03:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MRr6xFL3%2Bx2kEvR8zyAQSgaTnhnXLdVRBUbTVy8D8K6xpldCtGUtr%2B1iMmjh0Pv2es7FqAad6EmHU2HkQLmeo76vc7BurIlSg3ARwYe6sYmVg6%2Bm7Wmr%2F%2FA2B2arh6E"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
/
trk.xiyfi.com/api/logger/post_interaction/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trk.xiyfi.com/api/logger/post_interaction/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.179.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://trk-ca.xiyfi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-requested-with
access-control-allow-methods
GET, POST, DELETE, UPDATE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f82cd39fff1a20e-YYZ
content-encoding
br
content-type
text/html
date
Thu, 17 Aug 2023 15:03:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2zq%2BkfwWV%2B4WexU4PFYGXuM%2FUuDpCCC5dDn4VuTWCRUwlQLP68tb5oTl5NjuPr0Wiue%2FSjIFOku%2BWOXVZr1pP4PfXlOQYhebFEQ2TllYxpNyTzrMEA65csgNpskSv95"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
track
trc.pushnami.com/api/push/ 		2 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62792cab399de000134a7e97
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.105.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-105-215.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://trk-ca.xiyfi.com/
accept-language
en-CA,en;q=0.9
key
62792cab399de000134a7e97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 17 Aug 2023 15:03:04 GMT
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
content-length
2
content-type
text/html; charset=utf-8
track
trc.pushnami.com/api/push/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.105.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-105-215.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://trk-ca.xiyfi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
date
Thu, 17 Aug 2023 15:03:04 GMT
/
trk.xiyfi.com/api/logger/post_interaction/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trk.xiyfi.com/api/logger/post_interaction/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.179.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://trk-ca.xiyfi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-requested-with
access-control-allow-methods
GET, POST, DELETE, UPDATE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f82cd3bdecb3905-YYZ
content-encoding
br
content-type
text/html
date
Thu, 17 Aug 2023 15:03:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYAyJXCPPOp1vShQcGYFe3ALPrNeFuDHroHiVJICA2k7bL7KuAK5gyG%2F%2FoDUoIBAQPJBmh9%2B0CIvVILUjmoa8pUIBmgHGkbtzbo0bn5%2FHkyPXM%2FitWHmc8k0F0K7toY9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
/
trk.xiyfi.com/api/logger/post_interaction/ 		60 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trk.xiyfi.com/api/logger/post_interaction/
Requested by
Host: cdn-ca.xiyfi.com
URL: https://cdn-ca.xiyfi.com/global-scripts/js/elephant.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.179.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
6b515bba29a70a59b71f6f896ce835796cdd0ba126f539bec1629a560cfb49ec

Request headers

Referer
https://trk-ca.xiyfi.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 17 Aug 2023 15:03:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.4.16
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=breTpyG4Cw2TBEIxxHrKgWnDR9gkyxfoOaHk502L9pfDmLheEL1vmyzpTS%2F76%2B4pGcfZObIDkSiNKf%2B%2BT%2F6Kl%2FKJppm3Q24zz67oKVg%2FeMppsY0%2FBHBwYRw5d29nVyDw"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
7f82cd3d38c03905-YYZ
expires
Thu, 19 Nov 1981 08:52:00 GMT
hub
api.pushnami.com/scripts/v1/ Frame FFFD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62792cab399de000134a7e97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-65.jfk50.r.cloudfront.net
Software
/
Resource Hash
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

Referer
https://trk-ca.xiyfi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
age
2056
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 14:28:48 GMT
vary
accept-encoding
via
1.1 d0abe8e02f00bbb3378a9a4149801740.cloudfront.net (CloudFront)
x-amz-cf-id
qhQHoSh_M4iMd54Ily5km7EPI9uw5kP_x5Y7jQWGcXdxk31sQq4Ggg==
x-amz-cf-pop
JFK50-P7
x-cache
Hit from cloudfront
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
psp
psp.pushnami.com/api/ 		2 B
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/62792cab399de000134a7e97
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.15.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-15-26.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://trk-ca.xiyfi.com/
accept-language
en-CA,en;q=0.9
key
62792cab399de000134a7e97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://trk-ca.xiyfi.com
date
Thu, 17 Aug 2023 15:03:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
accept-encoding
content-type
text/html; charset=utf-8
psp
psp.pushnami.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.15.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-15-26.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://trk-ca.xiyfi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
key
access-control-allow-methods
POST
access-control-allow-origin
https://trk-ca.xiyfi.com
access-control-expose-headers
content-type, content-length, etag
access-control-max-age
600
cache-control
no-cache
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 17 Aug 2023 15:03:05 GMT
vary
accept-encoding

