Submitted URL: https://bit.ly/ASAMAPP
Effective URL: https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&...
Submission: On July 13 via manual from IN — Scanned from AU

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 44 HTTP transactions. The main IP is 18.67.110.124, located in United States and belongs to AMAZON-02, US. The main domain is www.avendussparks.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 24th 2024. Valid for: a year.
This is the only time www.avendussparks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-CL...)
23 18.67.110.124 16509 (AMAZON-02)
11 104.18.7.24 13335 (CLOUDFLAR...)
1 172.217.24.40 15169 (GOOGLE)
7 104.18.22.183 13335 (CLOUDFLAR...)
44 5
Apex Domain
Subdomains
Transfer
23 avendussparks.com
www.avendussparks.com
121 KB
11 roibest.com
static.roibest.com — Cisco Umbrella Rank: 192376
1 MB
7 bttzs.com
3574893322-p9gbzbcr.bttzs.com
712 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 72
49 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 6998
629 B
44 5
Domain Requested by
23 www.avendussparks.com www.avendussparks.com
11 static.roibest.com www.avendussparks.com
7 3574893322-p9gbzbcr.bttzs.com www.avendussparks.com
1 www.googletagmanager.com www.avendussparks.com
1 bit.ly 1 redirects
44 5

This site contains no links.

Subject Issuer Validity Valid
www.avendussparks.com
Amazon RSA 2048 M02
2024-06-24 -
2025-07-23
a year crt.sh
static.roibest.com
E1
2024-05-25 -
2024-08-23
3 months crt.sh
*.google-analytics.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
bttzs.com
E1
2024-05-16 -
2024-08-14
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
Frame ID: 004F95305AB6F4F27FDB1E0E065A2F5B
Requests: 40 HTTP requests in this frame

Frame: https://3574893322-p9gbzbcr.bttzs.com/rus/Il?uuid=0821709421263719&unionid=
Frame ID: 150D0185A1E694B2AA0CA274D4BD426F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

ASAM

Page URL History Show full URLs

  1. https://bit.ly/ASAMAPP HTTP 301
    https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promot... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

44
Requests

95 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1689 kB
Transfer

2109 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/ASAMAPP HTTP 301
    https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 3574893322_download_t1.html
www.avendussparks.com/3574893322/
Redirect Chain
  • https://bit.ly/ASAMAPP
  • https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
8 KB
3 KB
Document
General
Full URL
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
851120a7277d0c33457c84f2e0f8601298c1b31d64c6695d506e8362c12b26fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html
date
Sat, 13 Jul 2024 12:55:50 GMT
etag
W/"42c14e91fafd1e8dbfd13873e6ccba58"
last-modified
Tue, 09 Jul 2024 06:57:55 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
x-amz-cf-id
WfQdTCk3t1u1KEkv89kkopiEVTBB1xGFrMuiAkKLxlpzDJElCeELhg==
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
D9nwCfNDzqb8gQDnkCle06S1XLLOCHbX
x-cache
Miss from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
250
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Sat, 13 Jul 2024 12:55:47 GMT
location
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
referrer-policy
unsafe-url
server
nginx
via
1.1 google
install-template1-1a744a48077142c62e66.js
www.avendussparks.com/roibest-assets/js/
74 KB
25 KB
Script
General
Full URL
https://www.avendussparks.com/roibest-assets/js/install-template1-1a744a48077142c62e66.js
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73d2a06e859298ad8573f7f8417ecc39b43fec1e7b96a1a49d064dd0e9c8ce5f

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:50 GMT
x-amz-version-id
7CDEqu7fzflnJvjiIkqJEDqTtvjy4L98
content-encoding
br
last-modified
Sat, 13 Jul 2024 12:43:55 GMT
server
AmazonS3
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
etag
W/"5ba20ee68889d08ce790b0fcf483a4a3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
NsoSZ5Wp7mxJMhdG_ErmpehMzDq02B_wSal3xQLZDUtxEJeMxM64ew==
install-template1-723a4d84807500355248.css
www.avendussparks.com/roibest-assets/css/
24 KB
5 KB
Stylesheet
General
Full URL
https://www.avendussparks.com/roibest-assets/css/install-template1-723a4d84807500355248.css
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7040ccf64aea07e7b543114828ca3580f511d737946621c2da5e160807d0417

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:50 GMT
x-amz-version-id
C58qn81fCDtsTTfS0jINJUI0WZVw.Yzk
content-encoding
br
last-modified
Sat, 13 Jul 2024 12:43:55 GMT
server
AmazonS3
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
etag
W/"013fbfba6b5f3699d4a1bac223e26014"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
R1AlLPc8Mhe4C49knlZn5TM00wAKQfCvLpCi7MExnXh6cXKyJNnMzQ==
ic_editors_choice-90a4c40deaa30c9e44e2.png
www.avendussparks.com/roibest-assets/images/
455 B
853 B
Image
General
Full URL
https://www.avendussparks.com/roibest-assets/images/ic_editors_choice-90a4c40deaa30c9e44e2.png
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c4fd5a1098ded56d52c384c882b7e7c19ffa5bdda7fd6e5cf237748b216b5fd

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:50 GMT
x-amz-version-id
URnbjTCTteE5zPiHUWHFCUeQv10NC_vy
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Sat, 13 Jul 2024 12:43:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"2210a93393f5a967db03cd8e8a37b3bf"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
455
x-amz-cf-id
Qdy_HL05lo6E-lz8AdDKosPU5OR7y7U4nPiB_Acff8JEboVSxn8wgQ==
GoogleSans-Medium.ttf
static.roibest.com/assets/font/
116 KB
56 KB
Font
General
Full URL
https://static.roibest.com/assets/font/GoogleSans-Medium.ttf
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/roibest-assets/css/install-template1-723a4d84807500355248.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.7.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cdf0063c8c613033b911b0eb7162aa0a3931b4129ba193163e71dc7d8e16e4b

