urlscan.io logo urlscan.io
SecurityTrails logo

go.downloads-adblocker.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sbdg20296.hexatrackalpha.com/
Effective URL: https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId...
Submission: On May 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 5 countries across 8 domains to perform 20 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is go.downloads-adblocker.com.
TLS certificate: Issued by E1 on May 14th 2024. Valid for: 3 months.
This is the only time go.downloads-adblocker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 34.22.240.62 396982 (GOOGLE-CL...)
3 21 188.114.96.3 13335 (CLOUDFLAR...)
1 1 2a05:d018:483... 16509 (AMAZON-02)
1 1 35.204.193.90 396982 (GOOGLE-CL...)
1 1 52.58.28.63 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
20 3
2    34.22.240.62 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.240.22.34.bc.googleusercontent.com
sbdg20296.hexatrackalpha.com
duct.infralead.net
21    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
offer-select.com
adspredictiv.com
go.downloads-adblocker.com
1    2a05:d018:483:6120:1ca4:1445:fe72:2bce (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
eastrk-dl.com
1    35.204.193.90 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.193.204.35.bc.googleusercontent.com
tracking.trackingshub.com
1    52.58.28.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-63.eu-central-1.compute.amazonaws.com
excellingvista.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
go.downloads-adblocker.com
Apex Domain
Subdomains		 Transfer
18 downloads-adblocker.com
go.downloads-adblocker.com
204 KB
3 adspredictiv.com
adspredictiv.com
5 KB
1 excellingvista.com
excellingvista.com — Cisco Umbrella Rank: 321165
457 B
1 trackingshub.com
tracking.trackingshub.com — Cisco Umbrella Rank: 262416
352 B
1 eastrk-dl.com
eastrk-dl.com
3 KB
1 offer-select.com
offer-select.com
904 B
1 infralead.net
duct.infralead.net
572 B
1 hexatrackalpha.com
sbdg20296.hexatrackalpha.com
796 B
20 8
Domain Requested by
18 go.downloads-adblocker.com adspredictiv.com
go.downloads-adblocker.com
3 adspredictiv.com 2 redirects
1 excellingvista.com 1 redirects go.downloads-adblocker.com
1 tracking.trackingshub.com 1 redirects
1 eastrk-dl.com 1 redirects
1 offer-select.com 1 redirects
1 duct.infralead.net 1 redirects
1 sbdg20296.hexatrackalpha.com 1 redirects
20 8

This site contains no links.

Subject Issuer Validity Valid
adspredictiv.com
GTS CA 1P5		 2024-04-27 -
2024-07-26		 3 months crt.sh
downloads-adblocker.com
E1		 2024-05-14 -
2024-08-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Frame ID: 93D88121C9562BC231A761ACF2125F98
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Primary AdBlock

Page URL History Show full URLs

  1. http://sbdg20296.hexatrackalpha.com/ HTTP 307
    https://sbdg20296.hexatrackalpha.com/ HTTP 302
    https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_l... HTTP 302
    https://offer-select.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_fi... HTTP 302
    https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wet4mifantmhs5i13ksn4t8a HTTP 302
    https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=f39dc27c8aef4bd7b39b46c18c63a7b92099a&su... Page URL
  2. https://adspredictiv.com/jump/next.php?stamat=m%257CYv43JiNiaQdH8AH0dEdHP3xP.b3d%252C7H0PozvLiGV-YkDx... HTTP 302
    https://adspredictiv.com/script/i.php?t=1&c=23786292&stamat=m%257C%252C%252Cg3EqIjFqoGU3Bf-GH0dEdHP3x... HTTP 302
    https://tracking.trackingshub.com/click?pid=6&offer_id=2435408&sub1=171667130410000TDETV436481828094V57&sub2=6... HTTP 302
    https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=66525348548bf90001c16ac9&source=6_... HTTP 307
    https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&f... Page URL

