landing.download-available.xyz Open in urlscan Pro
2606:4700:3035::ac43:9398 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://b3.myqvids.com/
Effective URL:
https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=P...
Submission: On March 12 via api (March 12th 2024, 9:46:00 pm UTC) from US — Scanned from US

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 17 domains to perform 57 HTTP transactions. The main IP is 2606:4700:3035::ac43:9398, located in United States and belongs to CLOUDFLARENET, US. The main domain is landing.download-available.xyz.
TLS certificate: Issued by GTS CA 1P5 on March 4th 2024. Valid for: 3 months.

This is the only time landing.download-available.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	2606:4700:303... 2606:4700:3035::6815:559d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
1 3	104.117.182.161 104.117.182.161	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2600:141b:1c0... 2600:141b:1c00:3a7::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
1 3	23.44.201.216 23.44.201.216	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:141b:500... 2600:141b:5000:395::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	52.58.28.63 52.58.28.63	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700:303... 2606:4700:3035::ac43:9398	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:816::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80a::200a	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.184.204.244 52.184.204.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
57	18

6 2606:4700:3035::6815:559d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

b3.myqvids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c0.myqvids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

shaumtol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.117.182.161 (New York, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-161.deploy.static.akamaitechnologies.com

ak.alklinker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:3a7::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.44.201.216 (Secaucus, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-201-216.deploy.static.akamaitechnologies.com

ak.ocoaksib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:5000:395::11a6 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.28.63 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-63.eu-central-1.compute.amazonaws.com

excellingvista.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3035::ac43:9398 (United States)

ASN13335 (CLOUDFLARENET, US)

landing.download-available.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80a::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80b::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.184.204.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	download-available.xyz landing.download-available.xyz	73 KB
9	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 30771
6	myqvids.com 1 redirects b3.myqvids.com c0.myqvids.com	34 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 756 c.clarity.ms — Cisco Umbrella Rank: 1360 n.clarity.ms — Cisco Umbrella Rank: 18298	27 KB
4	gstatic.com fonts.gstatic.com	69 KB
3	ocoaksib.com 1 redirects ak.ocoaksib.com — Cisco Umbrella Rank: 119310	15 KB
3	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11818	1 KB
3	alklinker.com 1 redirects ak.alklinker.com — Cisco Umbrella Rank: 906315	16 KB
3	shaumtol.com shaumtol.com — Cisco Umbrella Rank: 269924 Failed	15 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	301 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
2	datatechone.com datatechone.com — Cisco Umbrella Rank: 37995	937 B
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1435 c.go-mpulse.net — Cisco Umbrella Rank: 659	50 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 244	764 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	86 KB
1	excellingvista.com 1 redirects excellingvista.com	417 B
0	akstat.io Failed 173bf111.akstat.io Failed
57	17

	Domain	Requested by
12	landing.download-available.xyz	landing.download-available.xyz
9	jouteetu.net	shaumtol.com
4	fonts.gstatic.com	fonts.googleapis.com
3	ak.ocoaksib.com	1 redirects ak.ocoaksib.com
3	my.rtmark.net	shaumtol.com ak.alklinker.com ak.ocoaksib.com
3	ak.alklinker.com	1 redirects c0.myqvids.com ak.alklinker.com
3	c0.myqvids.com	b3.myqvids.com c0.myqvids.com shaumtol.com
3	shaumtol.com	b3.myqvids.com c0.myqvids.com shaumtol.com
3	b3.myqvids.com	1 redirects b3.myqvids.com
2	c.clarity.ms	1 redirects
2	www.google-analytics.com	www.googletagmanager.com
2	www.clarity.ms	landing.download-available.xyz www.clarity.ms
2	fonts.googleapis.com	landing.download-available.xyz
2	datatechone.com	ak.alklinker.com ak.ocoaksib.com
1	n.clarity.ms	www.clarity.ms
1	c.bing.com	1 redirects
1	www.googletagmanager.com	landing.download-available.xyz
1	excellingvista.com	1 redirects landing.download-available.xyz
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	ak.alklinker.com
0	173bf111.akstat.io Failed	s.go-mpulse.net
57	21

This site contains no links.

Subject Issuer	Validity	Valid
myqvids.com E1	`2024-01-22` - `2024-04-21`	3 months	crt.sh
shaumtol.com R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
ak.hetaruwg.com R3	`2024-03-11` - `2024-06-09`	3 months	crt.sh
jouteetu.net R3	`2024-02-24` - `2024-05-24`	3 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-03-06` - `2025-03-06`	a year	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
download-available.xyz GTS CA 1P5	`2024-03-04` - `2024-06-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 2 frames:

Primary Page: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true
Frame ID: 78B1CB48FA901400A21D8567DBA9888D
Requests: 55 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B
Frame ID: CEDDE40E740F6ED3B5135A2B12FD3744
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AdSweeper

Page URL History Show full URLs

http://b3.myqvids.com/ HTTP 301
https://b3.myqvids.com/ Page URL
https://c0.myqvids.com/?cnv_id=undefined Page URL
https://ak.alklinker.com/afu.php?zoneid=5726880 Page URL
https://ak.alklinker.com/?z=5726880&syncedCookie=true&rhd=false HTTP 302
https://ak.ocoaksib.com/4/6118780/?var=5726880&btz=Pacific/Honolulu&bto=600 Page URL
https://ak.ocoaksib.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://excellingvista.com/click?key=fickwiw7fy7yshltu1k2&visitor_id=791534085687489300&cost=0.005593&z... HTTP 307
https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