Request headers

Referer
https://www.avendussparks.com/
Origin
https://www.avendussparks.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:50 GMT
x-amz-version-id
W94VkettKnBOisTCOvHN157EV1HFXLA.
via
1.1 053b1a4cfd9215b4abb8a58ea35b06aa.cloudfront.net (CloudFront)
cf-cache-status
MISS
content-encoding
gzip
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 13 May 2024 05:40:17 GMT
server
cloudflare
etag
W/"8d57e4014b18edef070d285746485115"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, POST
content-type
font/ttf
access-control-allow-origin
*
vary
Accept-Encoding
cf-ray
8a296dfd6d71a819-SYD
x-amz-cf-id
aWwoNtk7_kl1Z_Lt5Y0llhyssWN7Zov6zNusbYD8haQcXayrRvkJRQ==
GoogleSans-Regular.ttf
static.roibest.com/assets/font/
117 KB
56 KB
Font
General
Full URL
https://static.roibest.com/assets/font/GoogleSans-Regular.ttf
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/roibest-assets/css/install-template1-723a4d84807500355248.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.7.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974ee8402aed7391f8ed35155db12950697bcbbe3ad01abfb81718b65cb1960d

Request headers

Referer
https://www.avendussparks.com/
Origin
https://www.avendussparks.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:50 GMT
x-amz-version-id
DsEyrfk1fTvjgZJF0bdN3lws9xk5uSXc
via
1.1 30d965dd3bd4ca28c3aa1ccfc6be7c36.cloudfront.net (CloudFront)
cf-cache-status
MISS
content-encoding
gzip
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 13 May 2024 05:40:17 GMT
server
cloudflare
etag
W/"b5c77a6aed75cdad9489effd0d5ea411"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, POST
content-type
font/ttf
access-control-allow-origin
*
vary
Accept-Encoding
cf-ray
8a296dfd6d73a819-SYD
x-amz-cf-id
K2OySYvTOyjt6prrqAOuR5YnuEVbbv-wqbXJoca7Wy9dtYSLi6ujZw==
favicon.png
www.avendussparks.com/3574893322/roibest/icons/
53 KB
54 KB
Image
General
Full URL
https://www.avendussparks.com/3574893322/roibest/icons/favicon.png
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f035e1889ec14fefa6d072758d9facb7a7feeecdfd581fd3d09c629d6a2f9912

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:51 GMT
x-amz-version-id
7hbmPnK24ovURGMLmt6Hv3y1MZFTHKQa
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jul 2024 06:57:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"8cdb008ee9f6f21158780a15b8810403"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
54327
x-amz-cf-id
Xn9OyVALNubn9u1KGzMegxLbWshySesM6a455Td_Zl4ifydULD9srA==
ic_x-5cfcc16318512e841386.png
www.avendussparks.com/roibest-assets/images/
508 B
905 B
Image
General
Full URL
https://www.avendussparks.com/roibest-assets/images/ic_x-5cfcc16318512e841386.png
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbb946f137aebafac40a10739a1859fb20fcb202dc8008229280b87af07f5ffe

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:51 GMT
x-amz-version-id
AIBVnesurECcY3DlB7I1drIEqk66iD7g
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Sat, 13 Jul 2024 12:43:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"538d135dafe61728edc527b4ad13ce5c"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
508
x-amz-cf-id
cuSU_S4HIYEkoDt3KcC6aVmq3EtloCjqDx12_s-9lV4LErxm9VymiA==
ic_arrow_right-ecd0952f3569bde7f2bd.png
www.avendussparks.com/roibest-assets/images/
175 B
571 B
Image
General
Full URL
https://www.avendussparks.com/roibest-assets/images/ic_arrow_right-ecd0952f3569bde7f2bd.png
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b1666e27c0c788418cb9bd2e214086b4d4e42fab5198890dedcbf4c0ad8977d4

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:51 GMT
x-amz-version-id
KoXeFiUJiRWT4eMvSFlOt2fSvoSAti4m
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Sat, 13 Jul 2024 12:43:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"23d3aec38b3c213120122617a3074ed3"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
175
x-amz-cf-id
RUAjYs2mOO2fukLxTOSt7d1CjYoytlt6gJJzq8f7m5YFfphCootMPQ==
ic_data_share-0a04b46579b65b109794.png
www.avendussparks.com/roibest-assets/images/
718 B
1 KB
Image
General
Full URL
https://www.avendussparks.com/roibest-assets/images/ic_data_share-0a04b46579b65b109794.png
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68b8e4c1bc76b859c5ea2e42293846ea476199743a129ea84db82cc9c2ec3dbc

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:51 GMT
x-amz-version-id
QiBFzlSle0aiTVSy1sxpHzr0q59BnHt2
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Sat, 13 Jul 2024 12:43:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"1f18d6d3e1164dd7f15a0d8ee9fca9bd"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
718
x-amz-cf-id
2yWnyY1ZvojkMF-oIJj5dJZyFotQDL4FNT1RX0ONSlXPKhSSAiaskA==
ic_cloud_upload-12904a12c1aa88f2d082.png
www.avendussparks.com/roibest-assets/images/
784 B
1 KB
Image
General
Full URL
https://www.avendussparks.com/roibest-assets/images/ic_cloud_upload-12904a12c1aa88f2d082.png
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6a65a82fc4b58e00995480f54f600ca1fee0b4a08d812b973b86c5a3fea25

