urlscan.io logo urlscan.io
SecurityTrails logo

avancolink.click Open in urlscan Pro
2606:4700:3032::ac43:86f3  Public Scan

Go To Rescan Add Verdict Report
URL: https://avancolink.click/
Submission: On August 08 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 1 countries across 9 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3032::ac43:86f3, located in United States and belongs to CLOUDFLARENET, US. The main domain is avancolink.click.
TLS certificate: Issued by WE1 on August 5th 2024. Valid for: 3 months.
This is the only time avancolink.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2620:1ec:bdf::40 8075 (MICROSOFT...)
2 2a03:2880:f00... 32934 (FACEBOOK)
4 51.8.64.151 8075 (MICROSOFT...)
4 2a03:2880:f10... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 20.125.209.212 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 172.67.186.222 13335 (CLOUDFLAR...)
30 12
5    2606:4700:3032::ac43:86f3 (United States)

ASN13335 (CLOUDFLARENET, US)
avancolink.click
1    2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    51.8.64.151 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
h.clarity.ms
4    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700::6812:324 (United States)

ASN13335 (CLOUDFLARENET, US)
imagedelivery.net
7    2606:4700::6812:224 (United States)

ASN13335 (CLOUDFLARENET, US)
imagedelivery.net
1    2606:4700:3037::6815:2a84 (United States)

ASN13335 (CLOUDFLARENET, US)
cpxfonts.cc
2    20.125.209.212 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    172.67.186.222 (United States)

ASN13335 (CLOUDFLARENET, US)
userstat.net
Apex Domain
Subdomains		 Transfer
8 imagedelivery.net
imagedelivery.net — Cisco Umbrella Rank: 19721
88 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
h.clarity.ms — Cisco Umbrella Rank: 19880
c.clarity.ms — Cisco Umbrella Rank: 1838
29 KB
5 avancolink.click
avancolink.click
232 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
75 KB
1 userstat.net
userstat.net — Cisco Umbrella Rank: 232748
646 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
772 B
1 cpxfonts.cc
cpxfonts.cc
67 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
7 KB
30 9
Domain Requested by
8 imagedelivery.net avancolink.click
5 avancolink.click avancolink.click
4 www.facebook.com avancolink.click
4 h.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 connect.facebook.net avancolink.click
connect.facebook.net
2 www.clarity.ms avancolink.click
www.clarity.ms
1 userstat.net avancolink.click
1 c.bing.com 1 redirects
1 cpxfonts.cc avancolink.click
1 cdn.jsdelivr.net avancolink.click
30 11

This site contains no links.

Subject Issuer Validity Valid
avancolink.click
WE1		 2024-08-05 -
2024-11-03		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-17 -
2024-08-15		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
imagedelivery.net
E6		 2024-07-19 -
2024-10-17		 3 months crt.sh
cpxfonts.cc
E5		 2024-07-19 -
2024-10-17		 3 months crt.sh
userstat.net
WE1		 2024-07-17 -
2024-10-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://avancolink.click/
Frame ID: 35485FF762B7C5106BCEAC13BD4E23E0
Requests: 29 HTTP requests in this frame

Frame: https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/8411974a-b03c-42cc-4076-009e34e4ed00/public
Frame ID: 25332C5E36CFFC79C57ABF406D93DAC3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Raspadinha AvançoBet

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

30
Requests

93 %
HTTPS

75 %
IPv6

9
Domains

11
Subdomains

12
IPs

1
Countries

501 kB
Transfer

986 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2BFE9AC8FC604A9AB3717B4685C485F1&RedC=c.clarity.ms&MXFR=12E6A2EB030C61240069B63E070C6F91 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2BFE9AC8FC604A9AB3717B4685C485F1&MUID=20E5D9D109A3660A34C0CD04080B679D

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
avancolink.click/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:86f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
295b0d8e58e8d9e1e9751d49365ed708e596dd842422675d561e715f45241209