57
Requests

91 %
HTTPS

53 %
IPv6

17
Domains

21
Subdomains

18
IPs

3
Countries

388 kB
Transfer

976 kB
Size

29
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://b3.myqvids.com/ HTTP 301
https://b3.myqvids.com/ Page URL
https://c0.myqvids.com/?cnv_id=undefined Page URL
https://ak.alklinker.com/afu.php?zoneid=5726880 Page URL
https://ak.alklinker.com/?z=5726880&syncedCookie=true&rhd=false HTTP 302
https://ak.ocoaksib.com/4/6118780/?var=5726880&btz=Pacific/Honolulu&bto=600 Page URL
https://ak.ocoaksib.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://excellingvista.com/click?key=fickwiw7fy7yshltu1k2&visitor_id=791534085687489300&cost=0.005593&zoneid=6118780&campaignid=7744863&bannerid=19839481&subzoneid=0 HTTP 307
https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://b3.myqvids.com/ HTTP 301
https://b3.myqvids.com/

Request Chain 24

https://ak.alklinker.com/?z=5726880&syncedCookie=true&rhd=false HTTP 302
https://ak.ocoaksib.com/4/6118780/?var=5726880&btz=Pacific/Honolulu&bto=600

Request Chain 53

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=685AC0D5A7A6424D8E725ED00C567AEE&RedC=c.clarity.ms&MXFR=06F687600A36651E2FB293200E366B67 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=685AC0D5A7A6424D8E725ED00C567AEE&MUID=21589ECEB0456A5B047E8A8EB1596B07

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
b3.myqvids.com/
Redirect Chain

http://b3.myqvids.com/
https://b3.myqvids.com/

11 KB
5 KB

448ms
341ms

Document
text/html

2606:4700:3035::6815:559d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://b3.myqvids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:559d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8636f8dd695f31d2-MIA
content-encoding: br
content-type: text/html
date: Tue, 12 Mar 2024 21:45:35 GMT
last-modified: Mon, 04 Mar 2024 20:03:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oSbNy0Hvjde4%2Bkm2wCGtBrMCKKUuoAsKwYlOLcsMU54QRET%2B6D2hC6haBpw3LmG2Ss%2FPsi0%2ByZLIkC3mDeM9Z0Z8xcc3u8fqbhkdjHPRnB8%2B%2FKSDi%2B6UClc0E6wDG%2BoN%2FSpBhMDRU5VeguSgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 8636f8db6e1974c0-MIA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 12 Mar 2024 21:45:35 GMT
Expires: Tue, 12 Mar 2024 22:45:35 GMT
Location: https://b3.myqvids.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ET9E8Cir9wifOUYoffWZWdjaUUeS4K%2FATRc%2FSOt%2BFuk9k3Fatx5rwhN%2B6N9nczZ%2BdGQsLITmLdFGSNQF3nViWeg6lGxl%2FlygBLBKaFjjZjN80AhYibyZSaUhrQkc3ATVTSE2XgamOkYVS5RrVw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 play.png
b3.myqvids.com/images/play/ 11 KB
11 KB 45ms
40ms Image
image/png 2606:4700:3035::6815:559d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b3.myqvids.com/images/play/play.png
Requested by: Host: b3.myqvids.com
URL: https://b3.myqvids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:559d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://b3.myqvids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1213226
alt-svc: h3=":443"; ma=86400
content-length: 11015
last-modified: Thu, 14 Mar 2019 13:22:18 GMT
server: cloudflare
etag: "5c8a558a-2b07"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsX%2FSPjfteYY9Hisp2Nx8pja5ojjgvEWpSM6opzrjDQzfJsh3TDW37SJGHtnad5N2GucpvZYkE47aJIZaCLPmKgMYhmnz0n4NRh107D47h%2Bj5DSAYqfxVm76phX%2BGZ3dhdm07QkUhbjD4of8IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8636f8dfddab31d2-MIA
expires: Thu, 28 Mar 2024 20:45:09 GMT

GET micro.tag.min.js
shaumtol.com/pfe/current/ 0
0

GET
H2 200 /
c0.myqvids.com/ 11 KB
5 KB 275ms
190ms Document
text/html 2606:4700:3035::6815:559d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c0.myqvids.com/?cnv_id=undefined
Requested by: Host: b3.myqvids.com
URL: https://b3.myqvids.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:559d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://b3.myqvids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8636f8e05eaf31d2-MIA
content-encoding: br
content-type: text/html
date: Tue, 12 Mar 2024 21:45:36 GMT
last-modified: Mon, 04 Mar 2024 20:03:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AW3wzXmY7CkSvX2pOeWJBkw27rjFviqkdmrrlAGBEofbLy0QtHVinhiR7CF7JDJiiimxekfES06TCkJ4vYwpWgiMnE6mfTLOYzu7QJ%2FAIkQ5fz%2BtV1Rg5%2BQErFLdmd4ccwjhGmMprzLlWn%2BNg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 micro.tag.min.js
shaumtol.com/pfe/current/ 35 KB
14 KB 137ms
137ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5726879&ymid=undefined&sw=/sw-check-permissions-10eaa.js
Requested by: Host: c0.myqvids.com
URL: https://c0.myqvids.com/?cnv_id=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c0.myqvids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 21:45:36 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2024 08:40:28 GMT
server: nginx
etag: W/"65f014fc-8a1a"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3 200 play.png
c0.myqvids.com/images/play/ 11 KB
11 KB 49ms
47ms Image
image/png 2606:4700:3035::6815:559d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c0.myqvids.com/images/play/play.png
Requested by: Host: c0.myqvids.com
URL: https://c0.myqvids.com/?cnv_id=undefined
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:559d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c0.myqvids.com/?cnv_id=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 340007
alt-svc: h3=":443"; ma=86400
content-length: 11015
last-modified: Thu, 14 Mar 2019 13:22:18 GMT
server: cloudflare
etag: "5c8a558a-2b07"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nVLxfJ9fN2AVZlYl535UnUv7FduFKKlpQK7AVxZ45Q5L2q7VPIrhlckAgRGcByMsYILyKncIUJcYmQ6XvKgx8FnXtbO11fuUYx%2FrgU9d4izAUopuoZhlt5FHZFSuL2ht39%2BL%2FXSU6I0zpeAyZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8636f8e23d8eb3bf-MIA
expires: Sun, 07 Apr 2024 23:18:49 GMT