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:51 GMT
x-amz-version-id
AHbsbcxWVvRjHOu5Xvx4QaL_MzjpBmgR
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Sat, 13 Jul 2024 12:43:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"05167acb9173d089bf160a78fae65969"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
784
x-amz-cf-id
mXJFg1tSWEvwGUj7xR9u5JxenOUbPyVMoEt2l-m3PYYwAzIDZxwCKA==
ic_lock-216fc77ae7e0db5800f3.png
www.avendussparks.com/roibest-assets/images/
672 B
1 KB
Image
General
Full URL
https://www.avendussparks.com/roibest-assets/images/ic_lock-216fc77ae7e0db5800f3.png
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20cdca261908700839619b02a3280f4135e952e93caf6679ed71900d16b87841

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:51 GMT
x-amz-version-id
XZP7Q7Ygi0D0nvdRXA1EBsXvCDyaaedK
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Sat, 13 Jul 2024 12:43:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"6d5f7b3c5c255b621cacda26def4becb"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
672
x-amz-cf-id
Y5fNBfngtp6rini6QeoecBZ2jJvmoDlCNNJ0f23SWC5ld7b9_zkkNw==
ic_delete-bfa3513105268d92d830.png
www.avendussparks.com/roibest-assets/images/
451 B
849 B
Image
General
Full URL
https://www.avendussparks.com/roibest-assets/images/ic_delete-bfa3513105268d92d830.png
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd8f46dadaba7bf6b6b65339c1046b13b88182d1b2cfe061ad608a93ceb44ae0

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:51 GMT
x-amz-version-id
gsbLSg0Bkax_xTZoiJxd0_ht12s3D3Ah
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Sat, 13 Jul 2024 12:43:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"5709f0ff072a5499e5e30d567c54e4a6"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
451
x-amz-cf-id
Vr7SRIbtOOhu-ZxP9vNoYMxnex-lCGNdyhf48F5tH4WdrT7f0vkRzA==
js
www.googletagmanager.com/gtag/
127 KB
49 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=ASAM
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/roibest-assets/js/install-template1-1a744a48077142c62e66.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f40.1e100.net
Software
Google Tag Manager /
Resource Hash
c2042bf2d4dde792ad07af86b4242e3255606cf1cd5adf10f4c65049945b41e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.avendussparks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000
content-length
49715
x-xss-protection
0
last-modified
Sat, 13 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Jul 2024 12:55:50 GMT
locale3-71c41f541b162fd88354.js
www.avendussparks.com/roibest-assets/js/
3 KB
2 KB
Script
General
Full URL
https://www.avendussparks.com/roibest-assets/js/locale3-71c41f541b162fd88354.js
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/roibest-assets/js/install-template1-1a744a48077142c62e66.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d835e6ee841d2e4db1564d6334265f87794e23c2c802836092da1dac02a72fd

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:52 GMT
x-amz-version-id
6vQT9R5tdwe39XOIGuARWJbK9D07zdw.
content-encoding
br
last-modified
Sat, 13 Jul 2024 12:43:56 GMT
server
AmazonS3
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
etag
W/"aa9b664f073681cbacd8caa924ad720e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
6QyltgVoYIJntsN86jIPzKGLGIde520eC_EMjRZlJXsHVsHGMWhccw==
dns.json
www.avendussparks.com/3574893322/
52 B
460 B
Fetch
General
Full URL
https://www.avendussparks.com/3574893322/dns.json
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/roibest-assets/js/install-template1-1a744a48077142c62e66.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5e3f82ec7ad0b19b6f5af68bc441bb52c4e6437f3246b02178ac29da25441df

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:52 GMT
x-amz-version-id
yZW81GAvOWTIzIDnFNvj4GVJOifTvWgJ
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Mon, 24 Jun 2024 03:49:20 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"9712ea4cec51aa0049b95fff778c8501"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
52
x-amz-cf-id
fLEvqJQLCXkFC1-CKjLTkpu9ZQ9z1PCpckcpLn7PuIgMANCGd5qP4g==
set
3574893322-p9gbzbcr.bttzs.com/app/
454 B
346 B
Fetch
General
Full URL
https://3574893322-p9gbzbcr.bttzs.com/app/set?project_id=3574893322
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/roibest-assets/js/install-template1-1a744a48077142c62e66.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.15
Resource Hash
4e4ab1365e87bc428ee51515a83feebc499713e995545bc1e935cf073af836ae
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.avendussparks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Jul 2024 12:55:52 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
PHP/8.2.15
x-ip-src-lat
-33.00000
x-ip-src-country
AU
x-ip-src-city
New South Wales
x-request-id
f18350840591aa594701df788037adaf
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-ip-src-lon
146.00000
vary
origin
cf-ray
8a296e07ec75a96e-SYD
access-control-allow-headers
*
x-ip-src
66.203.112.162
set
3574893322-p9gbzbcr.bttzs.com/app/ Frame
0
0
Preflight
General
Full URL
https://3574893322-p9gbzbcr.bttzs.com/app/set?project_id=3574893322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.15
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.avendussparks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=86400
cf-cache-status
DYNAMIC
cf-ray
8a296e03d93fa96e-SYD
date
Sat, 13 Jul 2024 12:55:52 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
origin
x-content-type-options
nosniff
x-ip-src
66.203.112.162
x-ip-src-city
New South Wales
x-ip-src-country
AU
x-ip-src-lat
-33.00000
x-ip-src-lon
146.00000
x-powered-by
PHP/8.2.15
x-request-id
44abfc8da0f0d331fa5f5e2cd55f709f
favicon.png
www.avendussparks.com/3574893322/roibest/icons/
53 KB
0
Other
General
Full URL
https://www.avendussparks.com/3574893322/roibest/icons/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f035e1889ec14fefa6d072758d9facb7a7feeecdfd581fd3d09c629d6a2f9912