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8afddcef4c9941ec-EWR
content-encoding
br
content-type
text/html
date
Thu, 08 Aug 2024 07:41:16 GMT
last-modified
Wed, 07 Aug 2024 00:10:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RmYlV%2Bkwh%2B8c9hSrco7BHg6HW6g4xtVVlTP%2FnawFguVGH5t4PBbXjio07BtYnCmVc2ZqX%2Fm2lyHmGx5VjrFi4ntW%2BPRwhiH5imdjG94fCV9lpqDezKiUIlB6o5iuqEFCb9UjPwTtD778wocFQlSF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-do-app-origin
62be3d30-ffc4-41a0-98df-7e114417d3cf
x-do-orig-status
200
disable-devtool
cdn.jsdelivr.net/npm/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/disable-devtool
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:41:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21892
x-jsd-version
0.3.7
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6523
x-served-by
cache-fra-eddf8230052-FRA, cache-lga21931-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"4372-w4TGldenTh5CcrE/nVlC0PJNCZ0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2BTbi5ZIDSzt7e2uJGXKsnwnNF8xB0afILEIyHd%2FIrSmEzmgJ4CtO199RiKNDyyd4pz3A3SSxG6vtj0kYRB%2FTcXMGiObfeWTlFvlW7XK6OJSl55DdIDJeve%2FrIkyo5A4cxaGbPRktYIIccm8tKc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8afddcf32c8a0fa1-EWR
myo0bqbr68
www.clarity.ms/tag/ 		637 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/myo0bqbr68
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8297817887dd51437fae9ccb8e8d035ef244cd61ba5be75006b28fb7256823e9

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
date
Thu, 08 Aug 2024 07:41:16 GMT
x-azure-ref
20240808T074116Z-15c77d89844s5bgk063nq9dync0000000beg00000000az9n
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
expires
-1
main.a1a1fdad.js
avancolink.click/js/ 		188 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avancolink.click/js/main.a1a1fdad.js
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:86f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d466d42fa01d64982ca55353bc8fb9a9c64db6ee3838d05cf1ee8f4322b5319

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:41:17 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Wed, 07 Aug 2024 00:10:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
62be3d30-ffc4-41a0-98df-7e114417d3cf
x-do-orig-status
200
etag
W/"66b2bb90-2eebd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5GgR3uxqd9rln2qdw2%2F9UHLs45LdgcI6W3BYkVnLAfKtmEhF54arC0N3Z0rSXO3e9FUeSZ3GCdfxWDLO7OukgpERV2pNPUT0mm3gF%2B6p%2FJFlMPU3MO5jUJR4RvBUZ3v0KY5nISBWhyieX8F4LwbF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
server
cloudflare
cache-control
private
cf-ray
8afddcf34f1641ec-EWR
alt-svc
h3=":443"; ma=86400
main.eb4230ea.css
avancolink.click/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://avancolink.click/css/main.eb4230ea.css
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:86f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6a59b3a2643b047ee4b17f6e9427d3dc1e185fa75d0bbcd7a20c0a6ebea4773

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:41:16 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Wed, 07 Aug 2024 00:10:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
62be3d30-ffc4-41a0-98df-7e114417d3cf
x-do-orig-status
200
etag
W/"66b2bb90-712"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgfNyydDcq0IXcd3rht2Jwyty4t99MUtajVE%2BoVisgoe99MyVLB1tuCQjfvhmX0k0Uc2wawqyMVmruRv%2FaAhh4oz2C1I7%2BP%2FJtzNfKA%2BfeW8I%2FZJV8f4yvjC455TdraOivJrBaBzy81PVKtMmkWK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
server
cloudflare
cache-control
private
cf-ray
8afddcf29ecb41ec-EWR
alt-svc
h3=":443"; ma=86400
clarity.js
www.clarity.ms/s/0.7.43/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.43/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/myo0bqbr68
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:41:16 GMT
content-encoding
br
last-modified
Sun, 04 Aug 2024 12:31:46 GMT
etag
W/"0x8DCB48167E0DF97"
vary
Accept-Encoding
x-azure-ref
20240808T074116Z-15c77d89844s5bgk063nq9dync0000000beg00000000aza7
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
7286a60d-901e-0009-1666-e86b08000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 08 Aug 2024 07:41:16 GMT
document-policy
force-load-at-top
x-fb-server-load
33
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=12, mss=1328, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
9ydZBIqQr1WzlruhbicEb2G3M5BRvKQJpfSi8l53+/FzmJfiLDi9ABn+TXW8nmgoMo1py3jSb8BXlI7RoLZwiw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
Gotham-Medium.otf
avancolink.click/fonts/ 		165 KB
166 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://avancolink.click/fonts/Gotham-Medium.otf
Requested by
Host: avancolink.click
URL: https://avancolink.click/css/main.eb4230ea.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:86f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c583cf3a8e3887d7ae88a8a91aff3772782f8dbb87c13a97817fb23d54c7635c