GET
H2 200 afu.php Show response
ak.alklinker.com/ 36 KB
15 KB 13258ms
616ms Document
text/html 104.117.182.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ak.alklinker.com/afu.php?zoneid=5726880

Requested by

Host: c0.myqvids.com
URL: https://c0.myqvids.com/?cnv_id=undefined

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.117.182.161 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-117-182-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

69547eb31e970acabc5b86a4b2083c2c584dcbabf52a917cfc0f72dad7ffc0be

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://c0.myqvids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 13874
content-type: text/html; charset=utf8
date: Tue, 12 Mar 2024 21:45:49 GMT
expires: Tue, 12 Mar 2024 21:45:49 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server-timing: cdn-cache; desc=MISS edge; dur=468 origin; dur=6 ak_p; desc="1710279948846_1752544925_90523501_47847_1578_2742_178_255";dur=1
strict-transport-security: max-age=1
timing-allow-origin: * *
vary: Accept-Encoding
x-akamai-transformed: 9 13369 0 pmb=mRUM,1
x-content-type-options: nosniff
x-trace-id: e99666a15c0dda7d5214dc7d74214bb1

POST
H2 200 custom
jouteetu.net/ 0
0 419ms
136ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5726879&ymid=undefined&sw=/sw-check-permissions-10eaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c0.myqvids.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 sw-check-permissions-10eaa.js
c0.myqvids.com/ 0
764 B 194ms
193ms Other
application/javascript 2606:4700:3035::6815:559d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c0.myqvids.com/sw-check-permissions-10eaa.js?ymid=undefined&zoneId=5726879
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5726879&ymid=undefined&sw=/sw-check-permissions-10eaa.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:559d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c0.myqvids.com/?cnv_id=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Mar 2024 14:36:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e5dc50-236"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zxzuHGmYdlnRxqBBrgayrQWkPnZLFXBXmHLxKQh1TOke%2BguY%2Btd74qkyXJI6r49bcmRy41u5eQVBtxX9qH%2BQrT5d9wTNqLQB4GvJsLSkB80b8Q7Bpcye5D6J24aYKGWjbS41zpX5ep9S1X%2B9aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 8636f8e53afdb3bf-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Mar 2024 09:45:36 GMT

POST
H2 200 custom
jouteetu.net/ 0
0 413ms
134ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5726879&ymid=undefined&sw=/sw-check-permissions-10eaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c0.myqvids.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 zone
shaumtol.com/ 0
257 B 138ms
137ms Ping
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shaumtol.com/zone?&pub=0&zone_id=5726879&is_mobile=false&domain=c0.myqvids.com&var=&ymid=undefined&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=ee53c159-7748-4dd4-92db-8a1fe7f955e1&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5726879&ymid=undefined&sw=/sw-check-permissions-10eaa.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c0.myqvids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-trace-id: 036c53729fdb6d33c6bbcdaf09793e84
date: Tue, 12 Mar 2024 21:45:36 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://c0.myqvids.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

POST
H2 200 custom
jouteetu.net/ 0
0 545ms
267ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5726879&ymid=undefined&sw=/sw-check-permissions-10eaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c0.myqvids.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 574ms
297ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5726879&ymid=undefined&sw=/sw-check-permissions-10eaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c0.myqvids.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js
my.rtmark.net/ 65 B
543 B 420ms
136ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5726879&checkDuplicate=true&ymid=undefined&var=

Requested by

Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5726879&ymid=undefined&sw=/sw-check-permissions-10eaa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c0.myqvids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:36 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://c0.myqvids.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 575ms
300ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5726879&ymid=undefined&sw=/sw-check-permissions-10eaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c0.myqvids.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 305ms
269ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5726879&ymid=undefined&sw=/sw-check-permissions-10eaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c0.myqvids.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 166ms
165ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5726879&ymid=undefined&sw=/sw-check-permissions-10eaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c0.myqvids.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 zone
shaumtol.com/ 802 B
1 KB 422ms
141ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shaumtol.com/zone?&pub=0&zone_id=5726879&is_mobile=false&domain=c0.myqvids.com&var=&ymid=undefined&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=ee53c159-7748-4dd4-92db-8a1fe7f955e1&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5726879&ymid=undefined&sw=/sw-check-permissions-10eaa.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c0.myqvids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-trace-id: 8a15e751da3dbaddb2b543870ee87b12
date: Tue, 12 Mar 2024 21:45:37 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://c0.myqvids.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 802

