dist.adblock-primary.com Open in urlscan Pro
172.67.164.87 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://4370.2477april2024.com/iixHDYE0OwfnZtczvVvMKi5Mm9kRvoHRdqgGO5ufTJ0dYJqUoN4Dp8-HU4BqedaTldlQJ6Jzhv3reuuzHOKnYRyKm6-luL6K...
Effective URL:
https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId...
Submission: On August 23 via api (August 23rd 2024, 4:27:21 am UTC) from US — Scanned from NL

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 6 countries across 10 domains to perform 23 HTTP transactions. The main IP is 172.67.164.87, located in United States and belongs to CLOUDFLARENET, US. The main domain is dist.adblock-primary.com.
TLS certificate: Issued by WE1 on August 13th 2024. Valid for: 3 months.

This is the only time dist.adblock-primary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	88.208.22.1 88.208.22.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	91.209.226.54 91.209.226.54	204601 (ON-LINE-DATA) (ON-LINE-DATA)
2 3	51.68.81.31 51.68.81.31	16276 (OVH) (OVH)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a05:d018:e36... 2a05:d018:e36:3930:79ad:a8c2:ca10:5e73	16509 (AMAZON-02) (AMAZON-02)
1 1	2a04:3542:100... 2a04:3542:1000:910:80c8:eeff:fe8b:1e5b	202053 (UPCLOUD) (UPCLOUD)
1 1	54.196.173.211 54.196.173.211	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.204.193.90 35.204.193.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.58.28.63 52.58.28.63	16509 (AMAZON-02) (AMAZON-02)
18	172.67.164.87 172.67.164.87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	5

1 88.208.22.1 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: mail.armadaboard.com

4370.2477april2024.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.209.226.54 (Netherlands)

ASN204601 (ON-LINE-DATA, NL)
PTR: vm4923262.25ssd.had.wf

tencheckit.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.68.81.31 (United Kingdom) 2 redirects

ASN16276 (OVH, FR)

www.fencsingspade.autos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

t.krampenpampe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:e36:3930:79ad:a8c2:ca10:5e73 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

cddtsecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:3542:1000:910:80c8:eeff:fe8b:1e5b (Madrid, Spain) 1 redirects

ASN202053 (UPCLOUD, FI)

1d6ceb3b060.terrifictc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.196.173.211 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-173-211.compute-1.amazonaws.com

url.giveaff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.193.90 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.193.204.35.bc.googleusercontent.com

tracking.trackingrouter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.28.63 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-63.eu-central-1.compute.amazonaws.com

excellingvista.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.67.164.87 (United States)

ASN13335 (CLOUDFLARENET, US)

dist.adblock-primary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	adblock-primary.com dist.adblock-primary.com	213 KB
3	fencsingspade.autos 2 redirects www.fencsingspade.autos	5 KB
2	tencheckit.xyz tencheckit.xyz	985 B
1	excellingvista.com 1 redirects excellingvista.com — Cisco Umbrella Rank: 390197	453 B
1	trackingrouter.com 1 redirects tracking.trackingrouter.com — Cisco Umbrella Rank: 389089	347 B
1	giveaff.com 1 redirects url.giveaff.com — Cisco Umbrella Rank: 353543	661 B
1	terrifictc.net 1 redirects 1d6ceb3b060.terrifictc.net	622 B
1	cddtsecure.com 1 redirects cddtsecure.com	4 KB
1	krampenpampe.com t.krampenpampe.com	9 KB
1	2477april2024.com 1 redirects 4370.2477april2024.com	556 B
23	10

	Domain	Requested by
18	dist.adblock-primary.com	t.krampenpampe.com dist.adblock-primary.com
3	www.fencsingspade.autos	2 redirects
2	tencheckit.xyz
1	excellingvista.com	1 redirects dist.adblock-primary.com
1	tracking.trackingrouter.com	1 redirects
1	url.giveaff.com	1 redirects
1	1d6ceb3b060.terrifictc.net	1 redirects
1	cddtsecure.com	1 redirects
1	t.krampenpampe.com	www.fencsingspade.autos
1	4370.2477april2024.com	1 redirects
23	10

This site contains no links.

Subject Issuer	Validity	Valid
tencheckit.xyz R11	`2024-08-22` - `2024-11-20`	3 months	crt.sh
www.fencsingspade.autos R10	`2024-07-30` - `2024-10-28`	3 months	crt.sh
krampenpampe.com WE1	`2024-07-13` - `2024-10-11`	3 months	crt.sh
adblock-primary.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true
Frame ID: DAAB6AE774CF44E90179FBE8995DEBF8
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Primary AdBlock

Page URL History Show full URLs

https://4370.2477april2024.com/iixHDYE0OwfnZtczvVvMKi5Mm9kRvoHRdqgGO5ufTJ0dYJqUoN4Dp8-HU4BqedaTldlQJ6Jzhv3r... HTTP 307
https://tencheckit.xyz/go/8286/3?subid2={hostId} Page URL
https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148s1kc6g0082&site=8286&pub_sub_id=%7BhostId%7D Page URL
https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148s1kc6g0082&site=8286&pub_sub_id=%7BhostId%... HTTP 302
https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148s1kc6g0082&site=8286&pub_sub_id=%7BhostId%... HTTP 302
https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=7602333214829881227 Page URL
https://cddtsecure.com/?a=17412&c=238825&s1=24589&s3=371812&s2=24082306_01_371812_bc31260c1c9ac HTTP 302
https://1d6ceb3b060.terrifictc.net/?p=3829&media_type=mainstream&click_id=9a7c1f689d784cb390bdd432f066f4731653b... HTTP 302
https://url.giveaff.com/H32X6C/35RJ39C/?source_id=3829&sub1=641q4dt25cl0reee6w5wsg8ok,17992927,5,3829 HTTP 302
https://tracking.trackingrouter.com/click?pid=793&offer_id=2435398&sub1=d5c01b26658744fb82ad105faed7ed91&sub2=H3... HTTP 302
https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=66c80fa5850f1c000121fd2b&source=79... HTTP 307
https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&f... Page URL