Page Statistics

20
Requests

95 %
HTTPS

33 %
IPv6

8
Domains

8
Subdomains

3
IPs

5
Countries

207 kB
Transfer

507 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sbdg20296.hexatrackalpha.com/ HTTP 307
    https://sbdg20296.hexatrackalpha.com/ HTTP 302
    https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&ld_age=&ld_dob=&aff_inc=&externalid=;;;;;;;;;;;;;; HTTP 302
    https://offer-select.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&aff_source=&aff_subsource=&operator=NotMapped&mnc=&ld_dob=&aff_inc=&ld_region_code= HTTP 302
    https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wet4mifantmhs5i13ksn4t8a HTTP 302
    https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=f39dc27c8aef4bd7b39b46c18c63a7b92099a&sub1=35429&sub2= Page URL
  2. https://adspredictiv.com/jump/next.php?stamat=m%257CYv43JiNiaQdH8AH0dEdHP3xP.b3d%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRrNfLENJy4TGkHo3ZBtMGSHhUBNwRRIgHmynTVf4yGrlYQv0wRdN9iCXSyKbnIYU29SEmYXM2xtZTA46ymdefW5&cbpage=https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=f39dc27c8aef4bd7b39b46c18c63a7b92099a&sub1=35429&sub2=&cbur=0.4835961953661454&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=&ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse1600x1200-120de-DE81124%20bits HTTP 302
    https://adspredictiv.com/script/i.php?t=1&c=23786292&stamat=m%257C%252C%252Cg3EqIjFqoGU3Bf-GH0dEdHP3xP.52a%252CaMV8TtpIjshGCphshb2tF6cQKTI2vXSSJT0AuUG92X9yoOYqmqJmvnt7bxLb1PH6gU_TZ4YuoeP1vaL8ET_yoYDWHBzwq3yvGrwraUyE4OHW-aBMTTfyjoX8XJ-Ixb6WATVgbiuOD-z5k03UXaJOoRGSPtljRagDZ6JvcMZb-tWFya9BtyHrx1IZd-ChRrWC5TluXISJCBgR4jg3tsu9unypM8qDAMCmm_iwlk1U1A13v1pcegRLVz2V_4tv1ojDorc8m1E-TByfFOLDnI31ByJnG0ZSM87-mBM82Oq8tB8ZIdcp3z_e_ciToy9FcCN60Lri4S5GbJmm9Sct5wfhYxEo-KAUSwk-rq6MLbqKq5Mx6dZ779M4tRb_ex9I88BxmDCF3jigYQA-tfpF1YEx0GDwPRlYx3uwKf5j7f2vW6kbsQsi72G6mhgBr8WCD9uoqxAjG-IGU8c1W7urN9OBSxsJf5NIPg1vDqMakcuTndK6Y9VxpoUV-mUxsv6H1vfpVwxap588Gb-aZhUsNJOJk9ExIjeaTx4AOv__Q4qA7ITZUfBHCORAsc66X_Y585sVOJVvsNeJh9F_3q-sWFIb-osli1hoNESucDeJgZV911W1HU0zzgi7KemOVLANBufgfSnX9IW4z5lIcZp_ADg8hSk9zValMMHdSTm1VQjLrEfsqqE9wy3VGuRSv545YwrK HTTP 302
    https://tracking.trackingshub.com/click?pid=6&offer_id=2435408&sub1=171667130410000TDETV436481828094V57&sub2=6536622-1984015597-0 HTTP 302
    https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=66525348548bf90001c16ac9&source=6_6536622-1984015597-0 HTTP 307
    https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://sbdg20296.hexatrackalpha.com/ HTTP 307
  • https://sbdg20296.hexatrackalpha.com/ HTTP 302
  • https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&ld_age=&ld_dob=&aff_inc=&externalid=;;;;;;;;;;;;;; HTTP 302
  • https://offer-select.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&aff_source=&aff_subsource=&operator=NotMapped&mnc=&ld_dob=&aff_inc=&ld_region_code= HTTP 302
  • https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wet4mifantmhs5i13ksn4t8a HTTP 302
  • https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=f39dc27c8aef4bd7b39b46c18c63a7b92099a&sub1=35429&sub2=

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
next.php
adspredictiv.com/jump/
Redirect Chain
  • http://sbdg20296.hexatrackalpha.com/
  • https://sbdg20296.hexatrackalpha.com/
  • https://duct.infralead.net/tools/SetRedirect/?pos=f_1&aff_code=&vl_ph_result=&imsi=&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&ld_age=&ld_dob=&a...
  • https://offer-select.com/5529cebd-836b-4cfb-80e5-c9670cd773ce?cookie=&externalid=;;;;;;;;;;;;;;&ld_first_name=&ld_last_name=&ld_zip_code=&ld_email=&ld_gender=&ld_address_line1=&ld_phone_cell=&aff_s...
  • https://eastrk-dl.com/?a=35429&o=142114&c=0&co=32526&mt=18&s1=&s2=wet4mifantmhs5i13ksn4t8a
  • https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=f39dc27c8aef4bd7b39b46c18c63a7b92099a&sub1=35429&sub2=
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=f39dc27c8aef4bd7b39b46c18c63a7b92099a&sub1=35429&sub2=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8898801fb9e21e56-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 25 May 2024 21:08:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qfWFmKvcMHNZIGYjNYb34biXNQHTNW5uvlzQg5SY97oENJjyYcQw%2BPa4oiaPNbFk0lM8ZywLle%2Fm%2FhczY2f6vahPf1b98tYIH%2BG0h%2FeNRgDpVYuq4S9gW5fOqusJ5AUYk18v"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
content-language
en-US
content-type
text/html;charset=ISO-8859-1
date
Sat, 25 May 2024 21:08:23 GMT
location
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=f39dc27c8aef4bd7b39b46c18c63a7b92099a&sub1=35429&sub2=
server
nginx
Primary Request /
go.downloads-adblocker.com/
Redirect Chain
  • https://adspredictiv.com/jump/next.php?stamat=m%257CYv43JiNiaQdH8AH0dEdHP3xP.b3d%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRrNfLENJy4TGkHo3ZBtMGSHhUBNwRRIgHmynTVf4yGrlYQv0wRdN9iCXSyKbnIYU29SEmYX...
  • https://adspredictiv.com/script/i.php?t=1&c=23786292&stamat=m%257C%252C%252Cg3EqIjFqoGU3Bf-GH0dEdHP3xP.52a%252CaMV8TtpIjshGCphshb2tF6cQKTI2vXSSJT0AuUG92X9yoOYqmqJmvnt7bxLb1PH6gU_TZ4YuoeP1vaL8ET_yoY...
  • https://tracking.trackingshub.com/click?pid=6&offer_id=2435408&sub1=171667130410000TDETV436481828094V57&sub2=6536622-1984015597-0
  • https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=66525348548bf90001c16ac9&source=6_6536622-1984015597-0
  • https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96...
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Requested by
Host: adspredictiv.com
URL: https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=f39dc27c8aef4bd7b39b46c18c63a7b92099a&sub1=35429&sub2=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
dbe34c0b5061815d892d804d120ad5b25ae1cf86f2a462c4fc5e21f9a42d9e1c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=f39dc27c8aef4bd7b39b46c18c63a7b92099a&sub1=35429&sub2=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8898802a3d664d2e-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 25 May 2024 21:08:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FkM8B1maQy6hFMl3Av07wHDn4mCV1aYHbCGWyPRlHlAsK8Qj%2BIy%2FsvRPf6f0GJSQMI8Q7qUEnne%2BVYxEuFsK2YHGfB1ggp23EfuqypEGuc7H5FcPNo%2FTWk0AaMhg6UzpUrv4sDe3%2B0HNY5cY1tsVz60aOa2nIE%2FCig%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Next.js