POST
H2 200 custom
jouteetu.net/ 0
0 153ms
152ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5726879&ymid=undefined&sw=/sw-check-permissions-10eaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c0.myqvids.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 135ms
132ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5726879&ymid=undefined&sw=/sw-check-permissions-10eaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://c0.myqvids.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B
s.go-mpulse.net/boomerang/ Frame CEDD 205 KB
49 KB 299ms
91ms Script
application/javascript 2600:141b:1c00:3a7::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B
Requested by: Host: ak.alklinker.com
URL: https://ak.alklinker.com/afu.php?zoneid=5726880
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:3a7::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ak.alklinker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:50 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Sat, 02 Mar 2024 03:43:58 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 200 sftouch
ak.alklinker.com/ 2 B
679 B 186ms
185ms Ping
text/plain 104.117.182.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ak.alklinker.com/sftouch?userId=00801df55fdd4b80f833b9b083d45a56&z=5726880&p_rid=c98bec25-761d-480f-9f40-f6268519eb8d&p_src=sf&branchId=0&rb=MNSDi_dndMoVsbuNKords36gnsLYlCjv_86cOlgu5cUGeNBzcnvTLD5r8F6gS-grI9Yw6DV2Wmhi8kFmRlf_NEmtrEnO9_rihgNxPqpad_VxCaGJMJNscYQ_0DYULcPMn4vfw2rnrahcHW-ysr2FOqACx9vNVqLAAzE6dK9lYJhNyPacsBHcF5EXpvom227SHhxY-g2XEND5rnLW_Tq2WN1V4T04zQxLjXWQVlH7GCPZuYouAI3eH3XgkXVimBQdGRZnLX80uYrpX35bqpZZOK8lnSGBZLsXJQiGZyrl3SsMiZJi_Lfd_D-sw2hBaqoI5ptGcA==

Requested by

Host: ak.alklinker.com
URL: https://ak.alklinker.com/afu.php?zoneid=5726880

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.117.182.161 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-117-182-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ak.alklinker.com/afu.php?zoneid=5726880
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=1
date: Tue, 12 Mar 2024 21:45:49 GMT
x-content-type-options: nosniff
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=4, ak_p; desc="1710279949802_1752544925_90528273_10285_906_602_0_109";dur=1
content-length: 2
x-trace-id: bfe1632dfe09415dd7d19a61c5556f4d
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://ak.alklinker.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 12 Mar 2024 21:45:49 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
490 B 139ms
137ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=00801df55fdd4b80f833b9b083d45a56&z=5726880&p_rid=c98bec25-761d-480f-9f40-f6268519eb8d&p_src=sf

Requested by

Host: ak.alklinker.com
URL: https://ak.alklinker.com/afu.php?zoneid=5726880

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ak.alklinker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
469 B 435ms
137ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=c98bec25-761d-480f-9f40-f6268519eb8d
Requested by: Host: ak.alklinker.com
URL: https://ak.alklinker.com/afu.php?zoneid=5726880
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Referer: https://ak.alklinker.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 12 Mar 2024 21:45:50 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://ak.alklinker.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

/
ak.ocoaksib.com/4/6118780/
Redirect Chain

https://ak.alklinker.com/?z=5726880&syncedCookie=true&rhd=false
https://ak.ocoaksib.com/4/6118780/?var=5726880&btz=Pacific/Honolulu&bto=600

33 KB
14 KB

395ms
159ms

Document
text/html

23.44.201.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.ocoaksib.com/4/6118780/?var=5726880&btz=Pacific/Honolulu&bto=600
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.216 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-216.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ak.alklinker.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 13362
content-type: text/html; charset=utf8
date: Tue, 12 Mar 2024 21:45:50 GMT
expires: Tue, 12 Mar 2024 21:45:50 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
timing-allow-origin: *
vary: Accept-Encoding
x-trace-id: 272016b80d26a1f832bcfbe5dcb1a280

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ak.alklinker.com
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Tue, 12 Mar 2024 21:45:50 GMT
expires: Tue, 12 Mar 2024 21:45:50 GMT
link: <https://ak.ocoaksib.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://ak.ocoaksib.com/4/6118780/?var=5726880&btz=Pacific/Honolulu&bto=600
pragma: no-cache
referrer-policy: no-referrer
server-timing: cdn-cache; desc=MISS edge; dur=101 origin; dur=15 ak_p; desc="1710279950018_1752544925_90529700_14150_1294_535_0_255";dur=1
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: ed3cc8be58a3e8fdb7de15f086158f46

GET
H2 200 config.json
c.go-mpulse.net/api/ Frame CEDD 1 KB
787 B 257ms
92ms XHR
application/json 2600:141b:5000:395::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B&d=ak.alklinker.com&t=5700933&v=1.720.0&if=&sl=0&si=08154280-d9ef-4478-a1b5-1178179d73cd-sa98g0&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=764622
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000:395::11a6 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ak.alklinker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:50 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 603

POST /
173bf111.akstat.io/ 0
0

POST
H2 200 sftouch
ak.ocoaksib.com/ 2 B
539 B 146ms
145ms Ping
text/plain 23.44.201.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ak.ocoaksib.com/sftouch?userId=00801df8b24e4304e99eb7d59b041b64&z=6118780&p_rid=b2975cd0-afd9-47cc-bf61-d2e17a63fbeb&p_src=sf&branchId=0&rb=Cyz-1Fa6pCp1RGs95LV1D6aJwAYfE5xqmNLyLaQn1JvvbkaL6Rl4GOhaKnn4c1JzioUf-4Ap4K-AM9sp42Gy5X2Acgwcg7b6vHKMq7TM0xSPC2GnfDMQ3cbyFcmnQMJbDW4kHPqvuziw4bxqFh4BP5FNCGoW7u1MDWUrKtwz-ByKIQADwtVkYuRWf3D9bxfP9i58D5IAMDusxnIGoCIbi5lbFQV8s5yilj1K5rcSR6b-A9NL00uwits0xTJoD4JW80KmxD4A44i_cNlB9WxdBBdkO8gS3CIQVSVJqP9votPKAa-W