Request headers

Referer
https://avancolink.click/css/main.eb4230ea.css
Origin
https://avancolink.click
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:41:17 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-do-app-origin
62be3d30-ffc4-41a0-98df-7e114417d3cf
x-do-orig-status
200
alt-svc
h3=":443"; ma=86400
content-length
169304
last-modified
Wed, 07 Aug 2024 00:10:56 GMT
server
cloudflare
etag
"66b2bb90-29558"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=89eddpJSKTP1gou5yEpaZKASK7EPxYN3ZsRJDX5EuRKN02ItuKLk%2FGeiFzJ7x0nDbBWgNPS632%2F8cAyPanwzAOcN4ZgwdHAUgh8Li8BAdFMdWQsaxG6YW%2FZ3hQ4EACia5VLXmmgFOKreF15E4kqT"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
private
accept-ranges
bytes
cf-ray
8afddcf42f9b41ec-EWR
1950672702048510
connect.facebook.net/signals/config/ 		70 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1950672702048510?v=2.9.164&r=stable&domain=avancolink.click&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9892faff0c0fc2701e1c4229b924fdb5108473801942dccb610e4729c752b51d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 08 Aug 2024 07:41:17 GMT
document-policy
force-load-at-top
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=64, mss=1328, tbw=64404, tp=-1, tpl=-1, uplat=126, ullat=0
pragma
public
x-fb-debug
WzjoyLUpGAEqAlElcd6C6d8lRgZ5thQktY38TLTEAba4fmbw7+MxwXjGMcxdsLX4fWeSSaHVZdmr7RpivQCiDQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
h.clarity.ms/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.8.64.151 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://avancolink.click
Date
Thu, 08 Aug 2024 07:41:17 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1950672702048510&ev=PageView&dl=https%3A%2F%2Favancolink.click%2F&rl=&if=false&ts=1723102877064&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723102877061.502128826456460770&cs_est=true&ler=empty&cdl=API_unavailable&it=1723102876904&coo=false&rqm=GET
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1328, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 08 Aug 2024 07:41:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1950672702048510&ev=PageView&dl=https%3A%2F%2Favancolink.click%2F&rl=&if=false&ts=1723102877064&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723102877061.502128826456460770&cs_est=true&ler=empty&cdl=API_unavailable&it=1723102876904&coo=false&rqm=FGET
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Thu, 08 Aug 2024 07:41:17 GMT
document-policy
force-load-at-top
x-fb-server-load
16
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400670504957546681", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=3106, tp=-1, tpl=-1, uplat=93, ullat=0
pragma
no-cache
x-fb-debug
kE+wlSOsaDhIRcPFbP/YwWSJGk36rDwefEmYVMA2h7egoDA98gyMfG9Vpb58/dEJq2zwfdYH16KArF2UxJKNVw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400670504957546681"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
public
imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/8411974a-b03c-42cc-4076-009e34e4ed00/ Frame 2533 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/8411974a-b03c-42cc-4076-009e34e4ed00/public
Requested by
Host: avancolink.click
URL: https://avancolink.click/js/main.a1a1fdad.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
cf-images
internal=ok/- q=0 n=808+70 c=0+0 v=2024.7.0 l=37760
cf-ray
8afddcf6ea2d4229-EWR
content-length
37760
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-type
image/avif
date
Thu, 08 Aug 2024 07:41:17 GMT
etag
"cfcoEbMkwlwjkuGLiu6uPPPVzUfb7C9F9CBQfA5-d8DQ"
server
cloudflare
vary
Accept, Accept-Encoding
x-content-type-options
nosniff
public
imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/7344c229-2e0e-4c57-b0fb-6018d471ce00/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/7344c229-2e0e-4c57-b0fb-6018d471ce00/public
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7128ba5baa8aee815dfef5fe109ca7f78bb58dc9dcb386ab00a8719011bf40e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=725+225 c=0+0 v=2024.7.0 l=2452
date
Thu, 08 Aug 2024 07:41:17 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
2452
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf1v34A82qLo0j7Rt-opiOvp3qfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8afddcf6edc84283-EWR
public
imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/9cfa2de4-f890-4617-ce0f-a36f6fa90800/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/9cfa2de4-f890-4617-ce0f-a36f6fa90800/public
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2f964dbd2b0fbc1acb4a320ab2d9b05e92edf5326cb3c3421b427f6c519a410
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=440+73 c=0+0 v=2024.8.0 l=31709 f=false
date
Thu, 08 Aug 2024 07:41:17 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
31709
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf-Z5pIFKGZgGm68F_Mxb16WJpfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8afddcf6edca4283-EWR
Gotham-Medium.otf
cpxfonts.cc/ 		165 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cpxfonts.cc/Gotham-Medium.otf
Requested by
Host: avancolink.click
URL: https://avancolink.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c583cf3a8e3887d7ae88a8a91aff3772782f8dbb87c13a97817fb23d54c7635c

