urlscan.io logo urlscan.io
SecurityTrails logo

dist.primary-adblocking.com Open in urlscan Pro
2606:4700:3033::6815:47fe  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://eu5qwt3o.beauty/offer/50?cid=21&imp=bsuieddmgpntr1721222371418
Effective URL: https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId...
Submission: On July 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 4 countries across 6 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3033::6815:47fe, located in United States and belongs to CLOUDFLARENET, US. The main domain is dist.primary-adblocking.com.
TLS certificate: Issued by WE1 on July 15th 2024. Valid for: 3 months.
This is the only time dist.primary-adblocking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.82.124.168 14618 (AMAZON-AES)
1 1 2a05:d018:e36... 16509 (AMAZON-02)
2 3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 35.204.193.90 396982 (GOOGLE-CL...)
1 1 52.58.28.63 16509 (AMAZON-02)
18 2606:4700:303... 13335 (CLOUDFLAR...)
20 3
1    54.82.124.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-124-168.compute-1.amazonaws.com
eu5qwt3o.beauty
1    2a05:d018:e36:3910:d147:59ce:ad00:b71c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
cddtsecure.com
3    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
adspredictiv.com
1    35.204.193.90 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.193.204.35.bc.googleusercontent.com
tracking.trackingshub.com
1    52.58.28.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-63.eu-central-1.compute.amazonaws.com
excellingvista.com
18    2606:4700:3033::6815:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
dist.primary-adblocking.com
Apex Domain
Subdomains		 Transfer
18 primary-adblocking.com
dist.primary-adblocking.com
207 KB
3 adspredictiv.com
adspredictiv.com
6 KB
1 excellingvista.com
excellingvista.com — Cisco Umbrella Rank: 390197
466 B
1 trackingshub.com
tracking.trackingshub.com — Cisco Umbrella Rank: 348424
356 B
1 cddtsecure.com
cddtsecure.com
4 KB
1 eu5qwt3o.beauty
eu5qwt3o.beauty
449 B
20 6
Domain Requested by
18 dist.primary-adblocking.com adspredictiv.com
dist.primary-adblocking.com
3 adspredictiv.com 2 redirects
1 excellingvista.com 1 redirects dist.primary-adblocking.com
1 tracking.trackingshub.com 1 redirects
1 cddtsecure.com 1 redirects
1 eu5qwt3o.beauty 1 redirects
20 6

This site contains no links.

Subject Issuer Validity Valid
adspredictiv.com
WE1		 2024-06-25 -
2024-09-23		 3 months crt.sh
primary-adblocking.com
WE1		 2024-07-15 -
2024-10-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
Frame ID: A996250B7894680105BD8C3BA93DD987
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Primary AdBlock

Page URL History Show full URLs

  1. http://eu5qwt3o.beauty/offer/50?cid=21&imp=bsuieddmgpntr1721222371418 HTTP 307
    https://eu5qwt3o.beauty/offer/50?cid=21&imp=bsuieddmgpntr1721222371418 HTTP 302
    https://cddtsecure.com/?a=155391&c=337952&co=204047&mt=7&s1=g&s2=bsuieddmgpntr1721222371418&s3=d HTTP 302
    https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=730204381cd64a33bcff6aaa481b88c820999&su... Page URL
  2. https://adspredictiv.com/jump/next.php?stamat=m%257Cd3t2I2t3aQdH8AH0dEdHP3xP.4c2%252CTwuhcE9ytvGl4nFR... HTTP 302
    https://adspredictiv.com/script/i.php?t=1&c=23745574&stamat=m%257C%252C%252Cg3YTojavoGU3Bv_GH0dEdHP3x... HTTP 302
    https://tracking.trackingshub.com/click?pid=6&offer_id=2435338&sub1=172142876310000TDETV62001Rac8R20R3d00R1012... HTTP 302
    https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=669aeb1b2b2ab8000120e50a&source=6_... HTTP 307
    https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&f... Page URL