Requested by

Host: ak.ocoaksib.com
URL: https://ak.ocoaksib.com/4/6118780/?var=5726880&btz=Pacific/Honolulu&bto=600

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.44.201.216 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-201-216.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ak.ocoaksib.com/4/6118780/?var=5726880&btz=Pacific/Honolulu&bto=600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=1
date: Tue, 12 Mar 2024 21:45:50 GMT
x-content-type-options: nosniff
content-length: 2
x-trace-id: 1bdce8b96e3a32ebc5365b95f15830a3
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://ak.ocoaksib.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 12 Mar 2024 21:45:50 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
490 B 135ms
135ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=00801df8b24e4304e99eb7d59b041b64&z=6118780&p_rid=b2975cd0-afd9-47cc-bf61-d2e17a63fbeb&p_src=sf

Requested by

Host: ak.ocoaksib.com
URL: https://ak.ocoaksib.com/4/6118780/?var=5726880&btz=Pacific/Honolulu&bto=600

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ak.ocoaksib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:50 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
468 B 137ms
136ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b2975cd0-afd9-47cc-bf61-d2e17a63fbeb
Requested by: Host: ak.ocoaksib.com
URL: https://ak.ocoaksib.com/4/6118780/?var=5726880&btz=Pacific/Honolulu&bto=600
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Referer: https://ak.ocoaksib.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 12 Mar 2024 21:45:50 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://ak.ocoaksib.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

Primary Request t27a Show response
landing.download-available.xyz/
Redirect Chain

https://ak.ocoaksib.com/?z=6118780&syncedCookie=true&rhd=false
https://excellingvista.com/click?key=fickwiw7fy7yshltu1k2&visitor_id=791534085687489300&cost=0.005593&zoneid=6118780&campaignid=7744863&bannerid=19839481&subzoneid=0
https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&i...

7 KB
2 KB

368ms
267ms

Document
text/html

2606:4700:3035::ac43:9398
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9398 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52cf12bc82ebb3724f4b41cb478f383c7c6f57e3a15fda54c87f00db1edd4f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ak.ocoaksib.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8636f94159578da9-MIA
content-encoding: br
content-type: text/html
date: Tue, 12 Mar 2024 21:45:51 GMT
last-modified: Mon, 11 Mar 2024 13:49:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rztLGjgiUAQYKvtzFbNG20bVafsplrGtqXTjSmPWlP3dMhIn9GZjQbPj6F0VP6tgUUDcdLKOre9JS35ywzCtfGreraFbNlYi34Th6QJScXlD1TRsLhUrJnJLR8Zx%2BiogAvho9MtcGy2o8uc6gQf%2BDwPDmQXaH6km%2Bm3wg8U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

content-length: 0
date: Tue, 12 Mar 2024 21:45:51 GMT
location: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true
server: Caddy
x-request-id: 23898595-4a70-4fff-87eb-3ffcdbdd5013

GET
H2 200 style.css
landing.download-available.xyz/t27a/ 6 KB
2 KB 48ms
44ms Stylesheet
text/css 2606:4700:3035::ac43:9398
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.download-available.xyz/t27a/style.css?b4f40fdb4d56e1b639ee01e05062ccba

Requested by

Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9398 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15009d82c090a5ca60f35ad0bea797c41176209a310ef68f3fed5146c86e361a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 114309
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Mar 2024 13:49:30 GMT
server: cloudflare
etag: W/"65ef0bea-1637"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fTQIFMpY5zsfISVywPx2l9xBRORIbWyki2AmDD4maeYSmJjpCC7jaCjLumfuh%2FE7bVcW3S4HvvQOLvJp%2BQhjbNo5aYwScZ3XeZnb6yQrFjtCUyQj1UhyqQ0ElKZo%2BkeiH0zUhPCv%2BWVSpjhh0l6SP4FB3vQhQu84fGMub6w%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8636f9431cdc8da9-MIA
expires: Tue, 11 Mar 2025 14:00:42 GMT

GET
H2 200 shared.css
landing.download-available.xyz/styles/ 24 KB
6 KB 49ms
47ms Stylesheet
text/css 2606:4700:3035::ac43:9398
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.download-available.xyz/styles/shared.css?b4f40fdb4d56e1b639ee01e05062ccba

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9398 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6d325f88bd958a422137a658dc31ab40c83a324904041fbc966cceeeb586ae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3407
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Mar 2024 13:49:30 GMT
server: cloudflare
etag: W/"65ef0bea-61c5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2FE6zpFJd7aLtTM0YahA%2FaJSSwHSPO3nrL6EZPgl7qNV%2B1ASp3rysTkeoN7PikKD09t6Ga3RwCW2BXFS92cpTTCy4iHXBK6QPBy5kPPNzjrwS16XBlDleihuoMnU82BPHhcuPjsnIuFP5yBGGyrvUGGPnl%2FAPepN%2B14xlMA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8636f9431cdd8da9-MIA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
86 KB 237ms
96ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WV373MWWXX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a36ce78ec1c47535afbf0a9cc8ac858e9bb36a5203baa77c5b51e99c7323c862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87197
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Mar 2024 21:45:52 GMT

