urlscan.io logo urlscan.io
SecurityTrails logo

distrib.addon-continue.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://flnt20318.hexatrack1.io/
Effective URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId...
Submission: On May 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 4 countries across 8 domains to perform 20 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is distrib.addon-continue.com. The Cisco Umbrella rank of the primary domain is 345383.
TLS certificate: Issued by GTS CA 1P5 on March 15th 2024. Valid for: 3 months.
This is the only time distrib.addon-continue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 34.22.240.62 396982 (GOOGLE-CL...)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
1 1 2a05:d018:483... 16509 (AMAZON-02)
2 21 188.114.96.3 13335 (CLOUDFLAR...)
1 1 34.90.20.163 396982 (GOOGLE-CL...)
1 1 52.58.28.63 16509 (AMAZON-02)
20 2
2    34.22.240.62 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.240.22.34.bc.googleusercontent.com
flnt20318.hexatrack1.io
duct.infralead.net
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
offer-select.com
1    2a05:d018:483:6110:c29b:eaa2:5b0d:9c34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
eastrk-dl.com
21    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
adspredictiv.com
distrib.addon-continue.com
1    34.90.20.163 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 163.20.90.34.bc.googleusercontent.com
tracking.trackingshub.com
1    52.58.28.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-63.eu-central-1.compute.amazonaws.com
excellingvista.com
Apex Domain
Subdomains		 Transfer
18 addon-continue.com
distrib.addon-continue.com — Cisco Umbrella Rank: 345383
207 KB
3 adspredictiv.com
adspredictiv.com
5 KB
1 excellingvista.com
excellingvista.com — Cisco Umbrella Rank: 321165
458 B
1 trackingshub.com
tracking.trackingshub.com — Cisco Umbrella Rank: 262416
352 B
1 eastrk-dl.com
eastrk-dl.com
3 KB
1 offer-select.com
offer-select.com
903 B
1 infralead.net
duct.infralead.net
572 B
1 hexatrack1.io
flnt20318.hexatrack1.io
794 B
20 8
Domain Requested by
18 distrib.addon-continue.com adspredictiv.com
distrib.addon-continue.com
3 adspredictiv.com 2 redirects
1 excellingvista.com 1 redirects distrib.addon-continue.com
1 tracking.trackingshub.com 1 redirects
1 eastrk-dl.com 1 redirects
1 offer-select.com 1 redirects
1 duct.infralead.net 1 redirects
1 flnt20318.hexatrack1.io 1 redirects
20 8

This site contains no links.

Subject Issuer Validity Valid
adspredictiv.com
GTS CA 1P5		 2024-04-27 -
2024-07-26		 3 months crt.sh
addon-continue.com
GTS CA 1P5		 2024-03-15 -
2024-06-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Frame ID: DDCD3C82115D91FEF6170A749BA58CA7
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Primary AdBlock

Page URL History Show full URLs

  1. https://flnt20318.hexatrack1.io/ HTTP 302
    https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_l... HTTP 302
    https://offer-select.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_fi... HTTP 302
    https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wtmumnb10jj7il113it6290m HTTP 302
    https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d9b35d011a8c489c8d4d702f2ca8c1752099a&su... Page URL
  2. https://adspredictiv.com/jump/next.php?stamat=m%257Cd3NhJSYiaQdH8AH0dEdHP3xP.72a%252C7H0PozvLiGV-YkDx... HTTP 302
    https://adspredictiv.com/script/i.php?t=1&c=23786292&stamat=m%257C%252C%252Cgjf7oiF-tGU3BE-GH0dEdHP3x... HTTP 302
    https://tracking.trackingshub.com/click?pid=6&offer_id=2435408&sub1=171477064310000TDETV413588908734Va9&sub2=6... HTTP 302
    https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=663552d34fb5290001cb9ea5&source=6_... HTTP 307
    https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&f... Page URL