Page Statistics

20
Requests

95 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

3
IPs

4
Countries

211 kB
Transfer

517 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://eu5qwt3o.beauty/offer/50?cid=21&imp=bsuieddmgpntr1721222371418 HTTP 307
    https://eu5qwt3o.beauty/offer/50?cid=21&imp=bsuieddmgpntr1721222371418 HTTP 302
    https://cddtsecure.com/?a=155391&c=337952&co=204047&mt=7&s1=g&s2=bsuieddmgpntr1721222371418&s3=d HTTP 302
    https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=730204381cd64a33bcff6aaa481b88c820999&sub1=155391&sub2=g Page URL
  2. https://adspredictiv.com/jump/next.php?stamat=m%257Cd3t2I2t3aQdH8AH0dEdHP3xP.4c2%252CTwuhcE9ytvGl4nFRHB_Ai_s-mlABFntchTzo96_d71nm-YrFntijGBe2eO8epAAQ7t1fMFRg49YB_E2hVVG2_wOXaUqtdE5qpmJi37myZO7RKuRquLxlGkIhSWgYUrHv&cbpage=https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=730204381cd64a33bcff6aaa481b88c820999&sub1=155391&sub2=g&cbur=0.9786102604252973&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200-120de-DE81124%20bits HTTP 302
    https://adspredictiv.com/script/i.php?t=1&c=23745574&stamat=m%257C%252C%252Cg3YTojavoGU3Bv_GH0dEdHP3xP.f57%252C8MskbAJw5vmPsKnbQfZ5_rnYyxz_-7gKNiAyHXvmBy_nh9ZNBQeeYfz9aQelXWcrc9B6yHbhAytJut-H_xLlYNL1sXABqm4NQrhO8vuDY6PMWBAbv6mlQ7rW5YCWU4LTI8Iyff5D2TRYBUKE_gAR6EQdmSVfAQoLKUpWoWWlCAHs6ZsnILQ302oRRQvlRqDxUFlmmQWkS0umNx4f2SU4IsR1GvfCrm8wdCn_XsDJ9ZsueUyWGQ2HRS93SeKxYrywlv4JQvClCoKA8paxEzOWcsGjB_e8vNY18g73uXvLwy24_R4B6KnhzDwras6HYqS00SxhiStNIMG4bJvuBBAbhuVMj6dbfFtfm6EhFCGLNWg78qBKF1g-ZWtpl8_CFnlctierCfjQhIsjYwRmKK_Mz15NHe61DfoCsgnvWdf5y9tX-SeEqiuIetqU0TnxIYUVTBki8qSmetbPC1uGeTZ9tiHly71oZUgrheZXOYVjn9i8tqgoDxPRNnQloky0FS-My9ajkOaOtgb1_RjF6YVAVfTB0HVPyO15j4r1VGl4WgXOWK2shdbVnDy3jjhIzIB--Ra4R5gmTtZvnLoKJ4AoBLPuxmt3ysA85UK9sERWSDcItEIWO2N6MhHNuCHdwSKV5iVar7htyJ-9vZnsxsUrwRXWbmUfWFIpzPlFmPbnz1e2h2QzWM8uHTxapzfyFF7iqqmsx74QDfq9nhxWU75cekUdAOX0uBn7IpHnYl3XHozsGAxgIZfHNkP8dvOaGMGi HTTP 302
    https://tracking.trackingshub.com/click?pid=6&offer_id=2435338&sub1=172142876310000TDETV62001Rac8R20R3d00R1012R8d84Ref49R81286V25b3c&sub2=6536598-2846334087-30677878 HTTP 302
    https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=669aeb1b2b2ab8000120e50a&source=6_6536598-2846334087-30677878 HTTP 307
    https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://eu5qwt3o.beauty/offer/50?cid=21&imp=bsuieddmgpntr1721222371418 HTTP 307
  • https://eu5qwt3o.beauty/offer/50?cid=21&imp=bsuieddmgpntr1721222371418 HTTP 302
  • https://cddtsecure.com/?a=155391&c=337952&co=204047&mt=7&s1=g&s2=bsuieddmgpntr1721222371418&s3=d HTTP 302
  • https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=730204381cd64a33bcff6aaa481b88c820999&sub1=155391&sub2=g