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:51 GMT
x-amz-version-id
7hbmPnK24ovURGMLmt6Hv3y1MZFTHKQa
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jul 2024 06:57:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"8cdb008ee9f6f21158780a15b8810403"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
54327
x-amz-cf-id
Xn9OyVALNubn9u1KGzMegxLbWshySesM6a455Td_Zl4ifydULD9srA==
uuid
3574893322-p9gbzbcr.bttzs.com/create/
61 B
176 B
Fetch
General
Full URL
https://3574893322-p9gbzbcr.bttzs.com/create/uuid
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/roibest-assets/js/install-template1-1a744a48077142c62e66.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.15
Resource Hash
61e5f1c90b7e78b001912e2350e6d13746ceab13ae532e3ddaebd4d2153b04c5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.avendussparks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Jul 2024 12:55:53 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
PHP/8.2.15
x-ip-src-lat
-33.00000
x-ip-src-country
AU
x-ip-src-city
New South Wales
x-request-id
724a25ae4b9825bdca82377baa0a7e5e
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-ip-src-lon
146.00000
vary
origin
cf-ray
8a296e0b0f28a96e-SYD
access-control-allow-headers
*
x-ip-src
66.203.112.162
f0bad4d6fb55be8ef95f0104f8b7806a6678ea39aef8b.png
static.roibest.com/oss_upload/202406/24/
287 KB
288 KB
Image
General
Full URL
https://static.roibest.com/oss_upload/202406/24/f0bad4d6fb55be8ef95f0104f8b7806a6678ea39aef8b.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.7.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ba99e354c1432b0bd9cfb5c82967cee038db40de3af77fef8554508ba8ef37b

Request headers

Referer
https://www.avendussparks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:54 GMT
x-amz-version-id
IOMbE0Ps0bTK0Up5CL_WV9gG4uOHbAiB
via
1.1 928b9a46c60991369db0a5ad58525eca.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
293730
last-modified
Mon, 24 Jun 2024 03:38:34 GMT
server
cloudflare
etag
"8ba038824a29bf908f699db4739fff3d"
vary
Origin, Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
8a296e0b7a8cdfaf-SYD
x-amz-cf-id
AnF8km764rS0u1tNtzPW-SGdWtX7bGGyyQEugPjAjPETK7W1TKpuiw==
ic_full_star-49a0f4841cc9a5253f5d.png
www.avendussparks.com/roibest-assets/images/
692 B
1 KB
Image
General
Full URL
https://www.avendussparks.com/roibest-assets/images/ic_full_star-49a0f4841cc9a5253f5d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f437d37c1feb334e9487ea65a15b3272e4f3eaa69429dd60adb08e60bc2f942e

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=&rb_page=1&rb_time=1720875352560
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:54 GMT
x-amz-version-id
bbTw31YvvN100BdPaNVK5dS_YwX3Bh4y
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Sat, 13 Jul 2024 12:43:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"30385c8b6b24d64429fd45468c34bca4"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
692
x-amz-cf-id
aO8n8z0L7IXzKAE2Djan-Bv7NAWEscfk7KL7Ktm-BR9ICwg53BLVwg==
ic_half_star-c696a62ed3f0ae00ebc4.png
www.avendussparks.com/roibest-assets/images/
801 B
1 KB
Image
General
Full URL
https://www.avendussparks.com/roibest-assets/images/ic_half_star-c696a62ed3f0ae00ebc4.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff76222eebec96f114a798784b0bbf1c2bdeddc408f6f1e889ede3b46a69f12e

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=&rb_page=1&rb_time=1720875352560
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:54 GMT
x-amz-version-id
EQ2CmzaLD4iBf7seHrjLr3oEhLtSvR4z
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Sat, 13 Jul 2024 12:43:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"d8cc841c5954db1e6e209787a2e05db0"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
801
x-amz-cf-id
E2hC5ECzQnrpWlzWj1sKNdTzLL1JI1apUfuFBbiixfvkD9Nos_nXDA==
uuid
3574893322-p9gbzbcr.bttzs.com/create/ Frame
0
0
Preflight
General
Full URL
https://3574893322-p9gbzbcr.bttzs.com/create/uuid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.15
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.avendussparks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=86400
cf-cache-status
DYNAMIC
cf-ray
8a296e098ddfa96e-SYD
date
Sat, 13 Jul 2024 12:55:52 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
origin
x-content-type-options
nosniff
x-ip-src
66.203.112.162
x-ip-src-city
New South Wales
x-ip-src-country
AU
x-ip-src-lat
-33.00000
x-ip-src-lon
146.00000
x-powered-by
PHP/8.2.15
x-request-id
b043b00f0fddd2d8adc9c4776db4a730
d460fe7d90910e8d51e38069cf5605496678eb017f458.png
static.roibest.com/oss_upload/202406/24/
338 KB
339 KB
Image
General
Full URL
https://static.roibest.com/oss_upload/202406/24/d460fe7d90910e8d51e38069cf5605496678eb017f458.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.7.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
226b38859ace693f46f781718bdac119a61ce310909bb6a44946541b169380bf

Request headers

Referer
https://www.avendussparks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:54 GMT
x-amz-version-id
JG7xfRTlH_tDJFoLmNa8ZQdWQOVBRXHv
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
346218
last-modified
Mon, 24 Jun 2024 03:41:54 GMT
server
cloudflare
etag
"80d6a1b291947760ba62f47ba0a8616e"
vary
Origin, Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
8a296e0b7a96dfaf-SYD
x-amz-cf-id
TWKB8Q-jPweHyaFa1HikJbYtLkX4_YJRlx055hZpqHkBxsj98TzF-Q==
c4d312d1df0297fe2f35f45e97ce70606678eb504d11e.png
static.roibest.com/oss_upload/202406/24/
346 KB
347 KB
Image
General
Full URL
https://static.roibest.com/oss_upload/202406/24/c4d312d1df0297fe2f35f45e97ce70606678eb504d11e.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.7.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5f87f09465fe68dc2a77bda42af71c9bff20c1ac50f5a149525c08bff3accc2