Page Statistics

20
Requests

95 %
HTTPS

17 %
IPv6

8
Domains

8
Subdomains

2
IPs

4
Countries

210 kB
Transfer

510 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://flnt20318.hexatrack1.io/ HTTP 302
    https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&ld_age=&ld_dob=&aff_inc=&externalid=;;;;;;;;;;;;;; HTTP 302
    https://offer-select.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&aff_source=&aff_subsource=&operator=NotMapped&mnc=&ld_dob=&aff_inc=&ld_region_code= HTTP 302
    https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wtmumnb10jj7il113it6290m HTTP 302
    https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d9b35d011a8c489c8d4d702f2ca8c1752099a&sub1=35429&sub2= Page URL
  2. https://adspredictiv.com/jump/next.php?stamat=m%257Cd3NhJSYiaQdH8AH0dEdHP3xP.72a%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRrNfLENJy4TGkHo3ZBtMGSHDaBCyLw3yMK2v_5p3YXfA2WN0GY9BZ7Ngk4bSIkct52TMNyQgZqgZvmrfA7DUfc2&cbpage=https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d9b35d011a8c489c8d4d702f2ca8c1752099a&sub1=35429&sub2=&cbur=0.9561086903755975&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=&ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse1600x1200-120de-DE81724%20bits HTTP 302
    https://adspredictiv.com/script/i.php?t=1&c=23786292&stamat=m%257C%252C%252Cgjf7oiF-tGU3BE-GH0dEdHP3xP.2dc%252CuR7keYiYlIk6b2qjxOimKLj8iIGgMkbPzDXI9WCJOkBZkIb_DcgBQ5ZXZpWp9ox2llIMQ6-nJECLVNew80cjqGgED9BI5AvA0w0wAp8LSQQg3Un8-cA-hm-VFMRGAUFSf-sRRzMXbGnH1H01ohia0pLVji3X4MaazHlJRjr1yMz6SjoJM6d1fqCwKWLKGXUi9TnvAf_OQp8XAU1qC_1Qglu66RGinAomHkDQg0V4kTVSuklEzk_I0-rPctyLTH1ai7Dq0gh9leyvQhl3b8eXqiZfNiWHt9ub4i91JEs-t_LgrfhJIe1h1aSPG9QxYIlXboJd4zz2h952n3L6Y_ewT5ayq7mGvUuUI7eHH54aD1hskTxLuSM02fdNW_Ak0Dj3fqZy4UkaE4bDg5u4qVFu4s9kksNGR3jP2oiuVy6hjZNpsUXzSkZIQ7fNOEHxcq3yl9NJeldgYhXwCT0I76ZfluKqeaNRBaU766x0nrl_lXMClMJAfPYtbY0D6clDIGf-BOh8WRc4OUVWh_kmtbp5BxO8Xj6H3OsEXs8QBI87cOTh7_AHWUWOLr1WCPsPqgJL-ct9wvO1-v4RwX819rF0c-DYDDRLygD10OtZl1Mdp2cT65DMx8xGULN5Gso4cEeOzxI6PjoUpYAx64QBgQR-xGS8FJ_AxUTB-ahuhUJZDyE%252C HTTP 302
    https://tracking.trackingshub.com/click?pid=6&offer_id=2435408&sub1=171477064310000TDETV413588908734Va9&sub2=6536622-1984015597-0 HTTP 302
    https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=663552d34fb5290001cb9ea5&source=6_6536622-1984015597-0 HTTP 307
    https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://flnt20318.hexatrack1.io/ HTTP 302
  • https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&ld_age=&ld_dob=&aff_inc=&externalid=;;;;;;;;;;;;;; HTTP 302
  • https://offer-select.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&aff_source=&aff_subsource=&operator=NotMapped&mnc=&ld_dob=&aff_inc=&ld_region_code= HTTP 302
  • https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wtmumnb10jj7il113it6290m HTTP 302
  • https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d9b35d011a8c489c8d4d702f2ca8c1752099a&sub1=35429&sub2=

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
next.php
adspredictiv.com/jump/
Redirect Chain
  • https://flnt20318.hexatrack1.io/
  • https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&ld_age=&ld_dob=&a...
  • https://offer-select.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&aff_s...
  • https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wtmumnb10jj7il113it6290m
  • https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d9b35d011a8c489c8d4d702f2ca8c1752099a&sub1=35429&sub2=
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d9b35d011a8c489c8d4d702f2ca8c1752099a&sub1=35429&sub2=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87e33d4608f2718b-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 03 May 2024 21:10:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gwr%2FuNTZmH0y2%2Flv%2FauwBHmM%2FSWwkiQnE5c6apzs5e%2By1hZ3RNWnbXYIHAdmlZL0UacOkKV3jTKSJiAEJVOsOBR0rxuDD5xqZZ4MZAcWP7v4kxUtWa0UxYucnF5HLs94GHJF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
content-language
en-US
content-type
text/html;charset=ISO-8859-1
date
Fri, 03 May 2024 21:10:42 GMT
location
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d9b35d011a8c489c8d4d702f2ca8c1752099a&sub1=35429&sub2=
server
nginx
Primary Request /
distrib.addon-continue.com/
Redirect Chain
  • https://adspredictiv.com/jump/next.php?stamat=m%257Cd3NhJSYiaQdH8AH0dEdHP3xP.72a%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRrNfLENJy4TGkHo3ZBtMGSHDaBCyLw3yMK2v_5p3YXfA2WN0GY9BZ7Ngk4bSIkct52TMNyQ...
  • https://adspredictiv.com/script/i.php?t=1&c=23786292&stamat=m%257C%252C%252Cgjf7oiF-tGU3BE-GH0dEdHP3xP.2dc%252CuR7keYiYlIk6b2qjxOimKLj8iIGgMkbPzDXI9WCJOkBZkIb_DcgBQ5ZXZpWp9ox2llIMQ6-nJECLVNew80cjqG...
  • https://tracking.trackingshub.com/click?pid=6&offer_id=2435408&sub1=171477064310000TDETV413588908734Va9&sub2=6536622-1984015597-0
  • https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=663552d34fb5290001cb9ea5&source=6_6536622-1984015597-0
  • https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96...
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Requested by
Host: adspredictiv.com
URL: https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d9b35d011a8c489c8d4d702f2ca8c1752099a&sub1=35429&sub2=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
fb9fc04b79013feb8991210354bc0b64c4093bed280a7740a5a1edca1f4d48ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d9b35d011a8c489c8d4d702f2ca8c1752099a&sub1=35429&sub2=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
87e33d4e2e398f34-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 03 May 2024 21:10:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dpv%2F191hl1wlexK7AIa1hDGoyxGj1tSOUTvy%2FgyKHPrbzdvien1NdhWQZsCR28EMSWOukVkDuqwS3juXOwKtPXKIgSYc%2FSnINLDn8yVroAyiI0ccNhkY%2BfkrqtwjNIUEGzMT7PKLUWZmgc%2Fo6g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Next.js