Redirect headers

content-length
0
date
Sat, 25 May 2024 21:08:24 GMT
location
https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
server
Caddy
x-request-id
f939e458-0a78-4831-85fe-e98eb52a078a
9d92a176c9608aa4.css
go.downloads-adblocker.com/_next/static/css/ 		102 B
657 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.downloads-adblocker.com/_next/static/css/9d92a176c9608aa4.css
Requested by
Host: go.downloads-adblocker.com
URL: https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
134542
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 May 2024 22:48:26 GMT
server
cloudflare
etag
W/"66-18fa7a42fbe"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3wBpmuOAfm4RbxwL1RAgmkkzhqLooHomEzq%2FtMCwfBFM7jkQsNr52G%2BoOKBz2YHXSCPqWzOzfBrIAz6h94z3gh%2BHJXBGVPhQI9t7yYb8QeyKsRPbPI5oKsheObuytVHvCWy0fiDsEhtV22v1FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8898802abf119bb6-FRA
0da9accfe613376a.css
go.downloads-adblocker.com/_next/static/css/ 		40 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.downloads-adblocker.com/_next/static/css/0da9accfe613376a.css
Requested by
Host: go.downloads-adblocker.com
URL: https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
024f8cb0378f8582dc821ff6f1179633037297f2244c3855e27a94f3bcad9f32
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
80225
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 May 2024 22:49:28 GMT
server
cloudflare
etag
W/"a133-18faccb7d14"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iTlbi69yd%2B3GElH5WY7lWpt958VM9Qp101kWBMzKiT0iomUWhhS3mlnAYlbGMf0pg7jMq42XpasZTeTPyIjdqJbyC6CflFuv%2BVJIVEgwPUqjgYD1A963UvVV9PpnnTjwNjDVloue4UoozsOEkw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8898802abf149bb6-FRA
6bab826322e5e284.css
go.downloads-adblocker.com/_next/static/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.downloads-adblocker.com/_next/static/css/6bab826322e5e284.css
Requested by
Host: go.downloads-adblocker.com
URL: https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194d86794464a5979ec89ef967341742f57530d8a29cbb4e4e6c6a0e437ff522
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
80225
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 May 2024 22:49:28 GMT
server
cloudflare
etag
W/"1c2c-18faccb7d18"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jww%2FFJgn3Xrgx48kAlBX0biL58N4XK6ZYUv6cVAtk%2FFf%2Fd5%2FtSiYLOO2uEGMqwoWmakxUQpLgXS6Vc%2FW9l861N1wg7DajGU19F67xTA0sSyIsSNUICSeu1tLdCv1%2Fym4QW785mITmVNlxGdrTg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8898802abf169bb6-FRA
6596.efb58cb4bdc3b408.js
go.downloads-adblocker.com/_next/static/chunks/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.downloads-adblocker.com/_next/static/chunks/6596.efb58cb4bdc3b408.js
Requested by
Host: go.downloads-adblocker.com
URL: https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bf42d87e6150d62708c6859520da9d033bcc06ee8c8d9e397093a990767c07
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
80225
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 May 2024 22:49:28 GMT
server
cloudflare
etag
W/"2a27-18faccb7d14"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gWrQJItZIEBIwjIadn%2F6UL0EB4UFOw1Ztrb6eSv6PUWrKNhzfCoMgQVS8X0hKRg2dYCD%2FcnUKxZiRKLUyzLUONHNQdTuL%2BLw1z%2BuZAEN3H2Zbvc4gYpzFR5ibjG440%2BRMGZd7vTflmP065xvfw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8898802aef5c9bb6-FRA
webpack-1502da0b6a7c50d1.js
go.downloads-adblocker.com/_next/static/chunks/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.downloads-adblocker.com/_next/static/chunks/webpack-1502da0b6a7c50d1.js
Requested by
Host: go.downloads-adblocker.com
URL: https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
248c1e102d103ca47c662f8ae7e86a08fece062021b7c7fc9a930fd6a2944627
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
80225
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 May 2024 22:49:28 GMT
server
cloudflare
etag
W/"2e28-18faccb7d14"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ldB8rdRBqV8B5OjiF8aT1Fw9btUu%2B0aP%2F4EnfNjI4H2dBFu6SgR4REn0ITVqHy1N%2F9cDEf1AXPOw6EuWMfFGr%2BiJGUQEkUqNcAkqYdJqlWquV2M5WZQk3xPJ3FwTMXC6FJyrHeCcmi3bRCBCvw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8898802aef5e9bb6-FRA
framework-3671d8951bf44e4e.js
go.downloads-adblocker.com/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.downloads-adblocker.com/_next/static/chunks/framework-3671d8951bf44e4e.js
Requested by
Host: go.downloads-adblocker.com
URL: https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1845c289c582dd2b58a3ab7f8eadb695ebabbfe7a2685e5f9012ae16e0541580
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
134542
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 May 2024 22:48:26 GMT
server
cloudflare
etag
W/"226fd-18fa7a42fba"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZVKiqxjVCbtkERVMaVbwYX1POY3QKSTtxmmrZMMIM%2BK4lUGxo5SnFm8uIXJkVH%2B8BT122JRviL8nsSb%2FfPyY6uzWQrT9UzMiBzqLAFdSakh0k3YGEY0kRwYXK3NAGf7EKzOCwJ8k3r1pstx0PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8898802aef609bb6-FRA