GET
H2 200 right_arrow.svg
landing.download-available.xyz/images/promo-images/t27/ 852 B
840 B 59ms
58ms Image
image/svg+xml 2606:4700:3035::ac43:9398
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.download-available.xyz/images/promo-images/t27/right_arrow.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9398 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25fe80013eb2222e748429721dd632fba347bcd63bb04f9c75ac015d9fe190a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 295
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Mar 2024 13:49:30 GMT
server: cloudflare
etag: W/"65ef0bea-354"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bm3Rh88YUQ5RXTXlPufuFPFbQgHQZjy6Vlv1GfdwTp6FEnTB5uyct870rYXjp%2BE6%2BOx5%2Bu%2FKYEaPbHvznZ9vfUg4AWFjjNnzYP17LPecfWZo37ni%2BemvZRLyNATYFpHr9vR%2FcsAvamn3G3hPAucsXodjcXnkxrn1zFXXItU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8636f9431cdf8da9-MIA

GET
H2 200 cursor-finger.svg
landing.download-available.xyz/images/promo-images/t26/ 16 KB
9 KB 48ms
46ms Image
image/svg+xml 2606:4700:3035::ac43:9398
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.download-available.xyz/images/promo-images/t26/cursor-finger.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9398 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08ffd52cae98b8ce38870e7e42f4efa09bd581863d9da203f593828851d301b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6903
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Mar 2024 13:49:30 GMT
server: cloudflare
etag: W/"65ef0bea-4088"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6e6WfgJDBMYzwEVZFF%2Br8gak0bWqG7%2F5Y8u9YUFlZw4NUlHADZ93nTjQ%2Fq7QMJoNdg3zJkBzSkO5NyzRlUVrYHfl1TJVn650GsPP6eh4UbYQ3Hb4ZjZ0b%2BUih%2FU4Ja7lEPUlW6XTwY4Iph5NG0Qp6t9heJrtYB5kY3Kpz6k%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8636f9432cf28da9-MIA

GET
H2 200 index.js Show response
landing.download-available.xyz/js/ 174 KB
41 KB 67ms
66ms Script
application/javascript 2606:4700:3035::ac43:9398
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.download-available.xyz/js/index.js?b4f40fdb4d56e1b639ee01e05062ccba

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9398 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5f7df130bd465b96c08e1d62b70257546ca2bbdf86f11a71333bb73aab63ceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1835
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Mar 2024 13:49:30 GMT
server: cloudflare
etag: W/"65ef0bea-2b9fb"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZizWTNIE%2FGqK3452iljrvsy%2FYD%2Bewsf2v4ls9CsWCxqoXlnDbFUxOwz4baWr%2FNglBeGI5VThB%2FLnTZIjZJYmvSTZV%2FMZ80KEZW64E941%2FNPH2x33Fahv8fm1zRoG41Mf4paBLw7UGJSJm6%2B7vHnjJwgwcnyD2DAnBZMr%2FB0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8636f9431ce28da9-MIA

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
696 B 239ms
92ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:opsz@6..12&display=swap

Requested by

Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/t27a/style.css?b4f40fdb4d56e1b639ee01e05062ccba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17b4230274e3785db20adfc1df4d93dcee45ead0b6fff74d94d019d3dea27820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Mar 2024 21:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Mar 2024 21:26:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Mar 2024 21:45:52 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 223ms
81ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/styles/shared.css?b4f40fdb4d56e1b639ee01e05062ccba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Mar 2024 21:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Mar 2024 20:56:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Mar 2024 21:45:52 GMT

GET
H2 200 jfl2pu6cif Show response
www.clarity.ms/tag/ 650 B
1014 B 210ms
57ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jfl2pu6cif
Requested by: Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/js/index.js?b4f40fdb4d56e1b639ee01e05062ccba
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4babba5cbd5143d3ea9cbaa46c5a568eabe6e36149b58a60494a693ecb69f66f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: -1
date: Tue, 12 Mar 2024 21:45:52 GMT
x-azure-ref: 20240312T214552Z-3dsy4chqk532t7bmkgyfyaypy80000000bf000000000dsgp
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H3 200 bg1.webp
landing.download-available.xyz/images/promo-images/t10b/ 1 KB
2 KB 64ms
63ms Image
image/webp 2606:4700:3035::ac43:9398
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.download-available.xyz/images/promo-images/t10b/bg1.webp

Requested by

Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/t27a/style.css?b4f40fdb4d56e1b639ee01e05062ccba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9398 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fff80755437b5821bd1afedcbabbf593bc5ad704164a84e161c7d6903f2cad84

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/t27a/style.css?b4f40fdb4d56e1b639ee01e05062ccba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4937
alt-svc: h3=":443"; ma=86400
content-length: 1048
last-modified: Mon, 11 Mar 2024 13:49:30 GMT
server: cloudflare
etag: "65ef0bea-418"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fqt6ttUBNdwYGf5QSWza0RXibZbjCpInodxiG6I4REJQkSuIe7ErQjM6UIaQz3KUgcI%2F8gqyfd9fSuS8oxklwkutK%2B8GwOQV2MBSlhmhcpLC%2B%2Bux5q%2FSROEJz%2BDFfTHGNkIKWosuiT%2BHBHl5ODXRi%2F6JmlZc6LYeDOKZMRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8636f944fa637476-MIA