Redirect headers

content-length
0
date
Fri, 03 May 2024 21:10:43 GMT
location
https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
server
Caddy
x-request-id
4e572a4a-3ae1-4540-93e3-cc04d324b458
9d92a176c9608aa4.css
distrib.addon-continue.com/_next/static/css/ 		102 B
626 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://distrib.addon-continue.com/_next/static/css/9d92a176c9608aa4.css
Requested by
Host: distrib.addon-continue.com
URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1846839
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 11 Apr 2024 22:48:31 GMT
server
cloudflare
etag
W/"66-18ecf592a84"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cYoNa%2B%2BiTZVbLyDU0CQafytCtdRNx7f2lK7kO%2Fw43USkTv%2BTbpxzl2wh%2BugpbkocIVhJxIrBHuTqt1WitJE6FzXcMJsk2QFIjLe3LpkHCAxygqmYU1vGoyWoP5FtAJ4rOw2O%2Fjgn0xerWsZjAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87e33d4eaec78f34-FRA
a3991ffec35386c1.css
distrib.addon-continue.com/_next/static/css/ 		40 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://distrib.addon-continue.com/_next/static/css/a3991ffec35386c1.css
Requested by
Host: distrib.addon-continue.com
URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a3576969f2d8f03ae741c13ce916e9796076187d38f00482bcc633945fc4404
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56932
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 03 May 2024 05:20:51 GMT
server
cloudflare
etag
W/"a132-18f3ce5eaa8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xyhUujBmg%2FS%2Be9zD3aUmR1w5VvFHsUdSSTs9QgTakz2Q88dxsnWQAu%2FNX3twV1VLIq8ZkrfQMfdcykZvs8jjMuW%2BJ%2FGcZInKm3bJulVAHeUKXA5akpWS5M%2FzkPBetWIdAzl5Syc%2FhEIVy6X%2FSg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87e33d4eaeca8f34-FRA
2faa182bafabc77e.css
distrib.addon-continue.com/_next/static/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://distrib.addon-continue.com/_next/static/css/2faa182bafabc77e.css
Requested by
Host: distrib.addon-continue.com
URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdb7e5b905c5ba8ecb8c3903ed4f807ea46fea7c5bd2be0fef92cf0122ec6f14
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56932
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 03 May 2024 05:20:51 GMT
server
cloudflare
etag
W/"1c17-18f3ce5eaa8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iXoMtDTYrHK53zSESVKuPwmSHaoq8LF4fQ89%2BBr%2B0xfQ9VhOIcX%2FILzmSBz0mSg3MvDZAilaZM19LdRVbv6LxZNOq2PjX90Ma2aB49ZmO%2BTul8T%2FJWX7URD%2FaYDLT4fIqMzx2DVj1nG2Ws9gJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87e33d4eaecd8f34-FRA
6596.9b676d6016051bf6.js
distrib.addon-continue.com/_next/static/chunks/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.addon-continue.com/_next/static/chunks/6596.9b676d6016051bf6.js
Requested by
Host: distrib.addon-continue.com
URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53af2ba832d7fd0ea09e7b9ad86c40a734d7c8226a3acfa93c53f20e267bccdb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56932
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 03 May 2024 05:20:51 GMT
server
cloudflare
etag
W/"2aa2-18f3ce5eaa4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0YxNpd8UOsBUOkH%2FSqPYksPNrmjG3J%2BaNcFTKLCTcKOm7A%2FSvhv2dOk%2BAjJTijlOIBciJEoOabpi4A4X%2BFxiuCd1ddxXqPX%2FhEzbLCvbPz3bpX6MLwwb3NthSyGPHoyLlDP4XfHjImlos5gA3A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87e33d4ebedf8f34-FRA
webpack-e1529826d7166144.js
distrib.addon-continue.com/_next/static/chunks/ 		12 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.addon-continue.com/_next/static/chunks/webpack-e1529826d7166144.js
Requested by
Host: distrib.addon-continue.com
URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd701c75d5f318b4bbe49ea523aee01950a7bcb1e1ae882c7f97fe2ceed269df
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56932
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 03 May 2024 05:20:51 GMT
server
cloudflare
etag
W/"30b6-18f3ce5eaa4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AeF8e9rD8h7Cf2YpQM%2BSs9xDMwTMdzAI7fT5mFxKRiweyLBdHodjhlFDExUUysr70yoVsc8zZFK%2FdWak%2Bnk3Crpab9eulkJo2Dvkn3gCBFcRyG8MGomw6XV3y2G8cOMKAKaVxlrvMf5IEQr4Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87e33d4ebee38f34-FRA
framework-3671d8951bf44e4e.js
distrib.addon-continue.com/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.addon-continue.com/_next/static/chunks/framework-3671d8951bf44e4e.js
Requested by
Host: distrib.addon-continue.com
URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1845c289c582dd2b58a3ab7f8eadb695ebabbfe7a2685e5f9012ae16e0541580
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56932
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 03 May 2024 05:20:51 GMT
server
cloudflare
etag
W/"226fd-18f3ce5eaa8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BP4gSeK0gkhBnGwsqs8Ifq7VJkX4Pj8IDVJqtOOStkRpEHwjU0X0rKGr9Pkn8hTnZQ5%2BP08bEB%2B8MAqeFgcc%2B9gy5JrOh3EnpZj5rgncNrIoOOurJxCdkoXKLURD0mvh6eo%2BHwU9JeOvtc5R9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87e33d4fd81f8f34-FRA