main-403c8612371c9360.js
go.downloads-adblocker.com/_next/static/chunks/ 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.downloads-adblocker.com/_next/static/chunks/main-403c8612371c9360.js
Requested by
Host: go.downloads-adblocker.com
URL: https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0514cea519259a90ef195e663ef8f544520a3b08a3e3986179e7e43a56cfba1a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
134542
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 May 2024 22:48:26 GMT
server
cloudflare
etag
W/"15cff-18fa7a42fba"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8FeeYl%2BaNsPxuemLr6nyPLE0tP23FjJBJ0z6r%2FOoOWMEw5d2fGv81Oz0xhQZ5c5Kg5uS4z9nwRjCrHYYyYFFzuMyE%2BJ%2Fdtkk1ajSMpuzRPo31dd7o6PaPrwgJ0yTe1k%2FtHJha9JeUOXaeO2dsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8898802aef629bb6-FRA
_app-b7449cd0336aa875.js
go.downloads-adblocker.com/_next/static/chunks/pages/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.downloads-adblocker.com/_next/static/chunks/pages/_app-b7449cd0336aa875.js
Requested by
Host: go.downloads-adblocker.com
URL: https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cbac98ffe0ff64546825f231bdf4c6a021502d0dbd4c7c930428fe93863d658
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
80225
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 May 2024 22:49:28 GMT
server
cloudflare
etag
W/"4f19-18faccb7d08"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BR1mrx%2BftclfgsiJRMQTy2fCytjwczPiR925stNqSiXVBBs%2F3zRS7RMWmd1WxDhbOOd%2FLqtExKTmTC69l2v1QWdscqaDEGOQlphPJyXj59Lj7Q9cZ5dK8B%2FRBJx%2FHrbix0XzpQTECsdnAsqMqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8898802aef649bb6-FRA
7928-b8455e9809247f95.js
go.downloads-adblocker.com/_next/static/chunks/ 		103 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.downloads-adblocker.com/_next/static/chunks/7928-b8455e9809247f95.js
Requested by
Host: go.downloads-adblocker.com
URL: https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25107278c449c878bb8f3c3c5f1cf61d822b304ba6b92e4760cda2dd415591a6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
80225
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 May 2024 22:49:28 GMT
server
cloudflare
etag
W/"19b62-18faccb7d14"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B18Q%2F3JbuPWlWKblubJJhRSLu7%2B13O%2ByZxjoLnmsaCKtDpXsuVR8BzsfK8SFnt%2FbRHgi0xk8R3qJGtGDcBWA9QbZXS13kTOYRfxXf5uXESAxnLtNDrfCsq%2FVPBpLZa6mlFzmWLujNC%2BcjInGkg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8898802aef679bb6-FRA
index-b127b250f5d701e2.js
go.downloads-adblocker.com/_next/static/chunks/pages/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.downloads-adblocker.com/_next/static/chunks/pages/index-b127b250f5d701e2.js
Requested by
Host: go.downloads-adblocker.com
URL: https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98eadfe96ee4b557dae43f8b48366d4ba34c9a00d71035fd138e10c5b0907e8b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
80225
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 May 2024 22:49:28 GMT
server
cloudflare
etag
W/"5da8-18faccb7d08"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IsxKSAkkiV8ZX6je9%2BgdE5MDsAMRJiVyzQhDpgSCY%2FlJm6pal3mVKkAhCkKwbbUCf0dYdT0m2EoY3eAVFa%2BH2wF5UBoYAGspXzqHj8i9%2B2tTAmccQNKWA91Auk8ZG%2FUcZxfMvZp5W1MoC8RDCA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8898802aef699bb6-FRA
_buildManifest.js
go.downloads-adblocker.com/_next/static/MeY8KdbxjF6M6viBxrZVd/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.downloads-adblocker.com/_next/static/MeY8KdbxjF6M6viBxrZVd/_buildManifest.js
Requested by
Host: go.downloads-adblocker.com
URL: https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bdc37e89b73caff31eb8eeda81d69c2dabd0001b6e33afff2d184f73e041763
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
80225
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 May 2024 22:49:28 GMT
server
cloudflare
etag
W/"40a-18faccb7d08"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kT0JnCvonvHeteUyjTyz1TLqsIbYxtjf0egr8OCTDANgedHorcfzHNhUEQDI%2FpjxALi6F9tohZGMdptB5btQgKwJGdKV%2BHMcRLpeiq3efBkPrqqok0iEl5V0XOQw%2Fdau%2BttrCt6Uam%2BgvXEPLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8898802aef6a9bb6-FRA
_ssgManifest.js
go.downloads-adblocker.com/_next/static/MeY8KdbxjF6M6viBxrZVd/ 		77 B
600 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.downloads-adblocker.com/_next/static/MeY8KdbxjF6M6viBxrZVd/_ssgManifest.js
Requested by
Host: go.downloads-adblocker.com
URL: https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
80225
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 May 2024 22:49:28 GMT
server
cloudflare
etag