GET
H3 200 bg2.webp
landing.download-available.xyz/images/promo-images/t10b/ 5 KB
6 KB 57ms
53ms Image
image/webp 2606:4700:3035::ac43:9398
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.download-available.xyz/images/promo-images/t10b/bg2.webp

Requested by

Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/t27a/style.css?b4f40fdb4d56e1b639ee01e05062ccba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9398 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

605a19acc25b956fbe94ea993415b723261a6b9a45ebd2ac3799b2a51337600c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/t27a/style.css?b4f40fdb4d56e1b639ee01e05062ccba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1630
alt-svc: h3=":443"; ma=86400
content-length: 5204
last-modified: Mon, 11 Mar 2024 13:49:30 GMT
server: cloudflare
etag: "65ef0bea-1454"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lRpCWl%2BS8mvWSVAYRT6EyciQlrTJmXq1D%2BdDU%2Bu51C5WEE%2BhMUDimekSLe8OGqgcrt4rpRw1QsAuuCaX9DWUeIrQhjpG9Ut0NiYkK3EH2yPVQ%2FkABJAma4ycdR6eWr9ctQm73xSZ0mcUCvqiTNA0KyZSFKW0CyPv0%2F2GL0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8636f944fa697476-MIA

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 274ms
131ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://landing.download-available.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 08:52:30 GMT
x-content-type-options: nosniff
age: 564802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 08:52:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 206ms
64ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://landing.download-available.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 08:56:32 GMT
x-content-type-options: nosniff
age: 564560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 08:56:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 222ms
80ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://landing.download-available.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 09:13:39 GMT
x-content-type-options: nosniff
age: 563533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 09:13:39 GMT

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfUVwoNnq4CLz0_upHZPYsZ51Q42ptCprt1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 22 KB
22 KB 296ms
155ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfUVwoNnq4CLz0_upHZPYsZ51Q42ptCprt1R-s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:opsz@6..12&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff77c61bd9f925275715a3f2685f4a8b4335f887d7dd00bac1c44f5cd58bde45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://landing.download-available.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:20:08 GMT
x-content-type-options: nosniff
age: 343544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22228
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 01:41:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Mar 2025 22:20:08 GMT

GET
H3 200 8117.0bb8375f05cc5780d943.js Show response
landing.download-available.xyz/js/ 689 B
930 B 45ms
44ms Script
application/javascript 2606:4700:3035::ac43:9398
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.download-available.xyz/js/8117.0bb8375f05cc5780d943.js

Requested by

Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/js/index.js?b4f40fdb4d56e1b639ee01e05062ccba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9398 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42ccefc110cfc9f6cc2dcfc0a6043645099aac0e1b32e0214e3d2dd954fe27a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2929
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Mar 2024 13:49:30 GMT
server: cloudflare
etag: W/"65ef0bea-2b1"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=igZi3ARwZ3KZcGcnXGZ0b%2BxP6cSydEMoCpcLkDT0R05hg2IiQw5kUzDXD6zXkS0uqjFjWPxFyX%2FV36B4XwoBCFEHYn8h8zkwtLZ5xEosw3S5O6KAzeS3XehLyIQhdlbFBA2Ddq1XQgqkwSrRCUOFIKUfEQ0t7yWfPBcYXdQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8636f9454adf7476-MIA

POST
H2 204 collect
www.google-analytics.com/g/ 0
256 B 274ms
98ms Ping
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WV373MWWXX&gtm=45je43b0v9138627631za200&_p=1710279952185&gcd=13l3l3l3l1&npa=0&dma=0&cid=328019080.1710279952&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710279952&sct=1&seg=0&dl=https%3A%2F%2Flanding.download-available.xyz%2Ft27a%3Fclk_domain%3Dexcellingvista.com%26flow%3Dbinom%26campaignId%3D10557%26cid%3Dcnocq3r2r96s73ce9clg%26source%3DPropellerAds%26lpkey%3D1710284c1befb5d4ee74f16edc85338c3993b80251%26isV2%3Dtrue&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1488
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WV373MWWXX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 21:45:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://landing.download-available.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.svg
landing.download-available.xyz/images/extension-icons/ad_sweeper/ 2 KB
1 KB 47ms
45ms Image
image/svg+xml 2606:4700:3035::ac43:9398
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.download-available.xyz/images/extension-icons/ad_sweeper/logo.svg

Requested by

Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/styles/shared.css?b4f40fdb4d56e1b639ee01e05062ccba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9398 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fba0eede361a6264de01bf7555a0e56f32a69fa6381a2c421d04652b8a15448c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/styles/shared.css?b4f40fdb4d56e1b639ee01e05062ccba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1714
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Mar 2024 13:49:30 GMT
server: cloudflare
etag: W/"65ef0bea-869"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EhdBZDWfbS5Id5Bp1qde%2BXLZimSKttpe3z1o4Q0sLYE9iKnhm34y3n9r4GxYNVpeT%2FqWzfHN715f5Z4HLge%2FzY%2FrF5D0ciA%2BKgI5p0MSFjmretek2KdzUe%2BAhXU%2FkhQStlZu%2Ft5l%2BpN7BaDccHPqLYBaZ7n7xpW2SrEj9sM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8636f9463c607476-MIA

GET
H3 200 chrome_store_checked.svg
landing.download-available.xyz/images/browser-icons/ 3 KB
2 KB 57ms
56ms Image
image/svg+xml 2606:4700:3035::ac43:9398
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.download-available.xyz/images/browser-icons/chrome_store_checked.svg

