urlscan.io logo urlscan.io
SecurityTrails logo

avancolink.click Open in urlscan Pro
2606:4700:3032::ac43:86f3  Public Scan

Go To Rescan Add Verdict Report
URL: https://avancolink.click/
Submission: On August 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 9 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3032::ac43:86f3, located in United States and belongs to CLOUDFLARENET, US. The main domain is avancolink.click.
TLS certificate: Issued by WE1 on August 5th 2024. Valid for: 3 months.
This is the only time avancolink.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
3 2620:1ec:bdf::60 8075 (MICROSOFT...)
5 20.119.174.243 8075 (MICROSOFT...)
2 2a03:2880:f08... 32934 (FACEBOOK)
4 2a03:2880:f17... 32934 (FACEBOOK)
8 104.18.3.36 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 188.114.96.3 13335 (CLOUDFLAR...)
31 10
5    2606:4700:3032::ac43:86f3 (United States)

ASN13335 (CLOUDFLARENET, US)
avancolink.click
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
5    20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
r.clarity.ms
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
8    104.18.3.36 (None, )

ASN13335 (CLOUDFLARENET, US)
imagedelivery.net
1    2606:4700:3037::6815:2a84 (United States)

ASN13335 (CLOUDFLARENET, US)
cpxfonts.cc
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
userstat.net
Apex Domain
Subdomains		 Transfer
10 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
r.clarity.ms — Cisco Umbrella Rank: 8637
c.clarity.ms — Cisco Umbrella Rank: 1838
30 KB
8 imagedelivery.net
imagedelivery.net — Cisco Umbrella Rank: 19721
88 KB
5 avancolink.click
avancolink.click
232 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
74 KB
1 userstat.net
userstat.net — Cisco Umbrella Rank: 232748
651 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
773 B
1 cpxfonts.cc
cpxfonts.cc
67 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
7 KB
31 9
Domain Requested by
8 imagedelivery.net avancolink.click
5 r.clarity.ms www.clarity.ms
5 avancolink.click avancolink.click
4 www.facebook.com avancolink.click
3 www.clarity.ms avancolink.click
www.clarity.ms
2 c.clarity.ms 1 redirects
2 connect.facebook.net avancolink.click
connect.facebook.net
1 userstat.net avancolink.click
1 c.bing.com 1 redirects
1 cpxfonts.cc avancolink.click
1 cdn.jsdelivr.net avancolink.click
31 11

This site contains no links.

Subject Issuer Validity Valid
avancolink.click
WE1		 2024-08-05 -
2024-11-03		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-19 -
2024-08-17		 3 months crt.sh
imagedelivery.net
E6		 2024-07-19 -
2024-10-17		 3 months crt.sh
cpxfonts.cc
E5		 2024-07-19 -
2024-10-17		 3 months crt.sh
userstat.net
WE1		 2024-07-17 -
2024-10-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://avancolink.click/
Frame ID: 0E1CE14D8E46475ABC1DF85E18C1543D
Requests: 30 HTTP requests in this frame

Frame: https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/8411974a-b03c-42cc-4076-009e34e4ed00/public
Frame ID: 4FEB33F6F9E222B56A30F7ADB1BC1753
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Raspadinha AvançoBet

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

31
Requests

97 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

10
IPs

5
Countries

502 kB
Transfer

986 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2162ED91128C4707B8C492E8823A5828&RedC=c.clarity.ms&MXFR=0F2B0A82EC396BF93CF01E54E83965A0 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2162ED91128C4707B8C492E8823A5828&MUID=39A4863E3FB56EC7010A92E83E196F8F

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
avancolink.click/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:86f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
295b0d8e58e8d9e1e9751d49365ed708e596dd842422675d561e715f45241209