Request headers

Referer
https://avancolink.click/
Origin
https://avancolink.click
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:41:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 20 May 2024 13:59:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"39b5ff14a54114e9ae92136578a0e2d3"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=30q3KLCqNz2wWW6LBBwLTPBsY%2FsQUxUzjAHCaSmKdPg77OuWudpWAxlPpwxy1pCjkT6kAcE9W6lnK%2Bgyt9QLtzSnw%2BaR0iiCh%2FWKpC0mUsCKSh2exzbb4l%2BzMjY6HhwcoLoQ%2BDLBEG%2Fe%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/otf
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8afddcf74fe6435c-EWR
alt-svc
h3=":443"; ma=86400
collect
h.clarity.ms/ 		0
280 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.8.64.151 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://avancolink.click
Date
Thu, 08 Aug 2024 07:41:17 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
public
imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/770e7287-f35d-4dcc-ca6b-60282e3bfd00/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/770e7287-f35d-4dcc-ca6b-60282e3bfd00/public
Requested by
Host: avancolink.click
URL: https://avancolink.click/?_token=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85c52f99ebe0290a361b01160690d5f542a3572b1bb9050ec0e80847bd827e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
Origin
https://avancolink.click
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=25+112 c=0+0 v=2024.7.0 l=26207
date
Thu, 08 Aug 2024 07:41:17 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
26207
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfkaiB3Vm2bStwuIQQI-8fEjFafb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8afddcf6ebea729f-EWR
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1950672702048510&ev=PageView&dl=https%3A%2F%2Favancolink.click%2F%3F_token%3D&rl=&if=false&ts=1723102877215&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723102877061.502128826456460770&cs_est=true&ler=empty&cdl=API_unavailable&it=1723102876904&coo=false&rqm=GET
Requested by
Host: avancolink.click
URL: https://avancolink.click/?_token=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1328, tbw=6444, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 08 Aug 2024 07:41:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1950672702048510&ev=PageView&dl=https%3A%2F%2Favancolink.click%2F%3F_token%3D&rl=&if=false&ts=1723102877215&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723102877061.502128826456460770&cs_est=true&ler=empty&cdl=API_unavailable&it=1723102876904&coo=false&rqm=FGET
Requested by
Host: avancolink.click
URL: https://avancolink.click/?_token=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Thu, 08 Aug 2024 07:41:17 GMT
document-policy
force-load-at-top
x-fb-server-load
16
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400670506018664988", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1328, tbw=6590, tp=-1, tpl=-1, uplat=18, ullat=0
pragma
no-cache
x-fb-debug
ko7je7ilNcuqOZ8Su2dMtRv+hOgXK2tixxDRf5XL9Gl/txIWG+un6mmQUPH8F5BHyGEPMRNnwm9MacH6RNpaiA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400670506018664988"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
public
imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/83024b1c-0d74-4a0c-d99f-194ad56a1700/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/83024b1c-0d74-4a0c-d99f-194ad56a1700/public
Requested by
Host: avancolink.click
URL: https://avancolink.click/?_token=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d350861d7eb1a94a311364f3a0e80baed12ff4054a867f051c490f197cced0aa
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=611+0 c=0+29 v=2024.6.0 l=2334
date
Thu, 08 Aug 2024 07:41:17 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
2334
cf-bgj
imgq:0,h2pri
server
cloudflare
etag
"cfXv91C2usBFdccB9cmft0Vj0ofb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
warning
cf-images 299 "original is 88B smaller"