Page Statistics

23
Requests

96 %
HTTPS

20 %
IPv6

10
Domains

10
Subdomains

5
IPs

6
Countries

227 kB
Transfer

545 kB
Size

36
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://4370.2477april2024.com/iixHDYE0OwfnZtczvVvMKi5Mm9kRvoHRdqgGO5ufTJ0dYJqUoN4Dp8-HU4BqedaTldlQJ6Jzhv3reuuzHOKnYRyKm6-luL6KcQUfSLVO_OIZIEIi-EgsEBfOUJJqgA?kws=onlytaboo%2Cgrandma%2Clyly%2Cdoodstream&abl=0&fsb=0&pageUri=https%3A%2F%2Fd000d.com%2Fe%2Fbcqz5d6hmylv&referer=&bdd=...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1 HTTP 307
https://tencheckit.xyz/go/8286/3?subid2={hostId} Page URL
https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148s1kc6g0082&site=8286&pub_sub_id=%7BhostId%7D Page URL
https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148s1kc6g0082&site=8286&pub_sub_id=%7BhostId%7D&eyeg=375c41b1d088b1cf52c53f3e8772f268&eyer=0.31656834016051794&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148s1kc6g0082&site=8286&pub_sub_id=%7BhostId%7D&eyeg=3&eyer=0.31656834016051794&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=7602333214829881227 Page URL
https://cddtsecure.com/?a=17412&c=238825&s1=24589&s3=371812&s2=24082306_01_371812_bc31260c1c9ac HTTP 302
https://1d6ceb3b060.terrifictc.net/?p=3829&media_type=mainstream&click_id=9a7c1f689d784cb390bdd432f066f4731653b&pi=17412 HTTP 302
https://url.giveaff.com/H32X6C/35RJ39C/?source_id=3829&sub1=641q4dt25cl0reee6w5wsg8ok,17992927,5,3829 HTTP 302
https://tracking.trackingrouter.com/click?pid=793&offer_id=2435398&sub1=d5c01b26658744fb82ad105faed7ed91&sub2=H32X6C_3829 HTTP 302
https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=66c80fa5850f1c000121fd2b&source=793_H32X6C_3829 HTTP 307
https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://4370.2477april2024.com/iixHDYE0OwfnZtczvVvMKi5Mm9kRvoHRdqgGO5ufTJ0dYJqUoN4Dp8-HU4BqedaTldlQJ6Jzhv3reuuzHOKnYRyKm6-luL6KcQUfSLVO_OIZIEIi-EgsEBfOUJJqgA?kws=onlytaboo%2Cgrandma%2Clyly%2Cdoodstream&abl=0&fsb=0&pageUri=https%3A%2F%2Fd000d.com%2Fe%2Fbcqz5d6hmylv&referer=&bdd=...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1 HTTP 307
https://tencheckit.xyz/go/8286/3?subid2={hostId}

Request Chain 3

https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148s1kc6g0082&site=8286&pub_sub_id=%7BhostId%7D&eyeg=375c41b1d088b1cf52c53f3e8772f268&eyer=0.31656834016051794&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148s1kc6g0082&site=8286&pub_sub_id=%7BhostId%7D&eyeg=3&eyer=0.31656834016051794&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=7602333214829881227

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

3
tencheckit.xyz/go/8286/
Redirect Chain

https://4370.2477april2024.com/iixHDYE0OwfnZtczvVvMKi5Mm9kRvoHRdqgGO5ufTJ0dYJqUoN4Dp8-HU4BqedaTldlQJ6Jzhv3reuuzHOKnYRyKm6-luL6KcQUfSLVO_OIZIEIi-EgsEBfOUJJqgA?kws=onlytaboo%2Cgrandma%2Clyly%2Cdoodst...
https://tencheckit.xyz/go/8286/3?subid2={hostId}

335 B
815 B

4413ms
65ms

Document
text/html

91.209.226.54
ON-LINE-DATA

General

Check archive.org

Show headers Download Go to

Full URL: https://tencheckit.xyz/go/8286/3?subid2={hostId}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.209.226.54 , Netherlands, ASN204601 (ON-LINE-DATA, NL),
Reverse DNS: vm4923262.25ssd.had.wf
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: identity
Content-Length: 335
Content-Type: text/html; charset=utf-8
Date: Fri, 23 Aug 2024 04:27:15 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 23 Aug 2024 04:27:15 GMT
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 23 Aug 2024 04:27:10 GMT
expires: Fri, 23 Aug 2024 04:27:10 UTC
last-modified: Fri, 23 Aug 2024 04:27:10 UTC
location: https://tencheckit.xyz/go/8286/3?subid2={hostId}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma: no-cache
referrer-policy: no-referrer
server: nginx

GET
H/1.1 200
OK /
www.fencsingspade.autos/ 4 KB
4 KB 120ms
24ms Document
text/html 51.68.81.31
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148s1kc6g0082&site=8286&pub_sub_id=%7BhostId%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.81.31 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-CH: Sec-CH-UA-Platform-Version
Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Fri, 23 Aug 2024 04:27:15 GMT
Transfer-Encoding: chunked

GET
H/1.1 200
OK favicon.ico
tencheckit.xyz/ 0
170 B 52ms
50ms Other
text/html 91.209.226.54
ON-LINE-DATA