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
next.php
adspredictiv.com/jump/
Redirect Chain
  • http://eu5qwt3o.beauty/offer/50?cid=21&imp=bsuieddmgpntr1721222371418
  • https://eu5qwt3o.beauty/offer/50?cid=21&imp=bsuieddmgpntr1721222371418
  • https://cddtsecure.com/?a=155391&c=337952&co=204047&mt=7&s1=g&s2=bsuieddmgpntr1721222371418&s3=d
  • https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=730204381cd64a33bcff6aaa481b88c820999&sub1=155391&sub2=g
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=730204381cd64a33bcff6aaa481b88c820999&sub1=155391&sub2=g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a5e35058812902e-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 19 Jul 2024 22:39:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTCCHxm612mOZS7V8cVko1z9mgYAcnEh9I5ksV5xH8U7psGitgiZd35Df%2FzCBPcE9w%2Fi0bXOcQuaXWopkQawSI%2B%2FYtHKlLYqkwS4kKiT7AFEPJwH2QVGRpuHDNLGm9T91zYnGEJJolsXUZs1piJl"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
content-language
en-US
content-type
text/html;charset=ISO-8859-1
date
Fri, 19 Jul 2024 22:39:22 GMT
location
https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=730204381cd64a33bcff6aaa481b88c820999&sub1=155391&sub2=g
server
nginx
Primary Request /
dist.primary-adblocking.com/
Redirect Chain
  • https://adspredictiv.com/jump/next.php?stamat=m%257Cd3t2I2t3aQdH8AH0dEdHP3xP.4c2%252CTwuhcE9ytvGl4nFRHB_Ai_s-mlABFntchTzo96_d71nm-YrFntijGBe2eO8epAAQ7t1fMFRg49YB_E2hVVG2_wOXaUqtdE5qpmJi37myZO7RKuRq...
  • https://adspredictiv.com/script/i.php?t=1&c=23745574&stamat=m%257C%252C%252Cg3YTojavoGU3Bv_GH0dEdHP3xP.f57%252C8MskbAJw5vmPsKnbQfZ5_rnYyxz_-7gKNiAyHXvmBy_nh9ZNBQeeYfz9aQelXWcrc9B6yHbhAytJut-H_xLlYN...
  • https://tracking.trackingshub.com/click?pid=6&offer_id=2435338&sub1=172142876310000TDETV62001Rac8R20R3d00R1012R8d84Ref49R81286V25b3c&sub2=6536598-2846334087-30677878
  • https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=669aeb1b2b2ab8000120e50a&source=6_6536598-2846334087-30677878
  • https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqd...
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
Requested by
Host: adspredictiv.com
URL: https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=730204381cd64a33bcff6aaa481b88c820999&sub1=155391&sub2=g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
7baa168913cbba6521063e78682d189b099a55675643359f9706452b803a245d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=730204381cd64a33bcff6aaa481b88c820999&sub1=155391&sub2=g
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a5e350d5bbb3825-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 19 Jul 2024 22:39:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6UTcOMcgrNkhFINmnpM%2Fq8xaqJUQJ%2FOSfmTAK75Mp%2BSeiTPdVTDV0QX5CbRAkYKnGIQSnbmtou%2FRiYs2nmEsV%2FxIpoIrHVcoCrsrbp14WIMUTBsUSOUbW8c7HnW0K2hwAU0bgsm8Ps8OMDwukej8x5X5ghrz%2FICH7n0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Next.js