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8afddcf6edcb4283-EWR
public
imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/de3f5bd5-9895-4059-6183-272a4a54fd00/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/de3f5bd5-9895-4059-6183-272a4a54fd00/public
Requested by
Host: avancolink.click
URL: https://avancolink.click/?_token=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19b63e619d3130ee44f0c277ec231056f0fd2ae5b54018bad27d1814afbd7c40
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=445+0 c=0+18 v=2024.6.0 l=2388
date
Thu, 08 Aug 2024 07:41:17 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
2388
cf-bgj
imgq:0,h2pri
server
cloudflare
etag
"cf2aWmpa4FQZXiox2g0DZraLtVfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
warning
cf-images 299 "original is 260B smaller"
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8afddcf6edcd4283-EWR
public
imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/82c354b5-111f-47dc-847f-c087edccd500/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/82c354b5-111f-47dc-847f-c087edccd500/public
Requested by
Host: avancolink.click
URL: https://avancolink.click/?_token=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e03d6fb42e49e2329939f69249782d3fd87bd9b91eaee8b6e86b88203f08d1c1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=713+0 c=0+38 v=2024.6.0 l=2998
date
Thu, 08 Aug 2024 07:41:17 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
2998
cf-bgj
imgq:0,h2pri
server
cloudflare
etag
"cf2EfJj1Vp9899ndCqZZL4k-xOfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
warning
cf-images 299 "original is 8B smaller"
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8afddcf6edcf4283-EWR
public
imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/3df0fb21-16b9-4e07-e8e8-8120c712f900/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/EaZRNf2p1sEUSFXa1Yhzqg/3df0fb21-16b9-4e07-e8e8-8120c712f900/public
Requested by
Host: avancolink.click
URL: https://avancolink.click/?_token=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4134ce960893a2a1ac5b018981136886079c4a6354de511b9be77db7d7b03d90
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=603+250 c=0+0 v=2024.7.0 l=19076
date
Thu, 08 Aug 2024 07:41:17 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
19076
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf717P4NcWIKExsjTJpcVAzSwXfb7C9F9CBQfA5-d8DQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8afddcf6edce4283-EWR
collect
h.clarity.ms/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.8.64.151 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://avancolink.click
Date
Thu, 08 Aug 2024 07:41:17 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2BFE9AC8FC604A9AB3717B4685C485F1&RedC=c.clarity.ms&MXFR=12E6A2EB030C61240069B63E070C6F91
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2BFE9AC8FC604A9AB3717B4685C485F1&MUID=20E5D9D109A3660A34C0CD04080B679D
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2BFE9AC8FC604A9AB3717B4685C485F1&MUID=20E5D9D109A3660A34C0CD04080B679D
Protocol
H2
Server
20.125.209.212 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Aug 2024 07:41:17 GMT
last-modified
Wed, 31 Jul 2024 18:21:55 GMT
server
Microsoft-IIS/10.0
etag
"bfef2a8676e3da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 08 Aug 2024 07:41:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FD47E9F70A1349E8B183A9F877C818BB Ref B: EWR30EDGE1412 Ref C: 2024-08-08T07:41:17Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2BFE9AC8FC604A9AB3717B4685C485F1&MUID=20E5D9D109A3660A34C0CD04080B679D
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
espadilha-icon.svg
avancolink.click/images/ 		555 B
455 B 		Other
General
Check archive.org
Download Go to
Full URL
https://avancolink.click/images/espadilha-icon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:86f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3365fd5bcca6db3766cf099d5bbb74dc8db7fae302c30fa6bdf43eeddaf98742