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8b095c2978aa37fe-FRA
content-encoding
br
content-type
text/html
date
Fri, 09 Aug 2024 17:10:31 GMT
last-modified
Wed, 07 Aug 2024 00:10:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wfV1JlHNVYLRlDfjg0EFmKZ6aaK7wKxT80uIQAz5bGixFBVXTHtk00XsCq36LQza5yZqVxqAlvKNNto0bYf21R2V8peF9DOFg6V8pjjAzjFQGeyx%2FYolexR5P9AiRlR63LPhkc8H4oRBUuC17F2G"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-do-app-origin
62be3d30-ffc4-41a0-98df-7e114417d3cf
x-do-orig-status
200
disable-devtool
cdn.jsdelivr.net/npm/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/disable-devtool
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 09 Aug 2024 17:10:31 GMT
x-content-type-options
nosniff
content-encoding
br
age
22460
x-jsd-version
0.3.7
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6741
x-served-by
cache-fra-etou8220060-FRA
x-jsd-version-type
version
etag
W/"4372-w4TGldenTh5CcrE/nVlC0PJNCZ0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
myo0bqbr68
www.clarity.ms/tag/ 		638 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/myo0bqbr68
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30ef31aeba1ad5044050fba274e09c75da8ea7170becaeb7eed53d1e3aedf784

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
date
Fri, 09 Aug 2024 17:10:31 GMT
x-azure-ref
20240809T171031Z-167f4bf999889rksd7c2qm5m2s00000004eg00000001k0x7
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
638
expires
-1
main.a1a1fdad.js
avancolink.click/js/ 		188 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avancolink.click/js/main.a1a1fdad.js
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:86f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d466d42fa01d64982ca55353bc8fb9a9c64db6ee3838d05cf1ee8f4322b5319

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 17:10:32 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Wed, 07 Aug 2024 00:10:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
62be3d30-ffc4-41a0-98df-7e114417d3cf
x-do-orig-status
200
etag
W/"66b2bb90-2eebd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WXwO0%2FtLlnBIuDv85AMIwUUOJvuxU9cW5F0vQ%2FkxWV274knkOmXXlZqbHVpvvhEqwNhlpHNdRjDgqIm9zuZWGIbT8dfuQ3lq%2F433JxoSyefQUACTyIRXeC2pMG0URzhniSdXRz8YPxiqG%2BwR3uXL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
server
cloudflare
cache-control
private
cf-ray
8b095c2d9e2a37fe-FRA
alt-svc
h3=":443"; ma=86400
main.eb4230ea.css
avancolink.click/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://avancolink.click/css/main.eb4230ea.css
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:86f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6a59b3a2643b047ee4b17f6e9427d3dc1e185fa75d0bbcd7a20c0a6ebea4773

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 17:10:31 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Wed, 07 Aug 2024 00:10:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
62be3d30-ffc4-41a0-98df-7e114417d3cf
x-do-orig-status
200
etag
W/"66b2bb90-712"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Foopy2kG7auQ2cQXQcieDeH0pIY%2FybaEkaBIO5p6p%2BVgOT9w3jE8aFaTDhAoKnbZxKj%2FxvzYz5Mz813BYA%2F38cmte0sTOO7xGbVlTMGBHKDAJ%2BWi05%2FcIvFtOSjU2s8dgmk4XqSxdKjnj8OgTkaY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
server
cloudflare
cache-control
private
cf-ray
8b095c2cdd4537fe-FRA
alt-svc
h3=":443"; ma=86400
myo0bqbr68
www.clarity.ms/tag/ 		638 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/myo0bqbr68
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30ef31aeba1ad5044050fba274e09c75da8ea7170becaeb7eed53d1e3aedf784

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
date
Fri, 09 Aug 2024 17:10:31 GMT
x-azure-ref
20240809T171031Z-167f4bf999889rksd7c2qm5m2s00000004eg00000001k0xx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
638
expires
-1
clarity.js
www.clarity.ms/s/0.7.43/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.43/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/myo0bqbr68
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 17:10:31 GMT
content-encoding
br
last-modified
Fri, 09 Aug 2024 04:07:28 GMT
etag
W/"0x8DCB828C8E14F24"
vary
Accept-Encoding
x-azure-ref
20240809T171031Z-167f4bf999889rksd7c2qm5m2s00000004eg00000001k0xy
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e0f1e76d-701e-0011-5058-eab46f000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
r.clarity.ms/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://avancolink.click
Date
Fri, 09 Aug 2024 17:10:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 09 Aug 2024 17:10:31 GMT
document-policy
force-load-at-top
x-fb-server-load
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1297, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
jWNJb7YiqHXLklk+oO4eDKqHqDDvx8oZKZWM9yRvNsWynOC5j6cblr7xJJNHR+Q+AdTjD+uui+5QHUYg159Yhw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
Gotham-Medium.otf
avancolink.click/fonts/ 		165 KB
166 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://avancolink.click/fonts/Gotham-Medium.otf
Requested by
Host: avancolink.click
URL: https://avancolink.click/css/main.eb4230ea.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:86f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c583cf3a8e3887d7ae88a8a91aff3772782f8dbb87c13a97817fb23d54c7635c