General

Check archive.org

Show headers Download Go to

Full URL: https://tencheckit.xyz/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.209.226.54 , Netherlands, ASN204601 (ON-LINE-DATA, NL),
Reverse DNS: vm4923262.25ssd.had.wf
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 23 Aug 2024 04:27:15 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3

200

/ Show response
t.krampenpampe.com/directclick/
Redirect Chain

https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148s1kc6g0082&site=8286&pub_sub_id=%7BhostId%7D&eyeg=375c41b1d088b1cf52c53f3e8772f268&eyer=0.31656834016051794&eyei=0&eyew=1600&eyeh=1...
https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148s1kc6g0082&site=8286&pub_sub_id=%7BhostId%7D&eyeg=3&eyer=0.31656834016051794&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=
https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=7602333214829881227

25 KB
9 KB

315ms
261ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=7602333214829881227
Requested by: Host: www.fencsingspade.autos
URL: https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148s1kc6g0082&site=8286&pub_sub_id=%7BhostId%7D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf04939946aa214a89f03f16590e252aedbfe93f07460ce8645f22219c9b2fe

Request headers

Referer: https://www.fencsingspade.autos/?sl=5836314-07e4d&pub_click_id=148s1kc6g0082&site=8286&pub_sub_id=%7BhostId%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b7859604bab667f-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 23 Aug 2024 04:27:16 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RS8RnrKaHqdlYhbjn2SbfSIRG%2B1WVq1Pq3%2B4aI7r0eLDyzesSsvTa2zUDTOUh2yaZ%2FUzKmhir%2BZrgi4LCWn%2BCmWtMA8kCAr7DlMRDsvHP9FkwEyCehYjzSpyFtCxd1ccBSgLdZc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Cache-Control: no-transform
Connection: keep-alive
Content-Length: 0
Date: Fri, 23 Aug 2024 04:27:15 GMT
Location: https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=7602333214829881227

GET
H3

200

Primary Request / Show response
dist.adblock-primary.com/
Redirect Chain

https://cddtsecure.com/?a=17412&c=238825&s1=24589&s3=371812&s2=24082306_01_371812_bc31260c1c9ac
https://1d6ceb3b060.terrifictc.net/?p=3829&media_type=mainstream&click_id=9a7c1f689d784cb390bdd432f066f4731653b&pi=17412
https://url.giveaff.com/H32X6C/35RJ39C/?source_id=3829&sub1=641q4dt25cl0reee6w5wsg8ok,17992927,5,3829
https://tracking.trackingrouter.com/click?pid=793&offer_id=2435398&sub1=d5c01b26658744fb82ad105faed7ed91&sub2=H32X6C_3829
https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=66c80fa5850f1c000121fd2b&source=793_H32X6C_3829
https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0...

5 KB
3 KB

115ms
66ms

Document
text/html

172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true

Requested by

Host: t.krampenpampe.com
URL: https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=7602333214829881227

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

01ec94d5d9caeec7bee98c3e4bb57e90291861e7a588c78d301ea5e1b655e7f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b78596ad9beb7e8-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 23 Aug 2024 04:27:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xsfSb3hNObNesnW%2B7X0I9%2BGF6PWNW%2FDGwGSiCeizNcLpq%2Fg1ubPQy64Q6YcpnR6PUD%2BjgumATGIPXOLkCCJRpdyEEJ4Td6DBLrgAv34YTAfkvZz5peXQ8oI8RsSkLXFTagKYmuVHSKjNRsg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Next.js

Redirect headers

content-length: 0
date: Fri, 23 Aug 2024 04:27:17 GMT
location: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true
server: Caddy
x-request-id: eb64fb62-c8de-4e5e-acb4-a13ad18d7135

GET
H3 200 9d92a176c9608aa4.css
dist.adblock-primary.com/_next/static/css/ 102 B
616 B 71ms
59ms Stylesheet
text/css 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblock-primary.com/_next/static/css/9d92a176c9608aa4.css

Requested by

Host: dist.adblock-primary.com
URL: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 857420
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Aug 2024 22:48:16 GMT
server: cloudflare
etag: W/"66-19148c726dd"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0FYoXkqLIitxdkY%2FR8DsWFGCEMdqbpu1n0RkVHzumV6MEPnDQqyIF7uBpl7vtJxzqnJMDgcM5e5jMNCVn781Y9bUULfXitIZySpmc1sQ6TN4NvD4Vluw7AWq2CJ6E%2FIXz6srUbbe826MBvk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8b78596b79e4b7e8-AMS

GET
H3 200 b42fed10f560ed80.css
dist.adblock-primary.com/_next/static/css/ 40 KB
27 KB 60ms
48ms Stylesheet
text/css 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblock-primary.com/_next/static/css/b42fed10f560ed80.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bff0a98efb5e3b9e4e49f94ba34573dc5c572bfab22545f84136f5ca8683efcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 106514
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 21 Aug 2024 22:48:11 GMT
server: cloudflare
etag: W/"a134-19177204fa5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oCzUGZAA35KJaq0h0vYAY%2BbTddm%2FxrM6fl%2FAHc%2BbhzUM7T4fnSurgCYPVncxmFz3i4NZwKfHNM342aNQtikPJlUxnNOY8SIhHHq0ujiTii6SwKYNg1hCNeje5JKapCVgTfTaLmfsP2P88VQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8b78596b79e5b7e8-AMS