Request headers

Referer
https://avancolink.click/?_token=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:41:18 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-do-app-origin
62be3d30-ffc4-41a0-98df-7e114417d3cf
x-do-orig-status
404
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RWW1qZ6YupjZfg4azbZT4JBzzSs3tdiWaPcAPzIdZBmE3Gq4lisXMuTNkLcgLc8%2BLv0U%2B6P2pEcwGDcrbvs2q%2FBhWoynJm5Iy2z1LAURYHEqR%2FXwt1SAJAP3IUZr0R65JLxbe0lWrk3LNIJJABTB"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private
cf-ray
8afddcfa7c2a41ec-EWR
alt-svc
h3=":443"; ma=86400
script.js
userstat.net/get/ 		129 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://userstat.net/get/script.js?referrer=https://avancolink.click/?_token=
Requested by
Host: avancolink.click
URL: https://avancolink.click/js/main.a1a1fdad.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.186.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.1
Resource Hash
15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67

Request headers

Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 07:41:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.1
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://avancolink.click
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fqq5Eq5ETR2Fgj%2BIFsXLSEyVRIdDAPspbxEqQBcN2c3fmnHRNOgix2YopuUMPU379DJ1tc5tDEhYd9J06xGP91u%2B4f79rl4ixdB8s9fuCRRF4iTD8xx32QlJL8ABh%2Bc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8afddcfcbd8b42ac-EWR
access-control-allow-headers
X-Requested-With,content-type
alt-svc
h3=":443"; ma=86400
collect
h.clarity.ms/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.8.64.151 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://avancolink.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://avancolink.click
Date
Thu, 08 Aug 2024 07:41:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
collect
h.clarity.ms/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
h.clarity.ms
URL
https://h.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| DisableDevtool function| clarity function| fbq function| _fbq function| updateTimer string| __reactRouterVersion

12 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: c34928377be54866880ad14876921a1b.20240808.20250808
.avancolink.click/ Name: _clck
Value: 1yqjw1x%7C2%7Cfo5%7C0%7C1681
.avancolink.click/ Name: _fbp
Value: fb.1.1723102877061.502128826456460770
avancolink.click/ Name: PHPREFS
Value: full
.avancolink.click/ Name: _clsk
Value: gbc47p%7C1723102877649%7C2%7C1%7Ch.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 20E5D9D109A3660A34C0CD04080B679D
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 20E5D9D109A3660A34C0CD04080B679D
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 20E5D9D109A3660A34C0CD04080B679D
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://avancolink.click/images/espadilha-icon.svg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avancolink.click
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
connect.facebook.net
cpxfonts.cc
h.clarity.ms
imagedelivery.net
userstat.net
www.clarity.ms
www.facebook.com
h.clarity.ms
172.67.186.222
20.125.209.212
2606:4700:3032::ac43:86f3
2606:4700:3037::6815:2a84
2606:4700::6812:224
2606:4700::6812:324
2606:4700::6812:ba1f
2620:1ec:bdf::40
2620:1ec:c11::237
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
51.8.64.151
15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67
19b63e619d3130ee44f0c277ec231056f0fd2ae5b54018bad27d1814afbd7c40
1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76
295b0d8e58e8d9e1e9751d49365ed708e596dd842422675d561e715f45241209
2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3
3365fd5bcca6db3766cf099d5bbb74dc8db7fae302c30fa6bdf43eeddaf98742
4134ce960893a2a1ac5b018981136886079c4a6354de511b9be77db7d7b03d90
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
6d466d42fa01d64982ca55353bc8fb9a9c64db6ee3838d05cf1ee8f4322b5319
7f85c52f99ebe0290a361b01160690d5f542a3572b1bb9050ec0e80847bd827e
8297817887dd51437fae9ccb8e8d035ef244cd61ba5be75006b28fb7256823e9
9892faff0c0fc2701e1c4229b924fdb5108473801942dccb610e4729c752b51d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a7128ba5baa8aee815dfef5fe109ca7f78bb58dc9dcb386ab00a8719011bf40e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c583cf3a8e3887d7ae88a8a91aff3772782f8dbb87c13a97817fb23d54c7635c
d2f964dbd2b0fbc1acb4a320ab2d9b05e92edf5326cb3c3421b427f6c519a410
d350861d7eb1a94a311364f3a0e80baed12ff4054a867f051c490f197cced0aa
e03d6fb42e49e2329939f69249782d3fd87bd9b91eaee8b6e86b88203f08d1c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6a59b3a2643b047ee4b17f6e9427d3dc1e185fa75d0bbcd7a20c0a6ebea4773