Request headers

Referer
https://www.avendussparks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:54 GMT
x-amz-version-id
XRc0xqjn_pG4QtSXvoaYPrEl5NjwgX5A
via
1.1 de78b5b2f4bbd9bb1abd6bed27a85d78.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
354497
last-modified
Mon, 24 Jun 2024 03:43:13 GMT
server
cloudflare
etag
"c442d4999ea3561354b1c0b8c80df66c"
vary
Origin, Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
8a296e0b7a97dfaf-SYD
x-amz-cf-id
JtvL2cr6Y6dCQJp_MFkeaZDh-v62fn-IWMez0iZXO1FFXiRCuu_SFg==
ca1020e02bd75345a973a0101e07471c6678eb7b6148d.png
static.roibest.com/oss_upload/202406/24/
208 KB
208 KB
Image
General
Full URL
https://static.roibest.com/oss_upload/202406/24/ca1020e02bd75345a973a0101e07471c6678eb7b6148d.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.7.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
349baf7d91255146e34c43f125109163f666ec5a5f31c963de86fe06b715e519

Request headers

Referer
https://www.avendussparks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:54 GMT
x-amz-version-id
H3iC5v5O0kDrhJoed8Q0QCrpQgiY1QjM
via
1.1 900141041f08038f9452e4f1a092ecd2.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
212539
last-modified
Mon, 24 Jun 2024 03:43:56 GMT
server
cloudflare
etag
"555ffe301b7fefb44dafc56acc21f91d"
vary
Origin, Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
8a296e0b7a94dfaf-SYD
x-amz-cf-id
Al5wbMIWsn3oiKZWYOoUoxJs6imIIiJiLkjtBlYZuiHBO62ixoid5Q==
5282893fd5005ac11afd5f5dd73a318b6678ebba52c92.png
static.roibest.com/oss_upload/202406/24/
54 KB
54 KB
Image
General
Full URL
https://static.roibest.com/oss_upload/202406/24/5282893fd5005ac11afd5f5dd73a318b6678ebba52c92.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.7.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3116693182961df959b0fe62ca1b96d60fdc4b5741d5f812fbda07d79e93ba04

Request headers

Referer
https://www.avendussparks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:53 GMT
x-amz-version-id
yLf53pLIFxbTVS0.jlt5pr1CQzf.Khh5
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
54836
last-modified
Mon, 24 Jun 2024 03:44:59 GMT
server
cloudflare
etag
"73ff76a9107742fadd3137ea10e55fbf"
vary
Origin, Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
8a296e0b7a93dfaf-SYD
x-amz-cf-id
XwIbV25gBH7CWE00xbGbbA9B_c3v4kGzrP4pIHXe5EhnJWmUn6160Q==
8a68a788a46a3b16f6023078cb743b236678ebc4ac3d9.png
static.roibest.com/oss_upload/202406/24/
125 KB
126 KB
Image
General
Full URL
https://static.roibest.com/oss_upload/202406/24/8a68a788a46a3b16f6023078cb743b236678ebc4ac3d9.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.7.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e533f7e10823498dc83a388d27bf6c6ddd29752ca372766a2a5643956d56a033

Request headers

Referer
https://www.avendussparks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:54 GMT
x-amz-version-id
eNH1HqjZ.hR0EQak0nG0lNwWf4ZbyHsl
via
1.1 db987b94354bedc3a16788229c0e652c.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
SYD3-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
128039
last-modified
Mon, 24 Jun 2024 03:45:09 GMT
server
cloudflare
etag
"ec9e9a97c7ebb494098d04bda86c17a5"
vary
Origin, Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
8a296e0b7a8edfaf-SYD
x-amz-cf-id
Y1Bbq_DzTvAllkjaOQOJ8HKI_VNNjNKR8dUUoqABa8rsNo_KGdKfKQ==
default_avatar_5.png
static.roibest.com/assets/roibest/images/
14 KB
14 KB
Image
General
Full URL
https://static.roibest.com/assets/roibest/images/default_avatar_5.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.7.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc70c9e3529d628b93e4ac72c5131f1777dec59755bddf7ae6400de984cc8367

Request headers

Referer
https://www.avendussparks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:52 GMT
x-amz-version-id
sy4f9Ttoj.eWREaWviSejf2bl2B3xVQ8
via
1.1 dff94781894736c12dbb6eb4e456a898.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
SYD3-P1
age
3301
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
14211
last-modified
Mon, 19 Feb 2024 10:09:50 GMT
server
cloudflare
etag
"51e6e374d33488571a368be33755f639"
vary
Origin, Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
8a296e0b7a95dfaf-SYD
x-amz-cf-id
F_Udx4YQl_Jo0gadhse3y0lh3ID2z0AewM-h-7GVdLODsds7sNJtog==
ic_more-3b710bfb3928d8397490.png
www.avendussparks.com/roibest-assets/images/
187 B
586 B
Image
General
Full URL
https://www.avendussparks.com/roibest-assets/images/ic_more-3b710bfb3928d8397490.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
564e5a2ae8fc79737d2ad80c713fdaf6f51b2235238dee96b62cfcdaba034e90