GET
H3 200 3b35faaf0698860b.css
dist.adblock-primary.com/_next/static/css/ 7 KB
2 KB 70ms
58ms Stylesheet
text/css 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblock-primary.com/_next/static/css/3b35faaf0698860b.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fee51c7405e4048e7997f0123105b2b6fc880de07cf1a2690d97551e80bdf66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 106514
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 21 Aug 2024 22:48:11 GMT
server: cloudflare
etag: W/"1c01-19177204fa5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E5RGCLSmUP1lTZNtGtaP9Hx4y75c1F8f%2Fwjl5UoCV0Lo%2BjNY4pP89158Fm%2FLsE5SblMPvuiUyAzDOlZfSKQvdUGEAfW1aC05nOUougInzJt60weNf6hjv9766pnCVtBEsJ6apPAx2WqkeMA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8b78596b79e6b7e8-AMS

GET
H3 200 6596.49279a519f741c62.js Show response
dist.adblock-primary.com/_next/static/chunks/ 11 KB
5 KB 39ms
30ms Script
application/javascript 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblock-primary.com/_next/static/chunks/6596.49279a519f741c62.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746be7f6ddfc408be0a6c39ba9e4d57e999e6a2af23cf8ac80dbdfbfc2647cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 106514
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 21 Aug 2024 22:48:11 GMT
server: cloudflare
etag: W/"2d97-19177204fa9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KIC2lYr5X8ypA8k%2BYUi8u%2BJz4iMeOxA7l5570meoHgcNqVhW%2Fozz3raVqpwc3GykvhxGOPvz9%2FrziOSGGYv4nWSKHQZw6APbRALhZFeciFe13ioYgm2PVVIN0vL0fOOr32RoZSBJVxtQaEA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8b78596bc9f9b7e8-AMS

GET
H3 200 webpack-f75ff8d58b67b2d5.js Show response
dist.adblock-primary.com/_next/static/chunks/ 13 KB
7 KB 38ms
29ms Script
application/javascript 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblock-primary.com/_next/static/chunks/webpack-f75ff8d58b67b2d5.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b236b6825f027f327304d228852a468dabcfa07d8d02778d35a6c20d445d263

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 106514
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 21 Aug 2024 22:48:11 GMT
server: cloudflare
etag: W/"33c4-19177204fa9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCeedsTlzc6yRr9F0Whxh6thxk6WTBcG0Eye%2B2CsLblIlon2DfhOYb%2Bh7yCwTQ%2BtS47jKOt4R2E5iAb6W6hZg45Uw0itUeRarNaBIaK%2Fskb%2BR3fnDd2xN%2F4llk6yGr3AqRyRMeJjE7mEyo8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8b78596bc9feb7e8-AMS

GET
H3 200 framework-3671d8951bf44e4e.js Show response
dist.adblock-primary.com/_next/static/chunks/ 138 KB
45 KB 38ms
29ms Script
application/javascript 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblock-primary.com/_next/static/chunks/framework-3671d8951bf44e4e.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1845c289c582dd2b58a3ab7f8eadb695ebabbfe7a2685e5f9012ae16e0541580

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 857527
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Aug 2024 22:48:16 GMT
server: cloudflare
etag: W/"226fd-19148c726dd"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7VaeInRINC%2F0BrxQVEmI1%2BSoE7e5WXMT%2FAM3Cm5hvydW%2BE2qD%2BQKocrj8q69Wjs07HQWlgGyYJLQwB0t%2BqTdSTdXn1%2B4ZJJC7D7mQFebcqT3mstD9sOVJmIiO3gj3cP%2BNbfJkCEUqvP%2FhW4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8b78596bca01b7e8-AMS

GET
H3 200 main-403c8612371c9360.js Show response
dist.adblock-primary.com/_next/static/chunks/ 87 KB
27 KB 55ms
46ms Script
application/javascript 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblock-primary.com/_next/static/chunks/main-403c8612371c9360.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0514cea519259a90ef195e663ef8f544520a3b08a3e3986179e7e43a56cfba1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 857527
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Aug 2024 22:48:16 GMT
server: cloudflare
etag: W/"15cff-19148c726dd"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oFCqywDXgviACKrU4%2FDGTEJ1c9obMN0e%2FF8vC3PP3aL0%2Bl9FN%2FpYRKlWt8uHA2KKKVrpDR3m1VzErImp77OjYQcIYMsfMTZY7hpH46%2B1lu6nd%2BTLPVcmIbGiIgiotJWICZoS8eTi1e8o%2FvE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8b78596bca06b7e8-AMS

GET
H3 200 _app-2a04a395fe20dbbc.js Show response
dist.adblock-primary.com/_next/static/chunks/pages/ 21 KB
9 KB 73ms
64ms Script
application/javascript 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblock-primary.com/_next/static/chunks/pages/_app-2a04a395fe20dbbc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ead0117ac257e451c417e56f9d7232e00da4187040f625d4dfcc8cfc807fa23

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 106514
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 21 Aug 2024 22:48:11 GMT
server: cloudflare
etag: W/"5526-19177204fa9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Za8Phg%2BeFJSjTHH091slmJ3sGZzDF86MmCAGscdaxrRgAc51SGt4JFPN3qhIrV3pkV%2FwD27WGTx2MDSkzLHvoDjksnNXWAmrUTO2eeCkqP8iw4vaBsYiV7HtxjH4Ge0o1pbL0PhnQxIiQdA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8b78596bca09b7e8-AMS

GET
H3 200 7928-0d56735a240d079d.js Show response
dist.adblock-primary.com/_next/static/chunks/ 110 KB
37 KB 72ms
64ms Script
application/javascript 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblock-primary.com/_next/static/chunks/7928-0d56735a240d079d.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60ecc4d407a7dfe437e23a6f855f53775c79f0e07ff11e43567e216d627fb7a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 106514
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 21 Aug 2024 22:48:11 GMT
server: cloudflare
etag: W/"1b9ca-19177204fa5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pMWHLIxljfnBniUgZy%2B70OXqsI%2B04voj4qQM9aEJ%2F60JUvlJjduK8JYD57jWb2Dwsupq7c6R4OwIWtVvdd6%2BsE2%2FZ93B0v95vlqaWzNyRC8VVcL13DyslvWBPbvrtRLayKbW%2FeGuP8q%2FfZ4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8b78596bca0ab7e8-AMS