Request headers

Referer
https://avancolink.click/css/main.eb4230ea.css
Origin
https://avancolink.click
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 17:10:32 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
62be3d30-ffc4-41a0-98df-7e114417d3cf
x-do-orig-status
200
alt-svc
h3=":443"; ma=86400
content-length
169304
last-modified
Wed, 07 Aug 2024 00:10:56 GMT
server
cloudflare
etag
"66b2bb90-29558"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uHmTkBEDetiM1lelM9t3hTopCQW1KJMuxv%2BT5%2BDdP%2FrEXI74ZmCnN4h1YR4DkyO6mB0iXE42NkCuwdhClwTajP25%2BEZknVUrbNWWrfRrPvdhutWYoc13G8FH2MvDhpS%2BN3Is3gPwUs5PtmRmBvS6"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
private
accept-ranges
bytes
cf-ray
8b095c306a3237fe-FRA
1950672702048510
connect.facebook.net/signals/config/ 		70 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1950672702048510?v=2.9.164&r=stable&domain=avancolink.click&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6937be838d602f0e7070b04af35bdf3139df03c8d0132162b67497449e7f7ee4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 09 Aug 2024 17:10:32 GMT
document-policy
force-load-at-top
x-fb-server-load
34
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=26, rtx=0, c=61, mss=1297, tbw=64420, tp=-1, tpl=-1, uplat=143, ullat=0
pragma
public
x-fb-debug
4g1AUV0BAoiiHCN6+8pibEEYINhQa7FXMR4E56LfDmCiPscAVSxYL7a+aXIxwTFhuEPR3lN2TsyzNaZzba5jZA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1950672702048510&ev=PageView&dl=https%3A%2F%2Favancolink.click%2F&rl=&if=false&ts=1723223432105&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723223432099.109416849716858574&cs_est=true&ler=empty&cdl=API_unavailable&it=1723223431905&coo=false&rqm=GET
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1297, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 09 Aug 2024 17:10:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1950672702048510&ev=PageView&dl=https%3A%2F%2Favancolink.click%2F&rl=&if=false&ts=1723223432105&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723223432099.109416849716858574&cs_est=true&ler=empty&cdl=API_unavailable&it=1723223431905&coo=false&rqm=FGET
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
date
Fri, 09 Aug 2024 17:10:32 GMT
document-policy
force-load-at-top
x-fb-server-load
44
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401188284354082405", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1297, tbw=3103, tp=-1, tpl=-1, uplat=119, ullat=0
pragma
no-cache
x-fb-debug
PrpdDiYZmke2WOyWJ+HPOqklYxXRomB3v27PRHjpxTvq0NWLiLe8euoEdhvebGycBN4Z3ejwq3SC4s7Nlhs6cA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401188284354082405"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401188284354082405"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
public
imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/8411974a-b03c-42cc-4076-009e34e4ed00/ Frame 4FEB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/8411974a-b03c-42cc-4076-009e34e4ed00/public
Requested by
Host: avancolink.click
URL: https://avancolink.click/js/main.a1a1fdad.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
cf-images
internal=ok/- q=0 n=42+143 c=0+0 v=2024.8.0 l=37760 f=false
cf-ray
8b095c347ff29171-FRA
content-length
37760
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-type
image/avif
date
Fri, 09 Aug 2024 17:10:32 GMT
etag
"cfcoEbMkwlwjkuGLiu6uPPPVzUfb7C9F9CBQfA5-d8DQ"
server
cloudflare
vary
Accept, Accept-Encoding
x-content-type-options
nosniff
public
imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/7344c229-2e0e-4c57-b0fb-6018d471ce00/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/7344c229-2e0e-4c57-b0fb-6018d471ce00/public
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7128ba5baa8aee815dfef5fe109ca7f78bb58dc9dcb386ab00a8719011bf40e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=725+225 c=0+0 v=2024.7.0 l=2452
date
Fri, 09 Aug 2024 17:10:32 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
2452
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf1v34A82qLo0j7Rt-opiOvp3qfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8b095c347d4c2bc5-FRA
public
imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/9cfa2de4-f890-4617-ce0f-a36f6fa90800/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/9cfa2de4-f890-4617-ce0f-a36f6fa90800/public
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2f964dbd2b0fbc1acb4a320ab2d9b05e92edf5326cb3c3421b427f6c519a410
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=64+193 c=0+0 v=2024.8.0 l=31709 f=false
date
Fri, 09 Aug 2024 17:10:32 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
31709
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf-Z5pIFKGZgGm68F_Mxb16WJpfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8b095c347d4e2bc5-FRA
Gotham-Medium.otf
cpxfonts.cc/ 		165 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cpxfonts.cc/Gotham-Medium.otf
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c583cf3a8e3887d7ae88a8a91aff3772782f8dbb87c13a97817fb23d54c7635c