main-403c8612371c9360.js
distrib.addon-continue.com/_next/static/chunks/ 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.addon-continue.com/_next/static/chunks/main-403c8612371c9360.js
Requested by
Host: distrib.addon-continue.com
URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0514cea519259a90ef195e663ef8f544520a3b08a3e3986179e7e43a56cfba1a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56932
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 03 May 2024 05:20:51 GMT
server
cloudflare
etag
W/"15cff-18f3ce5eaa4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RKiwMWqlxY%2FkpdU3u7T7Nbdf3tIkKvanI2olp8383nJWCAH4txEt6q3S24AZatsTbC1Sx89JvUHp770sRD50oJQCEr8Up4TxDurHaQMQ1ToHimhJE1nP2T9vun%2BKV10ypcXbjqxDK%2FFYhKwx%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87e33d4fd8228f34-FRA
_app-8670c2f453ae24a7.js
distrib.addon-continue.com/_next/static/chunks/pages/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.addon-continue.com/_next/static/chunks/pages/_app-8670c2f453ae24a7.js
Requested by
Host: distrib.addon-continue.com
URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9a31dd498e84cff2faf9cb91faf3f0d336de3098e2f623773cff935294d03c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56932
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 03 May 2024 05:20:51 GMT
server
cloudflare
etag
W/"510e-18f3ce5eaa8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3q%2BIpYUmOwbNdk2X3go6R3Rn2J8hFwydmyHmSv7qRk4n9jOZBhD8SqEJPK3dgLU2Zm5tiTZU2M%2Bb6%2B4XtfnkJpeiV%2BrM0XIaRu8%2FmdkDzzfSKWsPcYAkqUhl2eZaHFuWNauiCGnJhiO00L%2Fq8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87e33d4fd8238f34-FRA
7928-6075f0412f935ecd.js
distrib.addon-continue.com/_next/static/chunks/ 		105 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.addon-continue.com/_next/static/chunks/7928-6075f0412f935ecd.js
Requested by
Host: distrib.addon-continue.com
URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad836c52e873697d018b5c985226104f41e73624b3ab43b8acf261fe2e26ce5f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56932
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 03 May 2024 05:20:51 GMT
server
cloudflare
etag
W/"1a2bf-18f3ce5eaa4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8VMKXbDhl4KJ364oikwda1EpOQBC%2FxXSEroTcAXWkmdnctqKAZgAqm0ZwdKYU6qi0uZ8ASVLuj%2FgvP6N4MoVai63sHZDoEQT0ED33wa4ShJaQTyTA75cFmylZxuKT7iHhUGHtttWtVJQY9594A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87e33d4fd8248f34-FRA
index-391fb21e96fbf8f9.js
distrib.addon-continue.com/_next/static/chunks/pages/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.addon-continue.com/_next/static/chunks/pages/index-391fb21e96fbf8f9.js
Requested by
Host: distrib.addon-continue.com
URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7728794c46aae2aea176b3fae3af6c29586ec1b6f69a943240ca66a4f9a73d9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56932
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 03 May 2024 05:20:51 GMT
server
cloudflare
etag
W/"5ead-18f3ce5eaa8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NANuF%2B3R8Kxth38xyqNzDJ%2BYGv5KQ18fpgd50zXcDcSw6AshZpYMkHikNPl2QCKSt5MKM3v03eIxAFgpxLnngwB85kq31XmJHIcC55n3kmu%2BUjZcN%2BxCZXKt4q%2FIL6mfOJRA5vj%2FRFbPbEQXaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87e33d50085f8f34-FRA
_buildManifest.js
distrib.addon-continue.com/_next/static/_dIanAkdopzxUtzo4bCMT/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.addon-continue.com/_next/static/_dIanAkdopzxUtzo4bCMT/_buildManifest.js
Requested by
Host: distrib.addon-continue.com
URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bae148ca0c030f2445a9eaaf70daea526971e20c044eafde5e17b3d0fcf00068
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56932
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 03 May 2024 05:20:51 GMT
server
cloudflare
etag
W/"40a-18f3ce5eaa8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xTbtFzudMKREXG6aTaFbo0GZX9Lo9CKWiMnsAZI1gPoyvOWNFhjrYPBrIWCah8Q5tarxyxJnze%2BMIF2j0i4DBAEC4Iy6A5gnKaI5lQGNmX3%2FHUyYPvqCMDBv7n7hi54%2FzGB0HmO7MUAvrGGuw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87e33d5008608f34-FRA
_ssgManifest.js
distrib.addon-continue.com/_next/static/_dIanAkdopzxUtzo4bCMT/ 		77 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://distrib.addon-continue.com/_next/static/_dIanAkdopzxUtzo4bCMT/_ssgManifest.js
Requested by
Host: distrib.addon-continue.com
URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56932
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 03 May 2024 05:20:51 GMT
server
cloudflare
etag
W/"4d-18f3ce5eaa8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p8zRr1ohc7g5iWrNx6UkpO4JU8YbbMfNd1U6Lpx6EMl5CgrWlRkeb4KpsG2YJlo58RzZA9RMxPqPjK5g50vTXtQjRHl8GqtaoV8F%2FIXlLmb%2FWkmE5kFVsGwukxK6TTm8v0VX0MtDPj%2FDsZlmsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