Redirect headers

content-length
0
date
Fri, 19 Jul 2024 22:39:23 GMT
location
https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
server
Caddy
x-request-id
1ee31707-74eb-47d2-9480-5f09b8c03a9a
9d92a176c9608aa4.css
dist.primary-adblocking.com/_next/static/css/ 		102 B
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dist.primary-adblocking.com/_next/static/css/9d92a176c9608aa4.css
Requested by
Host: dist.primary-adblocking.com
URL: https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
402316
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 14 Jul 2024 22:48:41 GMT
server
cloudflare
etag
W/"66-190b36f1b35"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gnL5Bhye2llq8RX05Jkg%2BIy9CT0JOheFSPpZ0DCk7LNheKME1JqstJbmsOXZbSXFYoDlj14pv1YoueP1TrG3Qc5eTLwTZM%2BPoSJDKCojD8UXFGZDLUTZwwcElyi9uGyVbWYzLvF%2FQm7BeqJftXhzn%2BxPb9NST7FfsGc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8a5e350dfcda3825-FRA
9862553d612dea94.css
dist.primary-adblocking.com/_next/static/css/ 		40 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dist.primary-adblocking.com/_next/static/css/9862553d612dea94.css
Requested by
Host: dist.primary-adblocking.com
URL: https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f561a071ca5b5acf0ec6c5061e03b4c1b929556d4829914339b76e9d17ecee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
85743
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jul 2024 22:48:26 GMT
server
cloudflare
etag
W/"a130-190c808510a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FwZQ3rmYASJGmITF0ieobKzJErQMMaE3NkK2yyrqOkIMOwbr45exmDpQiE7feehvLhU1EewJnf1YxMlmLUw%2BnIpSKOR8%2BKffdUWhqFsqTH5xxqv9dHV%2BtGCNTbwCwxG5deLKEUSYYUB6RtzuL00ZmmNW6Z83XrVaqns%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8a5e350dfcdf3825-FRA
721416b492a2bbc3.css
dist.primary-adblocking.com/_next/static/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dist.primary-adblocking.com/_next/static/css/721416b492a2bbc3.css
Requested by
Host: dist.primary-adblocking.com
URL: https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abf948f4456facd321de17e54f6a9a065277f2ebf5d333bd0977c38a3a65b10b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
85743
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jul 2024 22:48:26 GMT
server
cloudflare
etag
W/"1c12-190c808510a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=neTCAlolOioR1lxeOss9miSN9NpCf3A6Nc%2FARxxNFw30KjGp4dr0kZNEGqbUYHN8f4Fh3cgeRlmfyQS%2FyJYldzKJhwm6UbZHg4x91nBKZYYIU7ZsSdlkZhrhahWsSSmojLENuJimwOCUFGcqIuCJ74bqsRalAK0%2BWf4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8a5e350dfce23825-FRA
6596.b54a1537c5a9b5a2.js
dist.primary-adblocking.com/_next/static/chunks/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.primary-adblocking.com/_next/static/chunks/6596.b54a1537c5a9b5a2.js
Requested by
Host: dist.primary-adblocking.com
URL: https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed4a2bc71a29b8d1d939a46de84b1b494206911cc796f7aa132823c4440ccf6e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
85743
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jul 2024 22:48:26 GMT
server
cloudflare
etag
W/"2b81-190c808510e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H7Jb21HghX%2BQQAo0%2BOUiKznd8iZ5Ptr56XdxdrPsfjdcjtSsmD9xBxNDaGbOSVI2TtqbiJCX4nto5q7CnL%2F4IW%2BPjVcln1N2GmMZfXoiMF4yRQjKh8A828fmvU9XRnWK23LuMiLNFGJDK04rrignhYbfHiG9Xc4tEU8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8a5e350e7d6a3825-FRA
webpack-a1729b58f24930f9.js
dist.primary-adblocking.com/_next/static/chunks/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.primary-adblocking.com/_next/static/chunks/webpack-a1729b58f24930f9.js
Requested by
Host: dist.primary-adblocking.com
URL: https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa75d09c71e0c9592a3d936e6a18ac17fd5f37093e72ee8130022ed5a3efdc7e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
85743
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jul 2024 22:48:26 GMT
server
cloudflare
etag
W/"3312-190c808510e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BixHRDFc2r5UVsDqwXQ8swMXEFldIuWbBsE6idkYz2Xo34UK4i%2BmtPUsclCmdpyiZ5gh4oh2Z5oI%2B7StQ%2FvLGvkM7UBz7elgBv8BUS%2FwlSyenATbaDeuoon3HoPFw7lEYuHn0RF8ksbnG5BBDye%2F1S5bozNDQCYNNOE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8a5e350e7d6c3825-FRA
framework-3671d8951bf44e4e.js
dist.primary-adblocking.com/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.primary-adblocking.com/_next/static/chunks/framework-3671d8951bf44e4e.js
Requested by
Host: dist.primary-adblocking.com
URL: https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1845c289c582dd2b58a3ab7f8eadb695ebabbfe7a2685e5f9012ae16e0541580
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
402316
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 14 Jul 2024 22:48:41 GMT
server
cloudflare
etag
W/"226fd-190b36f1b35"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HG7gTuGZJeFQObwI5Ur9CLhPg18eCk%2Bi3%2Bq3ElDqq1TDJvbvMgExedyWNHUZhnnvo%2Bp0RP6%2B8RxYXEgeL89WDwEntPRBAY0807hp2e623GNeRPS4se8OB0RgJP5qW%2Fz3VvQzgQehva6jWsOm63j8dY4QzwDAMJ9w50c%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8a5e350e7d6d3825-FRA