W/"4d-18faccb7d08"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2kGtwoo%2Flpjcn%2FokaXHf5YaoYTrceFi79vFeeEArNB6hvYAB0ryajMWz93XfSG6FzLKEvIT82KG5vNAflWGa2TroDdyLREW3jW9ae0BO50Peprifv4uAVvnmyIX7XEsbEiXNIr1uyBvc9yNApA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8898802aef6c9bb6-FRA
icon.svg
go.downloads-adblocker.com/images/promo-images/salmon/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.downloads-adblocker.com/images/promo-images/salmon/icon.svg
Requested by
Host: go.downloads-adblocker.com
URL: https://go.downloads-adblocker.com/_next/static/css/6bab826322e5e284.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4abf215f3a2e97a09a6bbbcce397edebe274eb2f4d30017d51538db5d8ce8bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/_next/static/css/6bab826322e5e284.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 May 2024 22:49:10 GMT
server
cloudflare
etag
W/"a60-18faccb37bf"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e9uOxnScTPAdp%2BWcA8MVV%2F4tLcFn%2Fczc4mhWXekgPbJBkdBllUYMove123v%2Bprac44nb31Mvd25UcR%2B%2FNkTrVZtiVJAY4dKwBuARRrJdAlHkiW8ewmu3nclcl4vU5fT7Nh3%2F8U1yMUyoKhmrpg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8898802b3fe39bb6-FRA
available-in-chrome.svg
go.downloads-adblocker.com/images/browser-icons/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.downloads-adblocker.com/images/browser-icons/available-in-chrome.svg
Requested by
Host: go.downloads-adblocker.com
URL: https://go.downloads-adblocker.com/_next/static/css/0da9accfe613376a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed7d9565486a66ea74ca2944c02ba502f78fd8e56052a18c9407d61d7442460f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/_next/static/css/0da9accfe613376a.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 May 2024 22:49:10 GMT
server
cloudflare
etag
W/"309d-18faccb379b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q40PWgkszbB%2Ftf7dmup6v4y1qw%2BL57NmukQijUXVrKFGDlcjH6qvMAJHh4JuQoxBTodkoVJAWUlcJPVBEiFLbsCyk5LzsIk%2Bsq2nTLfVz0pihJ7oYnkW%2B1BwcPq9AJZcZoHGt18xf%2BBNOSR7iA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8898802b3fe49bb6-FRA
627622453ef56b0d.p.woff2
go.downloads-adblocker.com/_next/static/media/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://go.downloads-adblocker.com/_next/static/media/627622453ef56b0d.p.woff2
Requested by
Host: go.downloads-adblocker.com
URL: https://go.downloads-adblocker.com/_next/static/css/6bab826322e5e284.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/_next/static/css/6bab826322e5e284.css
Origin
https://go.downloads-adblocker.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
134542
alt-svc
h3=":443"; ma=86400
content-length
11072
last-modified
Thu, 23 May 2024 22:48:26 GMT
server
cloudflare
etag
W/"2b40-18fa7a42fba"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K96H42ut27gFGnSMsPJTC7F9ppbypfzPrOHqK30cMncSVcbzWsRE%2FFR0mBtx9FTjdeAP6ixTZZ219l5D%2BUtuaKpZ4e65UBDuBmS%2Bw8umYU0ykyaECBH4HgAcIjEFTc%2FiFRR%2FzWZpoRY9WiSzHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8898802b985d9bb6-FRA
934c4b7cb736f2a3.p.woff2
go.downloads-adblocker.com/_next/static/media/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://go.downloads-adblocker.com/_next/static/media/934c4b7cb736f2a3.p.woff2
Requested by
Host: go.downloads-adblocker.com
URL: https://go.downloads-adblocker.com/_next/static/css/6bab826322e5e284.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/_next/static/css/6bab826322e5e284.css
Origin
https://go.downloads-adblocker.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
134542
alt-svc
h3=":443"; ma=86400
content-length
11028
last-modified
Thu, 23 May 2024 22:48:26 GMT
server
cloudflare
etag
W/"2b14-18fa7a42fba"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Blbm4eh4qyFTQ1KMQknW5d1K%2B3xDnMKTfUkHPkgkVIbnYl5epyB4Ny8wZ3OFD0XFpa73Hkmj2sBp6GdWsC1twD5Avs6niAcv8YfvN8MygFZhDW67kp2hgMKzSnyp0eJiGZYglDc4I0FZlvUZVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8898802b98609bb6-FRA
click
excellingvista.com/ 		0
0
favicon.ico
go.downloads-adblocker.com/images/extension-icons/primary-adblock/ 		15 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://go.downloads-adblocker.com/images/extension-icons/primary-adblock/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dc86bcb63b4c5f30ab4a584acceca2f83aa7da547791e47e87e28f21f6675f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 21:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 May 2024 22:49:10 GMT
server
cloudflare
etag
W/"3c2e-18faccb37a7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/x-icon
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5rOU45Bszm8ARIL6BvwQygo5luoEsxBYv2LEETcpYyOsblbY00J81pcUKgg3D5tJMHcAw5K0aZn3ZMZ5GMO8%2BIz3nk0QtAFf0bLdA%2B5fo942HcCYe5vHEWLmRXgT9UPto0vYKa4NYw0yjg2slQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8898802c79819bb6-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
excellingvista.com
URL
https://excellingvista.com/click?upd_clickid=cp956i32r96s73esb06g&add_event6=1