87e33d5008618f34-FRA
icon.svg
distrib.addon-continue.com/images/promo-images/salmon/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://distrib.addon-continue.com/images/promo-images/salmon/icon.svg
Requested by
Host: distrib.addon-continue.com
URL: https://distrib.addon-continue.com/_next/static/css/2faa182bafabc77e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4abf215f3a2e97a09a6bbbcce397edebe274eb2f4d30017d51538db5d8ce8bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/_next/static/css/2faa182bafabc77e.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 03 May 2024 05:20:37 GMT
server
cloudflare
etag
W/"a60-18f3ce5b2fc"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4bi9aOJRx6iKSKcluZs5aQYOJafFZWhAfvI6vK1pnFh9DekWei33of56MOK0vVKTvqZ1530mIGzRob0WfzeCBk3%2F4lJD3XU5YB%2B9eODO1qX9B2HMqRQFr3NyXTwf7Rx9EndrAnHRyGlNJ%2BJ4iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
87e33d4f4f7d8f34-FRA
available-in-chrome.svg
distrib.addon-continue.com/images/browser-icons/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://distrib.addon-continue.com/images/browser-icons/available-in-chrome.svg
Requested by
Host: distrib.addon-continue.com
URL: https://distrib.addon-continue.com/_next/static/css/a3991ffec35386c1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed7d9565486a66ea74ca2944c02ba502f78fd8e56052a18c9407d61d7442460f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/_next/static/css/a3991ffec35386c1.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 03 May 2024 05:20:37 GMT
server
cloudflare
etag
W/"309d-18f3ce5b2dc"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JEOsBFvuHowy5q4DNTsCo3NCwkojwD4GDJCcYEoce1B5ty%2FrJKuoirLZgAbJFIkO6AP8sNAwKKKsi%2F8ejGCFPNOPQvA0UJt2JB55NEMiSRrLE%2BCrIdrGZaQqApadSjUtevaY%2BaTYCkKQS1NwGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
87e33d4f9fd28f34-FRA
627622453ef56b0d.p.woff2
distrib.addon-continue.com/_next/static/media/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://distrib.addon-continue.com/_next/static/media/627622453ef56b0d.p.woff2
Requested by
Host: distrib.addon-continue.com
URL: https://distrib.addon-continue.com/_next/static/css/2faa182bafabc77e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/_next/static/css/2faa182bafabc77e.css
Origin
https://distrib.addon-continue.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56931
alt-svc
h3=":443"; ma=86400
content-length
11072
last-modified
Fri, 03 May 2024 05:20:51 GMT
server
cloudflare
etag
W/"2b40-18f3ce5eaa4"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1hpzER2WMp4FaN%2FsHsf%2BHhCgh6Yroz20YxH0Xw9T9ArFnIff7a0jUD4u31laEeqWMduwQ%2B6YAZOgHFkn9ujAg50yKY69gxEypSeltFdx4Q7XNYMhHn6Em4vUsviEuiTbBSa1Xmla7uysRXVrsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
87e33d4f4f848f34-FRA
934c4b7cb736f2a3.p.woff2
distrib.addon-continue.com/_next/static/media/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://distrib.addon-continue.com/_next/static/media/934c4b7cb736f2a3.p.woff2
Requested by
Host: distrib.addon-continue.com
URL: https://distrib.addon-continue.com/_next/static/css/2faa182bafabc77e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/_next/static/css/2faa182bafabc77e.css
Origin
https://distrib.addon-continue.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56931
alt-svc
h3=":443"; ma=86400
content-length
11028
last-modified
Fri, 03 May 2024 05:20:51 GMT
server
cloudflare
etag
W/"2b14-18f3ce5eaa4"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BHucFgqNiXOjhEo%2Fyw%2FrQuWumPMzpuvHK3%2FKa64S8CJ6Xiu%2FgT1xZ4xIqFGQMHqu%2BXMO5vXBqUr5ZDmVEfpnjTlm8IO7m0rsiHnanmz%2BwkHxTact%2Bhycf8o7FHr7uagpLKIPE78K%2Fjv0dV8Xsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
87e33d4fc8068f34-FRA
click
excellingvista.com/ 		0
0
favicon.ico
distrib.addon-continue.com/images/extension-icons/primary-adblock/ 		15 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://distrib.addon-continue.com/images/extension-icons/primary-adblock/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dc86bcb63b4c5f30ab4a584acceca2f83aa7da547791e47e87e28f21f6675f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 21:10:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 03 May 2024 05:20:37 GMT
server
cloudflare
etag
W/"3c2e-18f3ce5b2e8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/x-icon
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BniBvjKCmFAsJQm5D%2FJ2UX3GOLGlvUvVVK23hXZKsOe1qxM2YOEBjFqHZxXdX15NXhL1ABZ5E8%2Bt1tyfxXUZtEedaYotrfZfTtKWPiIiotKSy2gvudKDo0C6OHu8t85fnOUweKcSoxzyn8tWpA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
87e33d520aae8f34-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
excellingvista.com
URL
https://excellingvista.com/click?upd_clickid=coql5kr2r96s73e9qfp0&add_event6=1