Request headers

Referer
https://avancolink.click/
Origin
https://avancolink.click
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 17:10:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 20 May 2024 13:59:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"39b5ff14a54114e9ae92136578a0e2d3"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GVfyEAiWRhYSqUQ%2BrgVuMsw5%2F5Oobox%2FzbQSqBcEPp8usTRjQUtu7jLSHON6gCiac4leK64FblhLVtMaiWJjvE17NXYSddSk0fwzOR0FrH75eaXw%2FMAevt9Tg7ScDZqyEJQYJprzkUZ7Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/otf
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8b095c34eb01bb73-FRA
alt-svc
h3=":443"; ma=86400
collect
r.clarity.ms/ 		0
280 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://avancolink.click
Date
Fri, 09 Aug 2024 17:10:32 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
public
imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/770e7287-f35d-4dcc-ca6b-60282e3bfd00/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/770e7287-f35d-4dcc-ca6b-60282e3bfd00/public
Requested by
Host: avancolink.click
URL: https://avancolink.click/?_token=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85c52f99ebe0290a361b01160690d5f542a3572b1bb9050ec0e80847bd827e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
Origin
https://avancolink.click
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=25+112 c=0+0 v=2024.7.0 l=26207
date
Fri, 09 Aug 2024 17:10:32 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
26207
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfkaiB3Vm2bStwuIQQI-8fEjFafb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8b095c347ca15b50-FRA
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1950672702048510&ev=PageView&dl=https%3A%2F%2Favancolink.click%2F%3F_token%3D&rl=&if=false&ts=1723223432370&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723223432099.109416849716858574&cs_est=true&ler=empty&cdl=API_unavailable&it=1723223431905&coo=false&rqm=GET
Requested by
Host: avancolink.click
URL: https://avancolink.click/?_token=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1297, tbw=6137, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 09 Aug 2024 17:10:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1950672702048510&ev=PageView&dl=https%3A%2F%2Favancolink.click%2F%3F_token%3D&rl=&if=false&ts=1723223432370&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723223432099.109416849716858574&cs_est=true&ler=empty&cdl=API_unavailable&it=1723223431905&coo=false&rqm=FGET
Requested by
Host: avancolink.click
URL: https://avancolink.click/?_token=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
date
Fri, 09 Aug 2024 17:10:32 GMT
document-policy
force-load-at-top
x-fb-server-load
25
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401188284879310618", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1297, tbw=6283, tp=-1, tpl=-1, uplat=103, ullat=0
pragma
no-cache
x-fb-debug
Z0OxDyb00fs03cQSC16c03T9l1lu5RBAxRRv3q3W0s11TUY/fhTu1lZNJDxJC51FtIJ5S81chfUTN2X4s23XkQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401188284879310618"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401188284879310618"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
public
imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/3df0fb21-16b9-4e07-e8e8-8120c712f900/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/3df0fb21-16b9-4e07-e8e8-8120c712f900/public
Requested by
Host: avancolink.click
URL: https://avancolink.click/?_token=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4134ce960893a2a1ac5b018981136886079c4a6354de511b9be77db7d7b03d90
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=603+250 c=0+0 v=2024.7.0 l=19076
date
Fri, 09 Aug 2024 17:10:32 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
19076
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf717P4NcWIKExsjTJpcVAzSwXfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8b095c347d482bc5-FRA