main-403c8612371c9360.js
dist.primary-adblocking.com/_next/static/chunks/ 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.primary-adblocking.com/_next/static/chunks/main-403c8612371c9360.js
Requested by
Host: dist.primary-adblocking.com
URL: https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0514cea519259a90ef195e663ef8f544520a3b08a3e3986179e7e43a56cfba1a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
402316
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 14 Jul 2024 22:48:41 GMT
server
cloudflare
etag
W/"15cff-190b36f1b35"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KJQikyVvpHM%2B2a0FqHJUJrTwrHK5DRcSwqHpHzSAnvMunyebGjqrcyCjqFuQ39OnQGsT2qnVn%2B3NbSt7%2B16R8S6EdZrA8Jjreb573g532N7cP3X0xBcYUrqZXoKnXJfBl5g48ioi9If5RX3Yq%2BEKJILlV7P7QZ7fcUI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8a5e350e7d6e3825-FRA
_app-d84b14c387e45fee.js
dist.primary-adblocking.com/_next/static/chunks/pages/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.primary-adblocking.com/_next/static/chunks/pages/_app-d84b14c387e45fee.js
Requested by
Host: dist.primary-adblocking.com
URL: https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6a784bfe0b76adc9ceeb87071ac4da387914d107d7429855894934e6718534c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
85743
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jul 2024 22:48:26 GMT
server
cloudflare
etag
W/"5007-190c808510e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uv1x72piVQfspKqzH2F6KfGo61YQXAfF8Dbr1iI%2B5sg70ncnwyqezb5tyYB71f23Pd5Bk%2Fyb6iNB3ukvKyLsjgfkoRWn%2BPB31qaCEzDTs0prGTtTN9fjT%2FWBjqqL%2BX%2BBQ4dIpdimjT9oPCNi58rCXBBt7B61T1Iu%2Foo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8a5e350e7d713825-FRA
7928-d8b569c29547c62b.js
dist.primary-adblocking.com/_next/static/chunks/ 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.primary-adblocking.com/_next/static/chunks/7928-d8b569c29547c62b.js
Requested by
Host: dist.primary-adblocking.com
URL: https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e35502f1357f37019f5ac317245d1c32e1c3f85db13b10a245012070d36b4884
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
85743
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jul 2024 22:48:26 GMT
server
cloudflare
etag
W/"1b2fb-190c808510e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L1X8nP%2FyWETzpSHGgX1p%2B%2B7YPbw14MUFqC2aGVBSvHebGssRYgZldC2Tkz8byfm0xtuXxUQkZlBhhRGz89YVnPcTEqpH1NZFnI2a5EbkfEbiBEHXQjTxc4bIN7o%2BOtBJOkMZB%2BNzXLB6q17zx4HnX%2FztDd%2Fu0dl%2FjUU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8a5e350e7d733825-FRA
index-07d6ca67dff60f14.js
dist.primary-adblocking.com/_next/static/chunks/pages/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.primary-adblocking.com/_next/static/chunks/pages/index-07d6ca67dff60f14.js
Requested by
Host: dist.primary-adblocking.com
URL: https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37e5ca936901105b476f130a19b7904d8868c1d2dc42a2b258964b2dab68ff1e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
85743
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jul 2024 22:48:26 GMT
server
cloudflare
etag
W/"601d-190c808510e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QNvr%2Bl7V9vn3r3l7IGflKUmpzg66q6WbklEI5euA1pDjkmD%2B%2BcMsgBdb7VwZz3pXEoWjgH5tTe4JTns6YSIn0TvMuyQMxEUuZ4kjoKyIMeLvMhCq2%2FS%2BAWt72FYt%2BQQupxRNW2HeF0tuBTw%2B52ivFLQ6OrYSvXdQV2s%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8a5e350e7d743825-FRA
_buildManifest.js
dist.primary-adblocking.com/_next/static/UDkDgib3DukBds92bGdiU/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.primary-adblocking.com/_next/static/UDkDgib3DukBds92bGdiU/_buildManifest.js
Requested by
Host: dist.primary-adblocking.com
URL: https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55fbd444446d20106be8e58a3856edea270729f006bf0acbe73513a51cd104af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
85743
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jul 2024 22:48:26 GMT
server
cloudflare
etag
W/"40a-190c808510a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FFO0LMlWapVuQLeQ6uS8jU16fvU3v750NBrm6gojElbLmMw%2B0f8X3sGpCESbyUUb9mIYBOe7oqBa4YUJHow9vUOAI%2BsENF57ismhutCnt1Jtfu%2BLRPUV%2BKPqY1whhDB0y9MS0PHOtKS0FRMBdvjWh6Zz135e%2FJSBT9w%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8a5e350e7d753825-FRA
_ssgManifest.js
dist.primary-adblocking.com/_next/static/UDkDgib3DukBds92bGdiU/ 		77 B
614 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.primary-adblocking.com/_next/static/UDkDgib3DukBds92bGdiU/_ssgManifest.js
Requested by
Host: dist.primary-adblocking.com
URL: https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85743
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jul 2024 22:48:26 GMT
server
cloudflare
etag