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| a13b function| a13a object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| a0b function| a0a function| a80b function| a80a function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST

30 Cookies

Domain/Path Name / Value
duct.infralead.net/tools/SetRedirect Name: _frmld
Value: 1
flnt20318.hexatrack1.io/ Name: hexa.sid
Value: s%3A-KW_0gzAxE4hMzdOq5K47nOa-ZcUmWi7.Fvt6dQo4TNprSonKkBS55Lc%2FYOYa8CpV0aOgXWvdnsM
.offer-select.com/ Name: 5529cebd-836b-4cfb-80e5-c9670cd773ce-v4
Value: MWJ_Vp76fmZ21vhT3bTa_e1d7wuxGAeoJeImZaIN4uY
.offer-select.com/ Name: cc-v4
Value: j6NiXTN4Fq41oRQCic%2FZmGmLY1Qs0B020vdjfRtMFZMe2dECW0HlL8pLWeOsW7WjyU8MyGv%2BKb8hgHmB7EfaoRV2bcjm73DV29jub%2BEUkg22J1M7Bx0OmC%2BvPw4X4l4cx1Bbwob6Sbo258iU0ceHow%3D%3D
.eastrk-dl.com/ Name: gdm_sid_v1_3_001
Value: knKnCkIhNw41z/o5ajLauq0bDFeV0tRgd+HcVB0+NxauHuO6dztcsjA1wmUb45ROZdokPUGff+o3S94U3x7R/LlGQ4At+4AzTx9bclnorsJB5z84mNuTm/SBqENd3ShTRtqvHJzZwLJr0LLDBiTK21U8gJog4FsJe9IAPmeI7QlZHqBKqrI3Ot5KzDJ4OEcxJlWAkwBIjayDgwDcFveGuIQDzySfTI72CCT6hSYoIYRGJJiHEHGtYTt3V/Fzu6UumJyypB5gIwYCdnDD7md3kUhpFvRsaCqHlt5g0zcTjNECaBtRHUrZ2qYOs7hoyQsN/TPUX2v0wIQV63VAzWoQ0uRujVEcS3afjzI5fg+OvJ6KJuTXCLQWQjgGqZdACmBGTR44mzSQF2Rkain7UIYixsePWRUj7cZGnJAoYUr67R8sqbfj5OkB8W3y2w/q935oi8YVm1y9Sa9YtUXwZsScQYLjoX/2H+vgs9sKVO3VqIUcsL6NmR929D8jKjV//crwIOA6ZvXm4osv/gxTByMDDbI9Is7q2VJ8yuk89hWpx0TjYvaZINI3GMSZOCdfr3aaT3+kYg2aBxlFFiyrwi6tSPR9PYMhvcKrTNf4entQIoxU2iDQTflYm1W0bXMWAgRs6v0s0EwL8KkgsNZxmzQpifjUoi3f5ApTq5yoNciYCFt5Fz9GbbVKItzWfBneZdlQ7h6a5fhDp8/n0El90lnpJ91HTjGfTVZt2oOcqGLx7cd+jtcdDNfdfKrYbuGsP6WbjbycAPYKea8CAYQ20Ckk5q57HvaKu4XRZ1fmopAA5aCVltxtPHdjcMZ0UKzKXggkKunJ6kieRdbffSYLKWBC+pY7OAdbxO1aFh6n7kq+lgaGkH9RT5S+ItfS6wxPmJ4PJQj1Wj9NsZohBxg2RqzeCYg6wg7jxekyeERN/X7dcYe1MLP0UfPuE82yBZBM/9mPrL7xUvHdW5mXEJGDUMIUIKVqddh23DpnEW5yELSopAziLMx44zoPbusJgdjDPyDRzbqsETKzdQsbD4IBLg6NzuWtfEQHCfCs7amkaeJgPDP9iaZUiy8XPaJO4rP+jkS2jMexdZp8r4iMTpAnoCEw3D1utRY58vBDT484P1hLB3k=
.eastrk-dl.com/ Name: gdm_uid_v1_1_001
Value: sRTu/opAVNClsL/f20xgzZe+pUE6uvHy4RcfYziO9v8oJTdav9pFg8rP4y7xdxEP
.eastrk-dl.com/ Name: gdm_click_freq_v1_1_001
Value: OxGjV6XpcXangzh4Sty+juz9zxnQk8sh0F+JHoKBuMqxOMm6CQTJVkKu+Fjuh++W
.eastrk-dl.com/ Name: gdm_click_adv_freq_v1_1_001
Value: WGP2hL1mCj4amHrx09xylyOi1Ug2/rCJT12ipUx4iBxrRWTf+lYtX6W09XbE2w5T
.eastrk-dl.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.eastrk-dl.com/ Name: gdm_click_freq_v2_1_001
Value: OxGjV6XpcXangzh4Sty+juz9zxnQk8sh0F+JHoKBuMqxOMm6CQTJVkKu+Fjuh++W