public
imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/de3f5bd5-9895-4059-6183-272a4a54fd00/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/de3f5bd5-9895-4059-6183-272a4a54fd00/public
Requested by
Host: avancolink.click
URL: https://avancolink.click/?_token=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19b63e619d3130ee44f0c277ec231056f0fd2ae5b54018bad27d1814afbd7c40
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=1411+32 c=0+32 v=2024.8.0 l=2388 f=false
date
Fri, 09 Aug 2024 17:10:32 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
2388
cf-bgj
imgq:0,h2pri
server
cloudflare
etag
"cf2aWmpa4FQZXiox2g0DZraLtVfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
warning
cf-images 299 "original is 79B smaller"
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8b095c347d452bc5-FRA
public
imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/83024b1c-0d74-4a0c-d99f-194ad56a1700/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/83024b1c-0d74-4a0c-d99f-194ad56a1700/public
Requested by
Host: avancolink.click
URL: https://avancolink.click/?_token=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d350861d7eb1a94a311364f3a0e80baed12ff4054a867f051c490f197cced0aa
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=599+29 c=0+29 v=2024.8.0 l=2334 f=false
date
Fri, 09 Aug 2024 17:10:32 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
2334
cf-bgj
imgq:0,h2pri
server
cloudflare
etag
"cfXv91C2usBFdccB9cmft0Vj0ofb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
warning
cf-images 299 "original is 88B smaller"
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8b095c347d422bc5-FRA
public
imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/82c354b5-111f-47dc-847f-c087edccd500/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/82c354b5-111f-47dc-847f-c087edccd500/public
Requested by
Host: avancolink.click
URL: https://avancolink.click/?_token=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e03d6fb42e49e2329939f69249782d3fd87bd9b91eaee8b6e86b88203f08d1c1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=46+22 c=0+22 v=2024.8.0 l=2998 f=false
date
Fri, 09 Aug 2024 17:10:32 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
2998
cf-bgj
imgq:0,h2pri
server
cloudflare
etag
"cf2EfJj1Vp9899ndCqZZL4k-xOfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
warning
cf-images 299 "original is 312B smaller"
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8b095c347d512bc5-FRA
collect
r.clarity.ms/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://avancolink.click
Date
Fri, 09 Aug 2024 17:10:32 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2162ED91128C4707B8C492E8823A5828&RedC=c.clarity.ms&MXFR=0F2B0A82EC396BF93CF01E54E83965A0
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2162ED91128C4707B8C492E8823A5828&MUID=39A4863E3FB56EC7010A92E83E196F8F
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2162ED91128C4707B8C492E8823A5828&MUID=39A4863E3FB56EC7010A92E83E196F8F
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Aug 2024 17:10:32 GMT
last-modified
Thu, 01 Aug 2024 17:45:27 GMT
server
Microsoft-IIS/10.0
etag
"43fd8f983ae4da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 09 Aug 2024 17:10:32 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 96E84F07241E4F558559399D87626330 Ref B: FRA31EDGE0815 Ref C: 2024-08-09T17:10:33Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2162ED91128C4707B8C492E8823A5828&MUID=39A4863E3FB56EC7010A92E83E196F8F
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
espadilha-icon.svg
avancolink.click/images/ 		555 B
451 B 		Other
General
Check archive.org
Download Go to
Full URL
https://avancolink.click/images/espadilha-icon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:86f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3365fd5bcca6db3766cf099d5bbb74dc8db7fae302c30fa6bdf43eeddaf98742