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=&rb_page=1&rb_time=1720875352560
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:54 GMT
x-amz-version-id
IMItVXc1aE1zOPW5l.9ZptjN93nP8tkA
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Sat, 13 Jul 2024 12:43:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"fcb1e16e8b32dd41a611ec7e2d889236"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
187
x-amz-cf-id
MWbXPFN3x9lt5Trkm-DicRZ3RJ_SCdOTZvUzDEE72uk9Tp53TDjkdQ==
default_avatar_1.png
static.roibest.com/assets/roibest/images/
14 KB
15 KB
Image
General
Full URL
https://static.roibest.com/assets/roibest/images/default_avatar_1.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.7.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9481149cb3fdb51238f8f1d49ec52942eaf6686fa9fc1454eb7c5289692d62f3

Request headers

Referer
https://www.avendussparks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:52 GMT
x-amz-version-id
2Ez5YA9lsc9LLJINkFoo616VOgiiqccI
via
1.1 10c0c31afa801ec18da534bf40436e9c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AKL50-C1
age
5900
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
14266
last-modified
Mon, 19 Feb 2024 10:09:41 GMT
server
cloudflare
etag
"93851c6c513ee67703a0b922d213aedd"
vary
Accept-Encoding, Origin
content-type
image/png
accept-ranges
bytes
cf-ray
8a296e0b7a92dfaf-SYD
x-amz-cf-id
yDv5RtbNnnVkQWxYxXmGerZFoLHYajRovRO5tE8Nwz7zIHjNMz7Zhw==
default_avatar_2.png
static.roibest.com/assets/roibest/images/
14 KB
14 KB
Image
General
Full URL
https://static.roibest.com/assets/roibest/images/default_avatar_2.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.7.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94ea4e22f55bc82a9234bd0aeecbbef60f8c861ba856b62e537e68e3978d342b

Request headers

Referer
https://www.avendussparks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:52 GMT
x-amz-version-id
MV.0glDSoCAsoJBFaPMI7DUCpjT1drqq
via
1.1 de78b5b2f4bbd9bb1abd6bed27a85d78.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
SYD3-P1
age
1700
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14331
last-modified
Mon, 19 Feb 2024 10:09:44 GMT
server
cloudflare
etag
"86cf9d1a73f7720f58648e973397f141"
vary
Origin, Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
8a296e0b7a90dfaf-SYD
x-amz-cf-id
DgDGJJp8coGcWW2STlHYBV-nkKUroZ_hy1GAeiVPUkeZ-Aykduw0WQ==
ic_raid_install-c071afe5557f00257f13.png
www.avendussparks.com/roibest-assets/images/
3 KB
3 KB
Image
General
Full URL
https://www.avendussparks.com/roibest-assets/images/ic_raid_install-c071afe5557f00257f13.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d579e143934f667f007bb79457b31323a75df77a941e22111e9aea24d751942

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=&rb_page=1&rb_time=1720875352560
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:54 GMT
x-amz-version-id
zxizwDV5Bz7NSNNgxAkzAuqscyOx96Ie
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Sat, 13 Jul 2024 12:43:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"c2878e9ac89f40cb8aa9d59e9ad0757f"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2970
x-amz-cf-id
EOYX9iTPuLiD6hHKshtAoKoE5SY_NZElCfLXPh0RLqaoysg8OD648A==
img_reward-18bc0c7471777e668be9.png
www.avendussparks.com/roibest-assets/images/
18 KB
19 KB
Image
General
Full URL
https://www.avendussparks.com/roibest-assets/images/img_reward-18bc0c7471777e668be9.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
34ccf3bda39c7052092d84f9a70feb7dd10e530171e1c6415a7406cae93bb988

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=&rb_page=1&rb_time=1720875352560
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:54 GMT
x-amz-version-id
uSmps.leRYvb1i9T0oH.oT7AlML2XtMG
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Sat, 13 Jul 2024 12:43:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"016a314feb3f3a9f91445ef31af3ee49"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
18604
x-amz-cf-id
5Fw4b_L4QV5QU5iEG8-8sxBz5kdeqFyITdrHBP2njDXcd-ARotooFA==
ic_dun-175b2705681df4e189f2.png
www.avendussparks.com/roibest-assets/images/
518 B
916 B
Image
General
Full URL
https://www.avendussparks.com/roibest-assets/images/ic_dun-175b2705681df4e189f2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
851247e401d6728370df8b98f02bdf47e99770326ec69a08a514738eef2a6f9a

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=&rb_page=1&rb_time=1720875352560
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:54 GMT
x-amz-version-id
0clS0yQiw31h8ztkxzd5sIoi.JH7yOgX
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Sat, 13 Jul 2024 12:43:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"55dd096ecb0f855e9545ce5456b0f687"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
518
x-amz-cf-id
QHt6yFz68SeQlywqg-MPiira9JluQU8k6Cgfhx2X53E6cqksxsEBvQ==
favicon.png
www.avendussparks.com/3574893322/roibest/icons/
53 KB
0
Other
General
Full URL
https://www.avendussparks.com/3574893322/roibest/icons/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f035e1889ec14fefa6d072758d9facb7a7feeecdfd581fd3d09c629d6a2f9912