.eastrk-dl.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.eastrk-dl.com/ Name: gdm_uid_v2_1_001
Value: sRTu/opAVNClsL/f20xgzZe+pUE6uvHy4RcfYziO9v8oJTdav9pFg8rP4y7xdxEP
.eastrk-dl.com/ Name: gdm_click_adv_freq_v2_1_001
Value: WGP2hL1mCj4amHrx09xylyOi1Ug2/rCJT12ipUx4iBxrRWTf+lYtX6W09XbE2w5T
.eastrk-dl.com/ Name: gdm_sid_v2_3_001
Value: knKnCkIhNw41z/o5ajLauq0bDFeV0tRgd+HcVB0+NxauHuO6dztcsjA1wmUb45ROZdokPUGff+o3S94U3x7R/LlGQ4At+4AzTx9bclnorsJB5z84mNuTm/SBqENd3ShTRtqvHJzZwLJr0LLDBiTK21U8gJog4FsJe9IAPmeI7QlZHqBKqrI3Ot5KzDJ4OEcxJlWAkwBIjayDgwDcFveGuIQDzySfTI72CCT6hSYoIYRGJJiHEHGtYTt3V/Fzu6UumJyypB5gIwYCdnDD7md3kUhpFvRsaCqHlt5g0zcTjNECaBtRHUrZ2qYOs7hoyQsN/TPUX2v0wIQV63VAzWoQ0uRujVEcS3afjzI5fg+OvJ6KJuTXCLQWQjgGqZdACmBGTR44mzSQF2Rkain7UIYixsePWRUj7cZGnJAoYUr67R8sqbfj5OkB8W3y2w/q935oi8YVm1y9Sa9YtUXwZsScQYLjoX/2H+vgs9sKVO3VqIUcsL6NmR929D8jKjV//crwIOA6ZvXm4osv/gxTByMDDbI9Is7q2VJ8yuk89hWpx0TjYvaZINI3GMSZOCdfr3aaT3+kYg2aBxlFFiyrwi6tSPR9PYMhvcKrTNf4entQIoxU2iDQTflYm1W0bXMWAgRs6v0s0EwL8KkgsNZxmzQpifjUoi3f5ApTq5yoNciYCFt5Fz9GbbVKItzWfBneZdlQ7h6a5fhDp8/n0El90lnpJ91HTjGfTVZt2oOcqGLx7cd+jtcdDNfdfKrYbuGsP6WbjbycAPYKea8CAYQ20Ckk5q57HvaKu4XRZ1fmopAA5aCVltxtPHdjcMZ0UKzKXggkKunJ6kieRdbffSYLKWBC+pY7OAdbxO1aFh6n7kq+lgaGkH9RT5S+ItfS6wxPmJ4PJQj1Wj9NsZohBxg2RqzeCYg6wg7jxekyeERN/X7dcYe1MLP0UfPuE82yBZBM/9mPrL7xUvHdW5mXEJGDUMIUIKVqddh23DpnEW5yELSopAziLMx44zoPbusJgdjDPyDRzbqsETKzdQsbD4IBLg6NzuWtfEQHCfCs7amkaeJgPDP9iaZUiy8XPaJO4rP+jkS2jMexdZp8r4iMTpAnoCEw3D1utRY58vBDT484P1hLB3k=
tracking.trackingshub.com/ Name: afclick
Value: 663552d34fb5290001cb9ea5
tracking.trackingshub.com/ Name: afoffers
Value: {"2435408":1714770643}
excellingvista.com/ Name: uclick
Value: ke6JklsKbNk10rGlbWCYtUl83kL/FlU4e6NOFv7qndUxaZDGTo3Y7jwyQ1t1pV5oraDuKRE=
excellingvista.com/ Name: bcid
Value: coql5kr2r96s73e9qfp0
excellingvista.com/ Name: cid
Value: coql5kr2r96s73e9qfp0
.addon-continue.com/ Name: extension
Value: primary_adb
.addon-continue.com/ Name: promo
Value: salmon
.addon-continue.com/ Name: big
Value: none
.addon-continue.com/ Name: clk_domain
Value: excellingvista.com
.addon-continue.com/ Name: flow
Value: binom
.addon-continue.com/ Name: campaignId
Value: 10659
.addon-continue.com/ Name: trafficsource
Value: 29
.addon-continue.com/ Name: src
Value: 6_6536622-1984015597-0
.addon-continue.com/ Name: cid
Value: coql5kr2r96s73e9qfp0
.addon-continue.com/ Name: lpkey
Value: 17147895536478a4c8be14fa07ec1b30d04db70943
.addon-continue.com/ Name: isV2
Value: true