W/"4d-190c808510a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bdgDQ747OmbGs1rZsH98s075hRui2Set506lx98TRQOCJ7au0rOrA1kh1X34qVg9rbGMQpO0AhkQ%2FsCrJ%2B5Wxy1%2FFWgv8tvwMdXOE4eJKbYHUtOCnB6W2b5TyZV%2BsXQhjFztHLesHyYIyGaYlLbFCqI4G8rtWU8mncE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8a5e350e7d7b3825-FRA
icon.svg
dist.primary-adblocking.com/images/promo-images/salmon/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dist.primary-adblocking.com/images/promo-images/salmon/icon.svg
Requested by
Host: dist.primary-adblocking.com
URL: https://dist.primary-adblocking.com/_next/static/css/721416b492a2bbc3.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4abf215f3a2e97a09a6bbbcce397edebe274eb2f4d30017d51538db5d8ce8bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/_next/static/css/721416b492a2bbc3.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jul 2024 22:48:10 GMT
server
cloudflare
etag
W/"a60-190c80811d6"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hhKj5RvkiHI%2F8%2FqqbDOhghNSdcq8j3ErEJerKiy17EVo%2FOJoJGpLdTa7YyAYZmGe0Neoi98GdKIgvXUy6d%2BtTgIm%2FUIC2IXfyGlvmGXb7s409ozhxaS32mfdDLAgPYRL1GAqXob4e9lF%2BGx81JZ%2BJPxlNpyb170WXtU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8a5e350f1dec3825-FRA
available-in-chrome.svg
dist.primary-adblocking.com/images/browser-icons/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dist.primary-adblocking.com/images/browser-icons/available-in-chrome.svg
Requested by
Host: dist.primary-adblocking.com
URL: https://dist.primary-adblocking.com/_next/static/css/9862553d612dea94.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed7d9565486a66ea74ca2944c02ba502f78fd8e56052a18c9407d61d7442460f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/_next/static/css/9862553d612dea94.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jul 2024 22:48:10 GMT
server
cloudflare
etag
W/"309d-190c80811ba"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1ozyyEDd0sAxczRbwZX2Hptt1MbBI9Ji8cUKn6SfMkwzPgd02sAbFzhK8dGd1d2bcEqtH6YEHO0pcVjBnfXSI8WtIJkE0bu41edHm85hA84CYuf6sW%2FFT5rcXR6GnudiJUUqUkzaEknupCs3jd%2BotiSEdpywIAxEC8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8a5e350f1dee3825-FRA
627622453ef56b0d.p.woff2
dist.primary-adblocking.com/_next/static/media/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dist.primary-adblocking.com/_next/static/media/627622453ef56b0d.p.woff2
Requested by
Host: dist.primary-adblocking.com
URL: https://dist.primary-adblocking.com/_next/static/css/721416b492a2bbc3.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/_next/static/css/721416b492a2bbc3.css
Origin
https://dist.primary-adblocking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
402317
alt-svc
h3=":443"; ma=86400
content-length
11072
last-modified
Sun, 14 Jul 2024 22:48:41 GMT
server
cloudflare
etag
W/"2b40-190b36f1b39"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x6odHLnPRVJAehRXxgcdoh9qUaBhsoNFj2uBUyn3rexUknakwvAqPZbzwc5PW6gNQ1eM0hAOoTvBGfl0vi11OZDNYm73s7ZM68%2BxBkS6MD3x7qB4xkSJO5tLEkQjb9CAhtF%2FZ8UBPZvYXbP8T2r%2FwLjJqb1sKztDtY8%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a5e350f4e163825-FRA
934c4b7cb736f2a3.p.woff2
dist.primary-adblocking.com/_next/static/media/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dist.primary-adblocking.com/_next/static/media/934c4b7cb736f2a3.p.woff2
Requested by
Host: dist.primary-adblocking.com
URL: https://dist.primary-adblocking.com/_next/static/css/721416b492a2bbc3.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/_next/static/css/721416b492a2bbc3.css
Origin
https://dist.primary-adblocking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
402317
alt-svc
h3=":443"; ma=86400
content-length
11028
last-modified
Sun, 14 Jul 2024 22:48:41 GMT
server
cloudflare
etag
W/"2b14-190b36f1b39"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jYGB5qQqNDS9%2B7i8Hd59b8m19HhO97rpxerLo30Tl1BuJLtgzwfjkfW12ixmVXjhhvfKY9vZHCM16gM06FbWC%2FC%2BejS8yfod139f76u7keHr14512a%2Bgb6NGLoAEc6rzi98p906TA8lgRYN0xJ7V58%2Ft1eVbk7rgIE%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a5e350f4e193825-FRA
click
excellingvista.com/ 		0
0
favicon.ico
dist.primary-adblocking.com/images/extension-icons/primary-adblock/ 		15 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dist.primary-adblocking.com/images/extension-icons/primary-adblock/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dc86bcb63b4c5f30ab4a584acceca2f83aa7da547791e47e87e28f21f6675f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 22:39:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jul 2024 22:48:10 GMT
server
cloudflare
etag
W/"3c2e-190c80811c2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/x-icon
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tKPqu0VcLoSEFr%2FJTJExUYyYWeNcri5qK0r4MgVDkDi273ThIHi1aw92zcGZiybQ3vTRe1r77yC4jtsLbCb9zIBLAzhDjqTyJo6EWCKKmsyFGVJHD1bRgWKMRcoLkW9QyXjP8gPTYouqw%2BJu3z4neuDF%2Ft7VwZPDcaw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8a5e350fdeba3825-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
excellingvista.com
URL
https://excellingvista.com/click?upd_clickid=cqdem6r2r96s73entt30&add_event6=1