GET
H3 200 index-d7eb60207bb1dfec.js Show response
dist.adblock-primary.com/_next/static/chunks/pages/ 25 KB
10 KB 74ms
66ms Script
application/javascript 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblock-primary.com/_next/static/chunks/pages/index-d7eb60207bb1dfec.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

086f7bbe9c861caf18202638f9f31a92391e80612ffc493c701431406b00f2dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 106514
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 21 Aug 2024 22:48:11 GMT
server: cloudflare
etag: W/"62ed-19177204fa9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KkSO8O%2FVRCWKFDyiNzuxtEmiQf5cKrmJiVaAD%2BS2xEX8g9Ijx8spYRmLx4n%2Fp4Igdt4uf5IdSgAMnxmOuu8Nglh%2F97c0Q6%2Bcdc995wsd9fhQOxCLUeimnTn3xCj9HTLARrsFKt5UmlDrwqw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8b78596bca0bb7e8-AMS

GET
H3 200 _buildManifest.js Show response
dist.adblock-primary.com/_next/static/ZoPv4Crqm-jzipD26wZF6/ 1 KB
1 KB 89ms
81ms Script
application/javascript 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblock-primary.com/_next/static/ZoPv4Crqm-jzipD26wZF6/_buildManifest.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a605aa49bf35a3237d53a20f6e1e7f136a3c292473744521420165b7cf918959

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 106514
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 21 Aug 2024 22:48:11 GMT
server: cloudflare
etag: W/"40a-19177204fa5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXAqN%2B1HqGDourm%2BsppOP74d0Fm%2FcrOOTyPFC%2FEouPLTlKTrDi99W7b290aPZkYO46o3S%2FeLJssNhSGRdHWrGUYEL4gm3ghCax42gF1V4clvSdVpv1jV%2FIFPLvFy6Gj4wsrEKV1tn9Z36XA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8b78596bca0cb7e8-AMS

GET
H3 200 _ssgManifest.js Show response
dist.adblock-primary.com/_next/static/ZoPv4Crqm-jzipD26wZF6/ 77 B
605 B 94ms
87ms Script
application/javascript 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblock-primary.com/_next/static/ZoPv4Crqm-jzipD26wZF6/_ssgManifest.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 106514
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 21 Aug 2024 22:48:11 GMT
server: cloudflare
etag: W/"4d-19177204fa5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=45x%2ForrZTKKQ4QlRvlYc8xRNi6r052TpCvcV9VloFUzJbx%2BkDN6ivHdlsl4S1Zgfd%2B7494aS%2BV%2F9hYLlqDt21r479xHMm5jZl0ySSuENJyPVMaKW%2BtBaJbqxkA%2BahDyIUyelEl9iIkjxQCI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 8b78596bca0db7e8-AMS

GET
H3 200 icon.svg
dist.adblock-primary.com/images/promo-images/salmon/ 3 KB
2 KB 60ms
59ms Image
image/svg+xml 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dist.adblock-primary.com/images/promo-images/salmon/icon.svg

Requested by

Host: dist.adblock-primary.com
URL: https://dist.adblock-primary.com/_next/static/css/3b35faaf0698860b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4abf215f3a2e97a09a6bbbcce397edebe274eb2f4d30017d51538db5d8ce8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/_next/static/css/3b35faaf0698860b.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 21 Aug 2024 22:48:02 GMT
server: cloudflare
etag: W/"a60-19177202c81"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HAkHFZmleeHPHNgPgzl24EebH7OILJKYwaq5Xavqcpf3BiiTXgoVo9fPpHcualGonVnHNSXAzYC1aaKY4Dn2TeucX81SWQ9JzRcYCA3bVes%2BFvPCKJIlWlrNQYUgUETBzX2yBh5eWVjgkCM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8b78596bfa17b7e8-AMS

GET
H3 200 available-in-chrome.svg
dist.adblock-primary.com/images/browser-icons/ 12 KB
5 KB 60ms
59ms Image
image/svg+xml 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dist.adblock-primary.com/images/browser-icons/available-in-chrome.svg

Requested by

Host: dist.adblock-primary.com
URL: https://dist.adblock-primary.com/_next/static/css/b42fed10f560ed80.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed7d9565486a66ea74ca2944c02ba502f78fd8e56052a18c9407d61d7442460f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/_next/static/css/b42fed10f560ed80.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 21 Aug 2024 22:48:02 GMT
server: cloudflare
etag: W/"309d-19177202c65"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s5yUscWFDLoTtr94Gb5BwFr8ahhi2wBRnb944l%2BloP6%2Bw9tCy%2FPPdiEyGAeJqvzK8B2kfngmi8n992bjRAKWZZQFzRn4FlqwvR%2FDcbKrXyzyuQ%2FP1%2BIxH7RiGQYB%2BLRaNZyuaINihPt2ByI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8b78596bfa18b7e8-AMS

GET
H3 200 da897b99eb1fe4a1.p.woff2
dist.adblock-primary.com/_next/static/media/ 13 KB
14 KB 39ms
30ms Font
font/woff2 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblock-primary.com/_next/static/media/da897b99eb1fe4a1.p.woff2