2 Console Messages

Source Level URL
Text
javascript error URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=coql5kr2r96s73e9qfp0&lpkey=17147895536478a4c8be14fa07ec1b30d04db70943&isV2=true
Message:
Access to XMLHttpRequest at 'https://excellingvista.com/click?upd_clickid=coql5kr2r96s73e9qfp0&add_event6=1' from origin 'https://distrib.addon-continue.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://excellingvista.com/click?upd_clickid=coql5kr2r96s73e9qfp0&add_event6=1
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adspredictiv.com
distrib.addon-continue.com
duct.infralead.net
eastrk-dl.com
excellingvista.com
flnt20318.hexatrack1.io
offer-select.com
tracking.trackingshub.com
excellingvista.com
188.114.96.3
188.114.97.3
2a05:d018:483:6110:c29b:eaa2:5b0d:9c34
34.22.240.62
34.90.20.163
52.58.28.63
0514cea519259a90ef195e663ef8f544520a3b08a3e3986179e7e43a56cfba1a
1845c289c582dd2b58a3ab7f8eadb695ebabbfe7a2685e5f9012ae16e0541580
2a3576969f2d8f03ae741c13ce916e9796076187d38f00482bcc633945fc4404
2dc86bcb63b4c5f30ab4a584acceca2f83aa7da547791e47e87e28f21f6675f4
53af2ba832d7fd0ea09e7b9ad86c40a734d7c8226a3acfa93c53f20e267bccdb
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10
a4abf215f3a2e97a09a6bbbcce397edebe274eb2f4d30017d51538db5d8ce8bb
a7728794c46aae2aea176b3fae3af6c29586ec1b6f69a943240ca66a4f9a73d9
ad836c52e873697d018b5c985226104f41e73624b3ab43b8acf261fe2e26ce5f
bae148ca0c030f2445a9eaaf70daea526971e20c044eafde5e17b3d0fcf00068
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
c9a31dd498e84cff2faf9cb91faf3f0d336de3098e2f623773cff935294d03c2
cd701c75d5f318b4bbe49ea523aee01950a7bcb1e1ae882c7f97fe2ceed269df
ed7d9565486a66ea74ca2944c02ba502f78fd8e56052a18c9407d61d7442460f
fb9fc04b79013feb8991210354bc0b64c4093bed280a7740a5a1edca1f4d48ec
fdb7e5b905c5ba8ecb8c3903ed4f807ea46fea7c5bd2be0fef92cf0122ec6f14