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| a13b function| a13a object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| a0b function| a0a function| a80b function| a80a function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST

30 Cookies

Domain/Path Name / Value
duct.infralead.net/tools/SetRedirect Name: _frmld
Value: 1
sbdg20296.hexatrackalpha.com/ Name: hexa.sid
Value: s%3AC5T1x4s1jvY6NksH-uOtZHgR47EI8nJT.a%2FYAmQWtip275HRL%2BOXlw3qVwlCLFipTvKm7sQUTqBM
.offer-select.com/ Name: 5529cebd-836b-4cfb-80e5-c9670cd773ce-v4
Value: AdfMiKKJlEN33OR3lCPRHPBECLXN0_PRqhodcyEJa9g
.offer-select.com/ Name: cc-v4
Value: PWJRx2V%2BM75%2FrUaMnhvDzayd2fgxRqwBjhkGFA0fB3a7z5fV00ikhQ3OasbRIs8o52KcNgz6jQnmgIGyDsmyzf0K70fys3FBWQmrUN4AvrssjcUr%2FvSo77idtnxpmqT9vSNqJE6c6QzQpIbi3b%2FNlw%3D%3D
.eastrk-dl.com/ Name: gdm_click_adv_freq_v1_1_001
Value: WGP2hL1mCj4amHrx09xyl3+UyDJhbOVWuWAmtj2/kABGf/WRropboCRFFhaxxmjQ
.eastrk-dl.com/ Name: gdm_uid_v2_1_001
Value: Qh3W1ogagKtF9metFo2IerU9gikUAWeDm4BwcGcmjewuQHTuuZBtiKrSqytcSTjZ
.eastrk-dl.com/ Name: gdm_click_freq_v1_1_001
Value: OxGjV6XpcXangzh4Sty+jhDqH8P82PqkCoALR25NxB+Do9ioZpJoQnsieOR9HS3z
.eastrk-dl.com/ Name: gdm_uid_v1_1_001
Value: Qh3W1ogagKtF9metFo2IerU9gikUAWeDm4BwcGcmjewuQHTuuZBtiKrSqytcSTjZ
.eastrk-dl.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.eastrk-dl.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.eastrk-dl.com/ Name: gdm_click_adv_freq_v2_1_001
Value: WGP2hL1mCj4amHrx09xyl3+UyDJhbOVWuWAmtj2/kABGf/WRropboCRFFhaxxmjQ
.eastrk-dl.com/ Name: gdm_sid_v2_3_001
Value: teri8Pe2TuLtpL1znLxUH8R6B8VeWQMXr5dmkGUsks43M42OJPv5+MsC43PNc4uTRunI8p1cwFTJolJPEDAOH2Z4gZxVB63SLOXBKttvLqL+owcnQw4YxzOynI4A0N76sNY6/mSQJOa2lv+8CPta+SFB5/gyQY5poFMeStH8ng+WaX0cne989g3M8LIfUarsUPbT5FREL10ILFeE9VsOYFKTk0Rg3EkEQcWIcg+aI+bOdCAlpxGrQX23bAe4DQczFn7+35awzVjAnIWcck+jXIdlcaKQTXkwy13g7QGewWOFyptnz/0spdo3QryiiLq9TDvP7PvLzywJridf/MnLaAXTa3kKYAKFRD9wku/fHXS9XZ23pP8km0ydmBUFiVLcHE7ffx/EtAiF8p0xfLyvYxL9pxGePu+02OYUsA2KTSdmPKKwlOnPnACeqz7N2poLCqFIqJmt9lKK4vezySUjGLW2oSuluxFMmCHbKpHa1PJHFgx+C8VERiUsbUTZkYp5x07HfZ1GYZSTCyV6ljPTF/zx/UQ//9hteEVOcVO5/Xg1hBbNPVGf0c2T0iQEqnhc4cVyU+qgrgi/b+r104pHzzBigER4gxgXSs95oJTDxlmH+krkWOzDivDXNWPp53PsosCqZTeZ3Ahu4dYPBbw2SO3vcfxiEpwqUrDlNXHmfperytZE/RQtjSC1J2imTfGVzk+Bdsivt5VNh7nOXxRYIaIZFb+OCN0nqpfmcnkkwrVCY6/ij+7AlKhXfcjmx29NyX97xo94CMEiz7a7J212v/kYKwUn0nzKAa2SYv3RQEG61vaE52G+h2Pp4RddBgCnmUwWzs87rr1cpjuI8LxfxB6zVs7dDBVG0zuimORHXJSDBPGT0nqbiLst8Du65/y90CWhKduwwwA4zrxU5IJtC680Bm65P8kMeVh9k5OsMS3ttXkkh0ey2D52Dm+nJSSHAo3PnxiCMrUVJTi94RSunapqq26l1+EcH/Jme4aSI5mimijWhw9OC63FczD9cRmyOJCqb03XYNSFGQi3luj7WAVN/0yulzNFdalCaMD/f8SAUwcPaabyaIwGivwmAd3BwFgbEZY4CkjPHvskAb5ewPyxR5wXG0YfYovtwGML+nk=