Requested by

Host: dist.adblock-primary.com
URL: https://dist.adblock-primary.com/_next/static/css/3b35faaf0698860b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e637574ec102b93795e00daaa92eebdacf1dcee9133b123fb9b56ea8eaf7e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/_next/static/css/3b35faaf0698860b.css
Origin: https://dist.adblock-primary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 857420
alt-svc: h3=":443"; ma=86400
content-length: 13432
last-modified: Mon, 12 Aug 2024 22:48:16 GMT
server: cloudflare
etag: W/"3478-19148c726e1"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qOtgkqNhn4nFKZhYYSw%2F9MBR530c0jkfH1Q7X5VfyRSyerkRJbf9ueAM4iuQyqsITBi2i%2FIZDjNqmoXM0G2AFadBWgLTGehhPCa1JuaIdeZjosjHJHHPOd9y4wtI8Y9nxwqVk9kV34jmb%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8b78596c4a27b7e8-AMS

GET
H3 200 120a5a1920781bd0.p.woff2
dist.adblock-primary.com/_next/static/media/ 13 KB
14 KB 39ms
30ms Font
font/woff2 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblock-primary.com/_next/static/media/120a5a1920781bd0.p.woff2

Requested by

Host: dist.adblock-primary.com
URL: https://dist.adblock-primary.com/_next/static/css/3b35faaf0698860b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/_next/static/css/3b35faaf0698860b.css
Origin: https://dist.adblock-primary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 857420
alt-svc: h3=":443"; ma=86400
content-length: 13388
last-modified: Mon, 12 Aug 2024 22:48:16 GMT
server: cloudflare
etag: W/"344c-19148c726e1"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twJ7M1alcOVLc9WZGiOUBybH%2Ba1rALsU0cUD83kOXVD3xkL01OltqKeZSPN%2FvDQzdXAHLNrpXunhyi4B6I0R9riBV9AqYIGljzQ%2BVtj6FL1gMm%2FjIBv7MrUb8XfmZLtYPo%2Ff6tQ9ez1OE%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8b78596c4a29b7e8-AMS

GET click
excellingvista.com/ 0
0

GET
H3 200 favicon.ico
dist.adblock-primary.com/images/extension-icons/primary-adblock/ 15 KB
5 KB 47ms
47ms Other
image/x-icon 172.67.164.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dist.adblock-primary.com/images/extension-icons/primary-adblock/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dc86bcb63b4c5f30ab4a584acceca2f83aa7da547791e47e87e28f21f6675f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 21 Aug 2024 22:48:02 GMT
server: cloudflare
etag: W/"3c2e-19177202c6d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/x-icon
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IvEfw%2FfOgRUQXAeo58Kd1taXXNWucr%2BpOegkt%2FT4tKmKiUTOKBm6rjs5OWGc0peq7nkyjGKHNPaTdrJMoWws%2FZjqAMQ3TWeqoJwaCO%2B874AeW3i%2FUHXCgC0nFxTdKxPMLkOq2WMPkKQYXDg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8b78596d3a44b7e8-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: excellingvista.com
URL: https://excellingvista.com/click?upd_clickid=cr40v9b2r96s73a7e5n0&add_event6=1