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=&rb_page=1&rb_time=1720875352560
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:51 GMT
x-amz-version-id
7hbmPnK24ovURGMLmt6Hv3y1MZFTHKQa
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jul 2024 06:57:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"8cdb008ee9f6f21158780a15b8810403"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
54327
x-amz-cf-id
Xn9OyVALNubn9u1KGzMegxLbWshySesM6a455Td_Zl4ifydULD9srA==
link
3574893322-p9gbzbcr.bttzs.com/create/ Frame
0
0
Preflight
General
Full URL
https://3574893322-p9gbzbcr.bttzs.com/create/link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.15
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.avendussparks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=86400
cf-cache-status
DYNAMIC
cf-ray
8a296e0c8877a96e-SYD
date
Sat, 13 Jul 2024 12:55:53 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
origin
x-content-type-options
nosniff
x-ip-src
66.203.112.162
x-ip-src-city
New South Wales
x-ip-src-country
AU
x-ip-src-lat
-33.00000
x-ip-src-lon
146.00000
x-powered-by
PHP/8.2.15
x-request-id
032e4de8fa189ba173e784dca8911db9
link
3574893322-p9gbzbcr.bttzs.com/create/
105 B
190 B
Fetch
General
Full URL
https://3574893322-p9gbzbcr.bttzs.com/create/link
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/roibest-assets/js/install-template1-1a744a48077142c62e66.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.15
Resource Hash
a23b38ebd6147d1e75daabcf13ff5394e624aa4be970ba9c0d1e1146c1a36fd3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.avendussparks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 13 Jul 2024 12:55:53 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
PHP/8.2.15
x-ip-src-lat
-33.00000
x-ip-src-country
AU
x-ip-src-city
New South Wales
x-request-id
427682b82ff4499d91bdc2a3a1d5b8dd
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-ip-src-lon
146.00000
vary
origin
cf-ray
8a296e0e09fca96e-SYD
access-control-allow-headers
*
x-ip-src
66.203.112.162
Il
3574893322-p9gbzbcr.bttzs.com/rus/ Frame 150D
0
0
Document
General
Full URL
https://3574893322-p9gbzbcr.bttzs.com/rus/Il?uuid=0821709421263719&unionid=
Requested by
Host: www.avendussparks.com
URL: https://www.avendussparks.com/roibest-assets/js/install-template1-1a744a48077142c62e66.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.avendussparks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=86400
cf-cache-status
DYNAMIC
cf-ray
8a296e11eea9aaea-SYD
content-encoding
br
content-type
text/html
date
Sat, 13 Jul 2024 12:55:54 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding origin
x-content-type-options
nosniff
x-ip-src
66.203.112.162
x-ip-src-city
New South Wales
x-ip-src-country
AU
x-ip-src-lat
-33.00000
x-ip-src-lon
146.00000
r9.gif
3574893322-p9gbzbcr.bttzs.com/pixgif/
0
0

ic_sd-0f0ff5464df5f1e88241.png
www.avendussparks.com/roibest-assets/images/
598 B
996 B
Image
General
Full URL
https://www.avendussparks.com/roibest-assets/images/ic_sd-0f0ff5464df5f1e88241.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
427f5e9956fdd118cebd224a4c7f7e99e74b755b7de611cee4bc62879229ee46

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:55 GMT
x-amz-version-id
oiDJW6nVdEMffSl4tMuuZC8bLMSkrQWv
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Sat, 13 Jul 2024 12:43:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"8eb5fa529cf2eccdc3197f1c0e1f7910"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
598
x-amz-cf-id
wkaPZqbpu6lnyr1z0UpOka_4Dq2XiJDcvGrrvwgOjU3CaodKxDjfsw==
favicon.png
www.avendussparks.com/3574893322/roibest/icons/
53 KB
0
Other
General
Full URL
https://www.avendussparks.com/3574893322/roibest/icons/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-124.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f035e1889ec14fefa6d072758d9facb7a7feeecdfd581fd3d09c629d6a2f9912

Request headers

Referer
https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=&rb_page=1&rb_time=1720875352560&link_id=9717175317729993
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:55:51 GMT
x-amz-version-id
7hbmPnK24ovURGMLmt6Hv3y1MZFTHKQa
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jul 2024 06:57:55 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"8cdb008ee9f6f21158780a15b8810403"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
54327
x-amz-cf-id
Xn9OyVALNubn9u1KGzMegxLbWshySesM6a455Td_Zl4ifydULD9srA==
r9.gif
3574893322-p9gbzbcr.bttzs.com/pixgif/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
3574893322-p9gbzbcr.bttzs.com
URL
https://3574893322-p9gbzbcr.bttzs.com/pixgif/r9.gif?uuid=0821709421263719&channel_id=10&invite_code=&event_code=21001&link_id=9717175317729993&project_id=3574893322&version=2&package=3574893322&promote_url_id=1498712211&extend=e30%3D&source=&language=en-AU&timezone=UTC%2B8&report_url=aHR0cHM6Ly93d3cuYXZlbmR1c3NwYXJrcy5jb20vMzU3NDg5MzMyMi8zNTc0ODkzMzIyX2Rvd25sb2FkX3QxLmh0bWw%2FY2hhbm5lbF9pZD0xMCZyYl9waXhlbF9pZD1BU0FNJnByb21vdGVfdXJsX2lkPTE0OTg3MTIyMTEmcmJfdGlkPTEmaW52aXRlX2NvZGU9JnJiX3BhZ2U9MSZyYl90aW1lPTE3MjA4NzUzNTI1NjAmbGlua19pZD05NzE3MTc1MzE3NzI5OTkz&base64_params=report_url%2Cextend
Domain
3574893322-p9gbzbcr.bttzs.com
URL
https://3574893322-p9gbzbcr.bttzs.com/pixgif/r9.gif?uuid=0821709421263719&channel_id=10&invite_code=&event_code=21024&link_id=9717175317729993&project_id=3574893322&version=1&package=3574893322&promote_url_id=&extend=e30%3D&source=&language=en-AU&timezone=UTC%2B8&report_url=aHR0cHM6Ly93d3cuYXZlbmR1c3NwYXJrcy5jb20vMzU3NDg5MzMyMi8zNTc0ODkzMzIyX2Rvd25sb2FkX3QxLmh0bWw%2FY2hhbm5lbF9pZD0xMCZyYl9waXhlbF9pZD1BU0FNJnByb21vdGVfdXJsX2lkPTE0OTg3MTIyMTEmcmJfdGlkPTEmaW52aXRlX2NvZGU9JnJiX3BhZ2U9MSZyYl90aW1lPTE3MjA4NzUzNTI1NjAmbGlua19pZD05NzE3MTc1MzE3NzI5OTkz&base64_params=report_url%2Cextend