Request headers

Referer
https://avancolink.click/?_token=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 17:10:33 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-do-app-origin
62be3d30-ffc4-41a0-98df-7e114417d3cf
x-do-orig-status
404
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xm7q58f7MM4Ebg910NqwYHwheoXPfHrMOLXAHZD4sSThhd3ms3Vswz9laYK%2F7Gmg9ZujGlZoRe1fOTGqkacuBjkl%2B1MZT1pe57ne6OTgo894aQ5neXfpfDcG%2BsU8cWMFxFw41z10qEIrlncNC5j"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private
cf-ray
8b095c38ae4437fe-FRA
alt-svc
h3=":443"; ma=86400
script.js
userstat.net/get/ 		129 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://userstat.net/get/script.js?referrer=https://avancolink.click/?_token=
Requested by
Host: avancolink.click
URL: https://avancolink.click/js/main.a1a1fdad.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.1
Resource Hash
15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 17:10:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.1
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://avancolink.click
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtcEhz7bcTT9q7B5wf3toRPfC%2FHMqx2OF%2F5sThS2m1%2Ffev%2FwQkSplq7Vp%2F1qehDCNEyOeizjdPETurTpbiHZqwhyb7iRmYpCMtytKqb2UH4TeV8Zdm%2FgYU6p5US5IF8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8b095c3a5a793624-FRA
access-control-allow-headers
X-Requested-With,content-type
alt-svc
h3=":443"; ma=86400
collect
r.clarity.ms/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://avancolink.click
Date
Fri, 09 Aug 2024 17:10:33 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
collect
r.clarity.ms/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://avancolink.click
Date
Fri, 09 Aug 2024 17:10:36 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| DisableDevtool function| clarity function| fbq function| _fbq function| updateTimer string| __reactRouterVersion

10 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: 4dd5897695eb4b35b974c1e0ac31c860.20240809.20250809
.avancolink.click/ Name: _fbp
Value: fb.1.1723223432099.109416849716858574
avancolink.click/ Name: PHPREFS
Value: full
.bing.com/ Name: MUID
Value: 39A4863E3FB56EC7010A92E83E196F8F
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 39A4863E3FB56EC7010A92E83E196F8F
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 39A4863E3FB56EC7010A92E83E196F8F
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://avancolink.click/images/espadilha-icon.svg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avancolink.click
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
connect.facebook.net
cpxfonts.cc
imagedelivery.net
r.clarity.ms
userstat.net
www.clarity.ms
www.facebook.com
104.18.3.36
13.74.129.1
188.114.96.3
20.119.174.243
2606:4700:3032::ac43:86f3
2606:4700:3037::6815:2a84
2620:1ec:bdf::60
2620:1ec:c11::237
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::485
15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67
19b63e619d3130ee44f0c277ec231056f0fd2ae5b54018bad27d1814afbd7c40
1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76
295b0d8e58e8d9e1e9751d49365ed708e596dd842422675d561e715f45241209
2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3
30ef31aeba1ad5044050fba274e09c75da8ea7170becaeb7eed53d1e3aedf784
3365fd5bcca6db3766cf099d5bbb74dc8db7fae302c30fa6bdf43eeddaf98742
4134ce960893a2a1ac5b018981136886079c4a6354de511b9be77db7d7b03d90
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
6937be838d602f0e7070b04af35bdf3139df03c8d0132162b67497449e7f7ee4
6d466d42fa01d64982ca55353bc8fb9a9c64db6ee3838d05cf1ee8f4322b5319
7f85c52f99ebe0290a361b01160690d5f542a3572b1bb9050ec0e80847bd827e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a7128ba5baa8aee815dfef5fe109ca7f78bb58dc9dcb386ab00a8719011bf40e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c583cf3a8e3887d7ae88a8a91aff3772782f8dbb87c13a97817fb23d54c7635c
d2f964dbd2b0fbc1acb4a320ab2d9b05e92edf5326cb3c3421b427f6c519a410
d350861d7eb1a94a311364f3a0e80baed12ff4054a867f051c490f197cced0aa
e03d6fb42e49e2329939f69249782d3fd87bd9b91eaee8b6e86b88203f08d1c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6a59b3a2643b047ee4b17f6e9427d3dc1e185fa75d0bbcd7a20c0a6ebea4773