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture string| assets_domain string| bckLink string| fbckLink function| $ function| jQuery object| Logger function| warn function| error string| baseUrl object| warn_log function| _warn_log object| error_log function| _erro_log function| setCookie function| getCookie function| eraseCookie object| Paypal function| answerReject function| RespondToVisibility function| stattag function| testCall string| log_cat string| fallback_link string| endpoint_redirect string| query function| doExit boolean| isRollbar object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule undefined| o object| mailnami object| Pushnami number| timer number| pulseAdd number| interval function| CrossStorageClient object| pushnamiStorage function| uuid

3 Cookies

Domain/Path Name / Value
trk.kryru.com/ Name: PHPSESSID
Value: pi5cgdgh9g0c0d4blef5fsk6a0
trk-ca.xiyfi.com/ Name: PHPSESSID
Value: rjddin8ogfebeaap7el8fgv1q5-52729
trk-ca.xiyfi.com/ Name: visit
Value: {"1692284583890":{"pl":"833273085"}}

1 Console Messages

Source Level URL
Text
other error URL: https://trk-ca.xiyfi.com/loader_only.php?transaction_id=ac8a91935ade4923ba98601b5576f050&aff_id=4239&sl1=b8a0b11a-870d-d476-fc7f-bb6d31a5d3b4&sl2=zI8qDgHt&sl3=soYUR3Dt&sl4=NDqASAci&zredirect-1692284581=z64de36a5f3792&rc=R-CT-P-SC&pl=833273085&pc_session_id=rjddin8ogfebeaap7el8fgv1q5-52729&sid=rjddin8ogfebeaap7el8fgv1q5-52729&pc_synd_id=fdx_wow_ca_a1_sh387_pp_biz&partner=fdx_wow_ca_a1_sh387_pp_biz&prelander=1
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.pushnami.com
cdn-ca.xiyfi.com
cdnjs.cloudflare.com
dsicover.live
fonts.googleapis.com
fonts.gstatic.com
psp.pushnami.com
trc.pushnami.com
trk-ca.xiyfi.com
trk.kryru.com
trk.xiyfi.com
www.binankle.com
104.17.25.14
104.21.43.126
104.21.43.48
142.250.80.106
142.251.40.99
172.67.179.134
18.164.124.65
185.141.164.35
185.176.221.161
3.224.105.215
34.203.15.26
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
290b1a4f50d2b5d32b9d8bcb6f8369e9bca2372da8604d320903ec8a9cdc058a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b30c445144621c0a699ceb86d9651d5b9f94151b7bfb3fdda0d9f5b6180ed7e
6b515bba29a70a59b71f6f896ce835796cdd0ba126f539bec1629a560cfb49ec
6e20694257cdee19591c605668d73b5f32d67099b4c97d6827184024a049e201
7080e089dab3a0ae988d8605e0228194997e26bbb43079ac5772315032c966a2
73f080060b9b1ceaba549b22a84e5bd0ef64078e0327a42becb1554b714a417e
74c903a2914e8ec72bcbee715cf570add78ce7f7efee2085008eb9d6c0b1dabe
75fda61b6fe4483c08c1f1d8f05876d6a2d96788104900b50fed574c37cf3652
77bdc7fd849a25672e3c844617cd1a64e9141db0b884fab0291b27af3934973c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7edecdbd869f64ec3ec3b09ad60f1735d37b04664bbad566dda002f2b5a02fea
8d4773ada09d3d362bd0eda5e5d872e60ddbc5eeef5103b106c1f50476124f06
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
978cca3cb41f552073f24add2674a6b734268d2d222d87c135a0e9b131aeaae8
aaf3c62d91707d3bb5e75e08a27fbacbb8771ca90ac50da8928d927402b998f1
ad26ec8a3728c7ab759a937b415be68bb65886fb81ac6a3d1c050d2989c512a8
c6881be3e42cd8b7eefa99b1582345c8fb1c57314c4cbc35d96a916f0d443a92
c6ef020bff818c41cf9101a69413d510ebd8e698c17cc5da836bb8032715bcb8
d5d1d94e30886b697e5ea71ac71e37c1dfd3d22a0f90a4dea73393dbfb273eae
f195d77f488e0191e8379591ba731fb1ef3a8eaf9cebddddbec0744d5960b313