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tencheckit.xyz/	1970-01-20 23:00:57	Name: mobitck Value: 1
.krampenpampe.com/	1970-01-21 07:45:23	Name: checkkeks Value: 1
.krampenpampe.com/	1970-01-20 23:01:13	Name: eTag Value: e25a0b96b09b53dab01c4fdf675f0d72
.krampenpampe.com/	1970-01-21 07:45:23	Name: ck_uniques Value: 1724473634%3A24589-115227
.krampenpampe.com/	1970-01-21 07:45:23	Name: ck_uniquesPa Value: 1724473634%3A103655
.krampenpampe.com/	1970-01-20 23:01:13	Name: ck_sys_uniques_3 Value: 1
.krampenpampe.com/	1970-01-20 23:01:13	Name: u_current_ads_view Value: 103655----
.cddtsecure.com/	1970-01-21 01:09:23	Name: gdm_suid_v1_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ==
.cddtsecure.com/	1970-01-21 01:09:23	Name: gdm_click_freq_v2_1_001 Value: eYIN9Q4iC2bqWLzCP8g4H33gimPeKZ8T8NO1ZZUj7WnoQbME/r3L6p9rwBNtqK3z
.cddtsecure.com/	1970-01-21 01:09:23	Name: gdm_uid_v2_1_001 Value: Epz20I6MtRWQ1o+g2fhJpUTYUr64KBD3ILGaznxmXl7MCgMxZccXdQpCSzPdGLL/
.cddtsecure.com/	1970-01-21 01:09:23	Name: gdm_uid_v1_1_001 Value: Epz20I6MtRWQ1o+g2fhJpUTYUr64KBD3ILGaznxmXl7MCgMxZccXdQpCSzPdGLL/
.cddtsecure.com/	1970-01-21 01:09:23	Name: gdm_sid_v1_3_001 Value: BJ2V8am9TzlWJobi7bo7hXEArG2zZ+2o5YD7kmQnk6nLTa3U3fPoumFdcGYzCvcPNq6wuJojGFvggIEKGZA6hecMjp0SG/wGTDBHwjauoJ6tAQzTcMZqyMTM2XX6qvvtC/s9iqubzAlLmQmio63NnrC0kjf2JxNUPX/N7yTfGlBd1ESkNDM4+Bm2UmPQnVAiEwSIkF5764jovAPpBZ75dOlp1yGHPwQronLM5ehzEkb8+cazNg2bvTCYg1HtIZ12GFG1yiE0B8gIH4LLb/He/tFSFm2FvtpSJCE6HcbVYgYe2PYKkck0qlORb9EJLo7O5HadxrL2zSkOtkoZGt4A/osEKkEMzuQZNUQ4dG1jrDSWwZjtY9B+hPbuO1brhSCdYrLu8E/QunvD4g0WuPm235bSgWkDHH+jVXKItUMDeVzvFItYnlLE9w/FowkQRIk+fs4mqmBKYn4bsWMY431aHJYJ0SmTmIkXtCJRbF7qCJDLp1OZl8edu0snGIZDiu7T/+KdklJqxhGKjQmHVsKLa/0LIzk7bIa12wPwxC9jqmdGgE6yZN2AkrXdsWrlT30169Kr++0hZ5wXz1GQh+jbsbGjaYb04StpQyiF9szf3VvCGEKEjZx6hL0Hq6ZTmANv+x3YCEWEkVSj+k0Cp7lalS/AoHx/R9Wf+jZJTR9ZCK5vXKmU+Kjpew1kw0eMgko4DryWLOhWuPLPw7K+Jwo1UTUHiqqjV02OHiBhLclS+s9efDn3fXryOdOYWJ+CyfTkI5cm+XyPNauohlkEW17OLi1k79LRIzP65i1pLKiwvSnXyG8cfhBUO8NqB1QmWOrCtrx6icVPo9SWR7CiFchqhCURC+aTFxi39PnYrvHoVFn8nUgqhk5eScvZFRxvZ4Cpyk+zL1luebMUwdZy9HgdDQAttQcWFzi0FgkXfAmeYtWwCjJW1gVrEEbff55MtAlPFJoxbqcWJ1sKDs9PNtgoO6/Hf/OvX/v7gnU3WcaRx8NfIahhR7C8PCW+0tPHU6TKaF0kS9XfX2OIfY9AHZIDHR+jj0vNrzpMX7Pt/9V0fGJfvZg0jAJ39SnW0aBRMIpW5RXDVRXFNVUOQBL6aolrqlYDSjVL01G0A2LcTNLOXY0=
.cddtsecure.com/	1970-01-21 01:09:23	Name: gdm_click_freq_v1_1_001 Value: eYIN9Q4iC2bqWLzCP8g4H33gimPeKZ8T8NO1ZZUj7WnoQbME/r3L6p9rwBNtqK3z
.cddtsecure.com/	1970-01-21 01:09:23	Name: gdm_click_adv_freq_v1_1_001 Value: Noe/5evDT0YYJOp2kg0BweAsFTd/g5O82yH6JBkJX0Ek6FUCUlxiV+iiwvf4JsWI
.cddtsecure.com/	1970-01-21 01:09:23	Name: gdm_suid_v2_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ==
.cddtsecure.com/	1970-01-21 01:09:23	Name: gdm_sid_v2_3_001 Value: BJ2V8am9TzlWJobi7bo7hXEArG2zZ+2o5YD7kmQnk6nLTa3U3fPoumFdcGYzCvcPNq6wuJojGFvggIEKGZA6hecMjp0SG/wGTDBHwjauoJ6tAQzTcMZqyMTM2XX6qvvtC/s9iqubzAlLmQmio63NnrC0kjf2JxNUPX/N7yTfGlBd1ESkNDM4+Bm2UmPQnVAiEwSIkF5764jovAPpBZ75dOlp1yGHPwQronLM5ehzEkb8+cazNg2bvTCYg1HtIZ12GFG1yiE0B8gIH4LLb/He/tFSFm2FvtpSJCE6HcbVYgYe2PYKkck0qlORb9EJLo7O5HadxrL2zSkOtkoZGt4A/osEKkEMzuQZNUQ4dG1jrDSWwZjtY9B+hPbuO1brhSCdYrLu8E/QunvD4g0WuPm235bSgWkDHH+jVXKItUMDeVzvFItYnlLE9w/FowkQRIk+fs4mqmBKYn4bsWMY431aHJYJ0SmTmIkXtCJRbF7qCJDLp1OZl8edu0snGIZDiu7T/+KdklJqxhGKjQmHVsKLa/0LIzk7bIa12wPwxC9jqmdGgE6yZN2AkrXdsWrlT30169Kr++0hZ5wXz1GQh+jbsbGjaYb04StpQyiF9szf3VvCGEKEjZx6hL0Hq6ZTmANv+x3YCEWEkVSj+k0Cp7lalS/AoHx/R9Wf+jZJTR9ZCK5vXKmU+Kjpew1kw0eMgko4DryWLOhWuPLPw7K+Jwo1UTUHiqqjV02OHiBhLclS+s9efDn3fXryOdOYWJ+CyfTkI5cm+XyPNauohlkEW17OLi1k79LRIzP65i1pLKiwvSnXyG8cfhBUO8NqB1QmWOrCtrx6icVPo9SWR7CiFchqhCURC+aTFxi39PnYrvHoVFn8nUgqhk5eScvZFRxvZ4Cpyk+zL1luebMUwdZy9HgdDQAttQcWFzi0FgkXfAmeYtWwCjJW1gVrEEbff55MtAlPFJoxbqcWJ1sKDs9PNtgoO6/Hf/OvX/v7gnU3WcaRx8NfIahhR7C8PCW+0tPHU6TKaF0kS9XfX2OIfY9AHZIDHR+jj0vNrzpMX7Pt/9V0fGJfvZg0jAJ39SnW0aBRMIpW5RXDVRXFNVUOQBL6aolrqlYDSjVL01G0A2LcTNLOXY0=
.cddtsecure.com/	1970-01-21 01:09:23	Name: gdm_click_adv_freq_v2_1_001 Value: Noe/5evDT0YYJOp2kg0BweAsFTd/g5O82yH6JBkJX0Ek6FUCUlxiV+iiwvf4JsWI
.1d6ceb3b060.terrifictc.net/	1970-01-20 22:59:47	Name: rts-trck Value: 1
.terrifictc.net/	1970-01-21 08:35:47	Name: t-uuid Value: 641q4dt28kaxwtgo1dz408ccg
.terrifictc.net/	1970-01-20 22:59:47	Name: traffic-back Value: ok
tracking.trackingrouter.com/	1970-01-21 07:45:23	Name: afclick Value: 66c80fa5850f1c000121fd2b
tracking.trackingrouter.com/	1970-01-21 07:45:23	Name: afoffers Value: {"2435398":1724387237}
excellingvista.com/	1970-01-21 07:45:23	Name: uclick Value: yr/fnVwPPYo1g+KnaGCYvhIV2rhm5yWekDohdDUCghiSmBPw10TMvXhDNIxa0LRf6XiOVYI=
excellingvista.com/	1970-01-21 07:45:23	Name: bcid Value: cr40v9b2r96s73a7e5n0
excellingvista.com/	1970-01-21 07:45:23	Name: cid Value: cr40v9b2r96s73a7e5n0
.adblock-primary.com/	1970-01-21 08:35:47	Name: extension Value: primary_adb
.adblock-primary.com/	1970-01-21 08:35:47	Name: promo Value: salmon
.adblock-primary.com/	1970-01-21 08:35:47	Name: big Value: none
.adblock-primary.com/	1970-01-21 08:35:47	Name: clk_domain Value: excellingvista.com
.adblock-primary.com/	1970-01-21 08:35:47	Name: flow Value: binom
.adblock-primary.com/	1970-01-21 08:35:47	Name: campaignId Value: 10659
.adblock-primary.com/	1970-01-21 08:35:47	Name: trafficsource Value: 29
.adblock-primary.com/	1970-01-21 08:35:47	Name: src Value: 793_H32X6C_3829
.adblock-primary.com/	1970-01-21 08:35:47	Name: cid Value: cr40v9b2r96s73a7e5n0
.adblock-primary.com/	1970-01-21 08:35:47	Name: lpkey Value: 17243d1837aea720d4a836a1762f48b46338687537
.adblock-primary.com/	1970-01-21 08:35:47	Name: isV2 Value: true