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| a13b function| a13a object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| a0b function| a0a function| a80b function| a80a function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST

26 Cookies

Domain/Path Name / Value
.cddtsecure.com/ Name: gdm_click_adv_freq_v1_1_001
Value: WGP2hL1mCj4amHrx09xyly/MYAp9Ts1tyN4S8NkyxBFRBZ3p8pTEaGkQHoqLsqXh
.cddtsecure.com/ Name: gdm_uid_v2_1_001
Value: RKHDXaY32IVkRbWcIUm6oXEnhGHKUw1lOGftAXtHDFzF76L6U1FqIwr5C2brc8fa
.cddtsecure.com/ Name: gdm_click_freq_v1_1_001
Value: PP3JcjNA73u1+Rhf7CuRLIcUJpr9OYary3rmpoWT+NwIFeTfhAsOQRpZcXpZLFGb
.cddtsecure.com/ Name: gdm_click_adv_freq_v2_1_001
Value: WGP2hL1mCj4amHrx09xyly/MYAp9Ts1tyN4S8NkyxBFRBZ3p8pTEaGkQHoqLsqXh
.cddtsecure.com/ Name: gdm_sid_v1_3_001
Value: L5i88KBQAYShnGy4mM76zhM2w9yR3cRv+mhvKbn8UAXyw+iqxb40Iwz369w/DXXzUuE3/M8Ge04VTw8xts7ZGC+RU5nylK9XPFeSh/C+xIGplqN3FXuSHLyAHKq3NfqsFaCi+5QT1g+cFsl0KMjVNUgdN6laffcpADmB1AI4EYVeeRwSrD9x7guXA0iAwIKVh3UQZS2aWeUpr9gJjghrk1xLubYg2L43Lg4S7Qr2nHM6SPQNFrTPn/rMg43kJuGIy7PfrJ105dQ62bdCHV0iKyCW0fdmm3hImHtLybJlQHSLLEQgKwuyZ9NBnUpwAake74g8f/zX2W0R2M2oZdd9eUttRRzOlRSMBhvTr4B+ZcT9R0X6L6TYufHQIIynBfaN92gC+TOVVdPzf1cZqniG+aXId2a1UmPa9apSb4P20jM98GQn6uAkkge5W4jXItFpfODI/v/yixhn+aUgUW48rZ0WvfKB+IbHgO3Dcx5/xQt5mixZ/Dd38ZghdpY7WeoMJPYDADQYZ2wTsVKtEgI4UgmjiFaAbg5/mruzoyLNwva3f7UVQ414Z2Bh8gDuhD3uMezKzFCyUUp9iATweeusUCXQG2usTdkzcy13NEfoLXEB9XaUJk0tJT5VZKi9i76jd7nwrz9nAxm+VWxRLfDL3r/FKdripohWI3gU+SzGhE3hsOK16vukvbgC4H0VmEtTTrUIL3fpgcvtPIklhtTDTi0wLrbcIeraar2Lz55GO1NG1c/8SF3iVoekIDazREpAPmYeHiYuHtwdT0lmXXV0R/wQW9+FaCG18L1ao3H62FVx41WeVhyHsa+p2vQMrM+7a4W43Plsmcmhp/mKp74+U2WmUBvVJ+buqlhF5mmRCOM2hEo+puPO4U+c/1PW+3q3J3pBCFsAaYLnhFfC4TD4H0zgCChhZZ+3tu2Ug8OJN8hJw4BVEaCsj/kpB+/ECty72rX2NQ37f83HJj90xOf94Tu9UUOFo6GqwQtjtPN9l9c4Lnn+tqS+726gfCD9meEXURnaYs55/4WudjMK6r7QZ9PBnat7wX7sy7XogFiBZB12XqV/c9l6zFXKfglT3cKkFnT+DefVAL9Et+oA57uH75Srh6aRPwF900LCaiYxvPM=
.cddtsecure.com/ Name: gdm_uid_v1_1_001
Value: RKHDXaY32IVkRbWcIUm6oXEnhGHKUw1lOGftAXtHDFzF76L6U1FqIwr5C2brc8fa
.cddtsecure.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.cddtsecure.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.cddtsecure.com/ Name: gdm_sid_v2_3_001
Value: L5i88KBQAYShnGy4mM76zhM2w9yR3cRv+mhvKbn8UAXyw+iqxb40Iwz369w/DXXzUuE3/M8Ge04VTw8xts7ZGC+RU5nylK9XPFeSh/C+xIGplqN3FXuSHLyAHKq3NfqsFaCi+5QT1g+cFsl0KMjVNUgdN6laffcpADmB1AI4EYVeeRwSrD9x7guXA0iAwIKVh3UQZS2aWeUpr9gJjghrk1xLubYg2L43Lg4S7Qr2nHM6SPQNFrTPn/rMg43kJuGIy7PfrJ105dQ62bdCHV0iKyCW0fdmm3hImHtLybJlQHSLLEQgKwuyZ9NBnUpwAake74g8f/zX2W0R2M2oZdd9eUttRRzOlRSMBhvTr4B+ZcT9R0X6L6TYufHQIIynBfaN92gC+TOVVdPzf1cZqniG+aXId2a1UmPa9apSb4P20jM98GQn6uAkkge5W4jXItFpfODI/v/yixhn+aUgUW48rZ0WvfKB+IbHgO3Dcx5/xQt5mixZ/Dd38ZghdpY7WeoMJPYDADQYZ2wTsVKtEgI4UgmjiFaAbg5/mruzoyLNwva3f7UVQ414Z2Bh8gDuhD3uMezKzFCyUUp9iATweeusUCXQG2usTdkzcy13NEfoLXEB9XaUJk0tJT5VZKi9i76jd7nwrz9nAxm+VWxRLfDL3r/FKdripohWI3gU+SzGhE3hsOK16vukvbgC4H0VmEtTTrUIL3fpgcvtPIklhtTDTi0wLrbcIeraar2Lz55GO1NG1c/8SF3iVoekIDazREpAPmYeHiYuHtwdT0lmXXV0R/wQW9+FaCG18L1ao3H62FVx41WeVhyHsa+p2vQMrM+7a4W43Plsmcmhp/mKp74+U2WmUBvVJ+buqlhF5mmRCOM2hEo+puPO4U+c/1PW+3q3J3pBCFsAaYLnhFfC4TD4H0zgCChhZZ+3tu2Ug8OJN8hJw4BVEaCsj/kpB+/ECty72rX2NQ37f83HJj90xOf94Tu9UUOFo6GqwQtjtPN9l9c4Lnn+tqS+726gfCD9meEXURnaYs55/4WudjMK6r7QZ9PBnat7wX7sy7XogFiBZB12XqV/c9l6zFXKfglT3cKkFnT+DefVAL9Et+oA57uH75Srh6aRPwF900LCaiYxvPM=
.cddtsecure.com/ Name: gdm_click_freq_v2_1_001
Value: PP3JcjNA73u1+Rhf7CuRLIcUJpr9OYary3rmpoWT+NwIFeTfhAsOQRpZcXpZLFGb
tracking.trackingshub.com/ Name: afclick
Value: 669aeb1b2b2ab8000120e50a
tracking.trackingshub.com/ Name: afoffers
Value: {"2435338":1721428763}
excellingvista.com/ Name: uclick
Value: nLiCwVhYP441grXxaGCY5PatwnaWvvI5+HdNRw83RdlPZUxZbobyWDuj4R+Uv7EuTbG8XrE=
excellingvista.com/ Name: bcid
Value: cqdem6r2r96s73entt30
excellingvista.com/ Name: cid
Value: cqdem6r2r96s73entt30
.primary-adblocking.com/ Name: extension
Value: primary_adb
.primary-adblocking.com/ Name: promo
Value: salmon
.primary-adblocking.com/ Name: big
Value: none
.primary-adblocking.com/ Name: clk_domain
Value: excellingvista.com
.primary-adblocking.com/ Name: flow
Value: binom
.primary-adblocking.com/ Name: campaignId
Value: 10659
.primary-adblocking.com/ Name: trafficsource
Value: 29
.primary-adblocking.com/ Name: src
Value: 6_6536598-2846334087-30677878
.primary-adblocking.com/ Name: cid
Value: cqdem6r2r96s73entt30
.primary-adblocking.com/ Name: lpkey
Value: 17214f6c61580cfaa6ebf6925ae979c3c101b29063
.primary-adblocking.com/ Name: isV2
Value: true