.eastrk-dl.com/ Name: gdm_click_freq_v2_1_001
Value: OxGjV6XpcXangzh4Sty+jhDqH8P82PqkCoALR25NxB+Do9ioZpJoQnsieOR9HS3z
.eastrk-dl.com/ Name: gdm_sid_v1_3_001
Value: teri8Pe2TuLtpL1znLxUH8R6B8VeWQMXr5dmkGUsks43M42OJPv5+MsC43PNc4uTRunI8p1cwFTJolJPEDAOH2Z4gZxVB63SLOXBKttvLqL+owcnQw4YxzOynI4A0N76sNY6/mSQJOa2lv+8CPta+SFB5/gyQY5poFMeStH8ng+WaX0cne989g3M8LIfUarsUPbT5FREL10ILFeE9VsOYFKTk0Rg3EkEQcWIcg+aI+bOdCAlpxGrQX23bAe4DQczFn7+35awzVjAnIWcck+jXIdlcaKQTXkwy13g7QGewWOFyptnz/0spdo3QryiiLq9TDvP7PvLzywJridf/MnLaAXTa3kKYAKFRD9wku/fHXS9XZ23pP8km0ydmBUFiVLcHE7ffx/EtAiF8p0xfLyvYxL9pxGePu+02OYUsA2KTSdmPKKwlOnPnACeqz7N2poLCqFIqJmt9lKK4vezySUjGLW2oSuluxFMmCHbKpHa1PJHFgx+C8VERiUsbUTZkYp5x07HfZ1GYZSTCyV6ljPTF/zx/UQ//9hteEVOcVO5/Xg1hBbNPVGf0c2T0iQEqnhc4cVyU+qgrgi/b+r104pHzzBigER4gxgXSs95oJTDxlmH+krkWOzDivDXNWPp53PsosCqZTeZ3Ahu4dYPBbw2SO3vcfxiEpwqUrDlNXHmfperytZE/RQtjSC1J2imTfGVzk+Bdsivt5VNh7nOXxRYIaIZFb+OCN0nqpfmcnkkwrVCY6/ij+7AlKhXfcjmx29NyX97xo94CMEiz7a7J212v/kYKwUn0nzKAa2SYv3RQEG61vaE52G+h2Pp4RddBgCnmUwWzs87rr1cpjuI8LxfxB6zVs7dDBVG0zuimORHXJSDBPGT0nqbiLst8Du65/y90CWhKduwwwA4zrxU5IJtC680Bm65P8kMeVh9k5OsMS3ttXkkh0ey2D52Dm+nJSSHAo3PnxiCMrUVJTi94RSunapqq26l1+EcH/Jme4aSI5mimijWhw9OC63FczD9cRmyOJCqb03XYNSFGQi3luj7WAVN/0yulzNFdalCaMD/f8SAUwcPaabyaIwGivwmAd3BwFgbEZY4CkjPHvskAb5ewPyxR5wXG0YfYovtwGML+nk=
tracking.trackingshub.com/ Name: afclick
Value: 66525348548bf90001c16ac9
tracking.trackingshub.com/ Name: afoffers
Value: {"2435408":1716671304}
excellingvista.com/ Name: uclick
Value: mbuDkAsNO9011uXwaWCYs09ygpE+99jL6eoNejvtrqok23I/ubJyT5nJbxAtK0vl3uy+uUE=
excellingvista.com/ Name: bcid
Value: cp956i32r96s73esb06g
excellingvista.com/ Name: cid
Value: cp956i32r96s73esb06g
.downloads-adblocker.com/ Name: extension
Value: primary_adb
.downloads-adblocker.com/ Name: promo
Value: salmon
.downloads-adblocker.com/ Name: big
Value: none
.downloads-adblocker.com/ Name: clk_domain
Value: excellingvista.com
.downloads-adblocker.com/ Name: flow
Value: binom
.downloads-adblocker.com/ Name: campaignId
Value: 10659
.downloads-adblocker.com/ Name: trafficsource
Value: 29
.downloads-adblocker.com/ Name: src
Value: 6_6536622-1984015597-0
.downloads-adblocker.com/ Name: cid
Value: cp956i32r96s73esb06g
.downloads-adblocker.com/ Name: lpkey
Value: 17166713333e1ded6d2ee5d78e875f13ed19d71604
.downloads-adblocker.com/ Name: isV2
Value: true