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __rb object| webpackChunkrollup_app function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| __rb_pwa_api_url object| __rb_event_listener object| __rb_sw

5 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: o6dcTL-ad0489258a004e496b-00V
.roibest.com/ Name: __cf_bm
Value: VB7G9YqiwmBF74fyEbpYSI.4N57_YWpzalB8CGApTLo-1720875354-1.0.1.1-jqCPnf.u9H.FhuknD_F3iSUYdS4pSBMROoUgEjTQGmW803KcIH5_eQsGAZxBgzuKfg7KGNsuT5oRuVDvuGTItQ
3574893322-p9gbzbcr.bttzs.com/ Name: _f_cu
Value: f7fe998453284f3ca25d67cd8ae0a53f
3574893322-p9gbzbcr.bttzs.com/ Name: _f_ci
Value: e5775b31c18a41948f8f241d983048a0
3574893322-p9gbzbcr.bttzs.com/ Name: _cu
Value: 4c5791cc640245e68eebd405a1a66417

1 Console Messages

Source Level URL
Text
other error URL: https://www.avendussparks.com/3574893322/3574893322_download_t1.html?channel_id=10&rb_pixel_id=ASAM&promote_url_id=1498712211&rb_tid=1&invite_code=&rb_page=1&rb_time=1720875352560&link_id=9717175317729993
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3574893322-p9gbzbcr.bttzs.com
bit.ly
static.roibest.com
www.avendussparks.com
www.googletagmanager.com
3574893322-p9gbzbcr.bttzs.com
104.18.22.183
104.18.7.24
172.217.24.40
18.67.110.124
67.199.248.10
0cdf0063c8c613033b911b0eb7162aa0a3931b4129ba193163e71dc7d8e16e4b
20cdca261908700839619b02a3280f4135e952e93caf6679ed71900d16b87841
226b38859ace693f46f781718bdac119a61ce310909bb6a44946541b169380bf
3116693182961df959b0fe62ca1b96d60fdc4b5741d5f812fbda07d79e93ba04
349baf7d91255146e34c43f125109163f666ec5a5f31c963de86fe06b715e519
34ccf3bda39c7052092d84f9a70feb7dd10e530171e1c6415a7406cae93bb988
3d835e6ee841d2e4db1564d6334265f87794e23c2c802836092da1dac02a72fd
427f5e9956fdd118cebd224a4c7f7e99e74b755b7de611cee4bc62879229ee46
4ba99e354c1432b0bd9cfb5c82967cee038db40de3af77fef8554508ba8ef37b
4d579e143934f667f007bb79457b31323a75df77a941e22111e9aea24d751942
4e4ab1365e87bc428ee51515a83feebc499713e995545bc1e935cf073af836ae
564e5a2ae8fc79737d2ad80c713fdaf6f51b2235238dee96b62cfcdaba034e90
61e5f1c90b7e78b001912e2350e6d13746ceab13ae532e3ddaebd4d2153b04c5
68b8e4c1bc76b859c5ea2e42293846ea476199743a129ea84db82cc9c2ec3dbc
73d2a06e859298ad8573f7f8417ecc39b43fec1e7b96a1a49d064dd0e9c8ce5f
7c4fd5a1098ded56d52c384c882b7e7c19ffa5bdda7fd6e5cf237748b216b5fd
851120a7277d0c33457c84f2e0f8601298c1b31d64c6695d506e8362c12b26fe
851247e401d6728370df8b98f02bdf47e99770326ec69a08a514738eef2a6f9a
9481149cb3fdb51238f8f1d49ec52942eaf6686fa9fc1454eb7c5289692d62f3
94ea4e22f55bc82a9234bd0aeecbbef60f8c861ba856b62e537e68e3978d342b
974ee8402aed7391f8ed35155db12950697bcbbe3ad01abfb81718b65cb1960d
99c6a65a82fc4b58e00995480f54f600ca1fee0b4a08d812b973b86c5a3fea25
a23b38ebd6147d1e75daabcf13ff5394e624aa4be970ba9c0d1e1146c1a36fd3
b1666e27c0c788418cb9bd2e214086b4d4e42fab5198890dedcbf4c0ad8977d4
b7040ccf64aea07e7b543114828ca3580f511d737946621c2da5e160807d0417
c2042bf2d4dde792ad07af86b4242e3255606cf1cd5adf10f4c65049945b41e8
c5e3f82ec7ad0b19b6f5af68bc441bb52c4e6437f3246b02178ac29da25441df
e533f7e10823498dc83a388d27bf6c6ddd29752ca372766a2a5643956d56a033
e5f87f09465fe68dc2a77bda42af71c9bff20c1ac50f5a149525c08bff3accc2
f035e1889ec14fefa6d072758d9facb7a7feeecdfd581fd3d09c629d6a2f9912
f437d37c1feb334e9487ea65a15b3272e4f3eaa69429dd60adb08e60bc2f942e
fbb946f137aebafac40a10739a1859fb20fcb202dc8008229280b87af07f5ffe
fc70c9e3529d628b93e4ac72c5131f1777dec59755bddf7ae6400de984cc8367
fd8f46dadaba7bf6b6b65339c1046b13b88182d1b2cfe061ad608a93ceb44ae0
ff76222eebec96f114a798784b0bbf1c2bdeddc408f6f1e889ede3b46a69f12e