2 Console Messages

Source Level URL
Text
javascript error URL: https://dist.primary-adblocking.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-2846334087-30677878&cid=cqdem6r2r96s73entt30&lpkey=17214f6c61580cfaa6ebf6925ae979c3c101b29063&isV2=true
Message:
Access to XMLHttpRequest at 'https://excellingvista.com/click?upd_clickid=cqdem6r2r96s73entt30&add_event6=1' from origin 'https://dist.primary-adblocking.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://excellingvista.com/click?upd_clickid=cqdem6r2r96s73entt30&add_event6=1
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adspredictiv.com
cddtsecure.com
dist.primary-adblocking.com
eu5qwt3o.beauty
excellingvista.com
tracking.trackingshub.com
excellingvista.com
2606:4700:3033::6815:47fe
2a05:d018:e36:3910:d147:59ce:ad00:b71c
2a06:98c1:3120::3
35.204.193.90
52.58.28.63
54.82.124.168
0514cea519259a90ef195e663ef8f544520a3b08a3e3986179e7e43a56cfba1a
1845c289c582dd2b58a3ab7f8eadb695ebabbfe7a2685e5f9012ae16e0541580
2dc86bcb63b4c5f30ab4a584acceca2f83aa7da547791e47e87e28f21f6675f4
37e5ca936901105b476f130a19b7904d8868c1d2dc42a2b258964b2dab68ff1e
55fbd444446d20106be8e58a3856edea270729f006bf0acbe73513a51cd104af
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7baa168913cbba6521063e78682d189b099a55675643359f9706452b803a245d
9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10
a4abf215f3a2e97a09a6bbbcce397edebe274eb2f4d30017d51538db5d8ce8bb
aa75d09c71e0c9592a3d936e6a18ac17fd5f37093e72ee8130022ed5a3efdc7e
abf948f4456facd321de17e54f6a9a065277f2ebf5d333bd0977c38a3a65b10b
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
e35502f1357f37019f5ac317245d1c32e1c3f85db13b10a245012070d36b4884
ed4a2bc71a29b8d1d939a46de84b1b494206911cc796f7aa132823c4440ccf6e
ed7d9565486a66ea74ca2944c02ba502f78fd8e56052a18c9407d61d7442460f
f561a071ca5b5acf0ec6c5061e03b4c1b929556d4829914339b76e9d17ecee0c
f6a784bfe0b76adc9ceeb87071ac4da387914d107d7429855894934e6718534c