2 Console Messages

Source Level URL
Text
javascript error URL: https://go.downloads-adblocker.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536622-1984015597-0&cid=cp956i32r96s73esb06g&lpkey=17166713333e1ded6d2ee5d78e875f13ed19d71604&isV2=true
Message:
Access to XMLHttpRequest at 'https://excellingvista.com/click?upd_clickid=cp956i32r96s73esb06g&add_event6=1' from origin 'https://go.downloads-adblocker.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://excellingvista.com/click?upd_clickid=cp956i32r96s73esb06g&add_event6=1
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adspredictiv.com
duct.infralead.net
eastrk-dl.com
excellingvista.com
go.downloads-adblocker.com
offer-select.com
sbdg20296.hexatrackalpha.com
tracking.trackingshub.com
excellingvista.com
188.114.96.3
2a05:d018:483:6120:1ca4:1445:fe72:2bce
2a06:98c1:3120::3
34.22.240.62
35.204.193.90
52.58.28.63
024f8cb0378f8582dc821ff6f1179633037297f2244c3855e27a94f3bcad9f32
0514cea519259a90ef195e663ef8f544520a3b08a3e3986179e7e43a56cfba1a
0bdc37e89b73caff31eb8eeda81d69c2dabd0001b6e33afff2d184f73e041763
1845c289c582dd2b58a3ab7f8eadb695ebabbfe7a2685e5f9012ae16e0541580
194d86794464a5979ec89ef967341742f57530d8a29cbb4e4e6c6a0e437ff522
248c1e102d103ca47c662f8ae7e86a08fece062021b7c7fc9a930fd6a2944627
25107278c449c878bb8f3c3c5f1cf61d822b304ba6b92e4760cda2dd415591a6
2dc86bcb63b4c5f30ab4a584acceca2f83aa7da547791e47e87e28f21f6675f4
37bf42d87e6150d62708c6859520da9d033bcc06ee8c8d9e397093a990767c07
5cbac98ffe0ff64546825f231bdf4c6a021502d0dbd4c7c930428fe93863d658
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
98eadfe96ee4b557dae43f8b48366d4ba34c9a00d71035fd138e10c5b0907e8b
9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10
a4abf215f3a2e97a09a6bbbcce397edebe274eb2f4d30017d51538db5d8ce8bb
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
dbe34c0b5061815d892d804d120ad5b25ae1cf86f2a462c4fc5e21f9a42d9e1c
ed7d9565486a66ea74ca2944c02ba502f78fd8e56052a18c9407d61d7442460f