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://dist.adblock-primary.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=793_H32X6C_3829&cid=cr40v9b2r96s73a7e5n0&lpkey=17243d1837aea720d4a836a1762f48b46338687537&isV2=true Message: Access to XMLHttpRequest at 'https://excellingvista.com/click?upd_clickid=cr40v9b2r96s73a7e5n0&add_event6=1' from origin 'https://dist.adblock-primary.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://excellingvista.com/click?upd_clickid=cr40v9b2r96s73a7e5n0&add_event6=1 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d6ceb3b060.terrifictc.net
4370.2477april2024.com
cddtsecure.com
dist.adblock-primary.com
excellingvista.com
t.krampenpampe.com
tencheckit.xyz
tracking.trackingrouter.com
url.giveaff.com
www.fencsingspade.autos
excellingvista.com
172.67.164.87
188.114.96.3
2a04:3542:1000:910:80c8:eeff:fe8b:1e5b
2a05:d018:e36:3930:79ad:a8c2:ca10:5e73
35.204.193.90
51.68.81.31
52.58.28.63
54.196.173.211
88.208.22.1
91.209.226.54
01ec94d5d9caeec7bee98c3e4bb57e90291861e7a588c78d301ea5e1b655e7f4
0514cea519259a90ef195e663ef8f544520a3b08a3e3986179e7e43a56cfba1a
086f7bbe9c861caf18202638f9f31a92391e80612ffc493c701431406b00f2dd
0b236b6825f027f327304d228852a468dabcfa07d8d02778d35a6c20d445d263
0e637574ec102b93795e00daaa92eebdacf1dcee9133b123fb9b56ea8eaf7e14
1845c289c582dd2b58a3ab7f8eadb695ebabbfe7a2685e5f9012ae16e0541580
2dc86bcb63b4c5f30ab4a584acceca2f83aa7da547791e47e87e28f21f6675f4
2ead0117ac257e451c417e56f9d7232e00da4187040f625d4dfcc8cfc807fa23
60ecc4d407a7dfe437e23a6f855f53775c79f0e07ff11e43567e216d627fb7a5
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
746be7f6ddfc408be0a6c39ba9e4d57e999e6a2af23cf8ac80dbdfbfc2647cbd
7fee51c7405e4048e7997f0123105b2b6fc880de07cf1a2690d97551e80bdf66
9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10
a4abf215f3a2e97a09a6bbbcce397edebe274eb2f4d30017d51538db5d8ce8bb
a605aa49bf35a3237d53a20f6e1e7f136a3c292473744521420165b7cf918959
bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0
bff0a98efb5e3b9e4e49f94ba34573dc5c572bfab22545f84136f5ca8683efcb
cdf04939946aa214a89f03f16590e252aedbfe93f07460ce8645f22219c9b2fe
ed7d9565486a66ea74ca2944c02ba502f78fd8e56052a18c9407d61d7442460f

dist.adblock-primary.com Open in urlscan Pro 172.67.164.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

23 Requests

96 %HTTPS

20 %IPv6

10 Domains

10 Subdomains

5 IPs

6 Countries

227 kBTransfer

545 kBSize

36 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

36 Cookies

2 Console Messages

Indicators

dist.adblock-primary.com Open in urlscan Pro
172.67.164.87 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

20 %
IPv6

10
Domains

10
Subdomains

5
IPs

6
Countries

227 kB
Transfer

545 kB
Size

36
Cookies

23 HTTP transactions
0 data transactions