Requested by

Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/styles/shared.css?b4f40fdb4d56e1b639ee01e05062ccba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9398 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc1797066c4364b50c380ffc02fd29fe378332593b053175deef151301b8f356

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/styles/shared.css?b4f40fdb4d56e1b639ee01e05062ccba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2696
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Mar 2024 13:49:30 GMT
server: cloudflare
etag: W/"65ef0bea-ab3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eRaG0t3DvXwCCcrnZm2iAM3JV1pjB6zJFJkDqf6qyyZFG3T5T3MCVo5j03xMqu2MoM8zsAlSENW7O2sl7G2CSpvz2hYg%2FupAsmAevHo8I%2BgQ4%2Br09ShcV6cPJZW1gancsl6Xt6hsItTcPpqn7hpwfXUkoakTTh%2FkRnmtKbE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8636f9463c667476-MIA

GET
H3 200 chrome_store_icon.svg
landing.download-available.xyz/images/browser-icons/ 2 KB
1 KB 50ms
50ms Image
image/svg+xml 2606:4700:3035::ac43:9398
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://landing.download-available.xyz/images/browser-icons/chrome_store_icon.svg

Requested by

Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/styles/shared.css?b4f40fdb4d56e1b639ee01e05062ccba

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9398 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f564c0872b20b68ed53a1dd9940756dc2d67f836c11d719af67b16a68142180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/styles/shared.css?b4f40fdb4d56e1b639ee01e05062ccba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1571
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Mar 2024 13:49:30 GMT
server: cloudflare
etag: W/"65ef0bea-853"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WdQQNLRLebzDLZDft3lgar3j88f1hBauaE1%2FZDj%2FxfsEA6RXVQKlQJTYPkvO1PWKDpAEmPZOGQ12YXjoV00IPzVviHfld3etdqEDrdG4Y6VhiVPIeuXW2nEsC2IcShY4vYWGtrbaeeBInUH4f2UJpeLRWv2MggB15qeOB5A%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8636f9463c697476-MIA

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.24/ 60 KB
25 KB 71ms
69ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.24/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jfl2pu6cif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:45:52 GMT
content-encoding: br
last-modified: Sun, 10 Mar 2024 17:00:12 GMT
etag: W/"0x8DC41238D312F83"
vary: Accept-Encoding
x-azure-ref: 20240312T214552Z-3dsy4chqk532t7bmkgyfyaypy80000000bf000000000dsgw
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: d5a1266e-d01e-007a-2f1b-73339b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET click
excellingvista.com/ 0
0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=685AC0D5A7A6424D8E725ED00C567AEE&RedC=c.clarity.ms&MXFR=06F687600A36651E2FB293200E366B67
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=685AC0D5A7A6424D8E725ED00C567AEE&MUID=21589ECEB0456A5B047E8A8EB1596B07

42 B
443 B

59ms
54ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=685AC0D5A7A6424D8E725ED00C567AEE&MUID=21589ECEB0456A5B047E8A8EB1596B07
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 21:45:52 GMT
last-modified: Fri, 01 Mar 2024 22:53:54 GMT
server: Microsoft-IIS/10.0
etag: "32434d562b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 12 Mar 2024 21:45:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D30BD884FC3A4EA5A9D02795DBE14EDA Ref B: MIAEDGE1312 Ref C: 2024-03-12T21:45:52Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=685AC0D5A7A6424D8E725ED00C567AEE&MUID=21589ECEB0456A5B047E8A8EB1596B07
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
310 B 195ms
58ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://landing.download-available.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://landing.download-available.xyz
Date: Tue, 12 Mar 2024 21:45:52 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

POST
H2 204 collect
www.google-analytics.com/g/ 0
45 B 93ms
92ms Ping
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WV373MWWXX&gtm=45je43b0v9138627631za200&_p=1710279952185&gcd=13l3l3l3l1&npa=0&dma=0&cid=328019080.1710279952&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1710279952&sct=1&seg=0&dl=https%3A%2F%2Flanding.download-available.xyz%2Ft27a%3Fclk_domain%3Dexcellingvista.com%26flow%3Dbinom%26campaignId%3D10557%26cid%3Dcnocq3r2r96s73ce9clg%26source%3DPropellerAds%26lpkey%3D1710284c1befb5d4ee74f16edc85338c3993b80251%26isV2%3Dtrue&dt=&en=promo_page_view&_ee=1&ep.landing_extensionName=AdSweeper&ep.landing_browserName=Chrome&ep.landing_locale=en&ep.landing_linkForOfferBtn=https%3A%2F%2Fexcellingvista.com%2Fclick%3Flp%3D1&ep.landing_userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.111%20Safari%2F537.36&ep.landing_promo=t27a&ep.landing_clk_domain=excellingvista.com&ep.landing_flow=binom&ep.landing_campaignId=10557&ep.landing_cid=cnocq3r2r96s73ce9clg&ep.landing_source=PropellerAds&ep.landing_lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&ep.landing_isV2=true&ep.isStatic=true&_et=6&tfd=6511
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WV373MWWXX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://landing.download-available.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Mar 2024 21:45:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://landing.download-available.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5726879&ymid=null&sw=/sw-check-permissions-10eaa.js

Domain: 173bf111.akstat.io
URL: https://173bf111.akstat.io/

Domain: 173bf111.akstat.io
URL: https://173bf111.akstat.io/

Domain: excellingvista.com
URL: https://excellingvista.com/click?upd_clickid=cnocq3r2r96s73ce9clg&add_event6=1

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.rtmark.net/	1970-01-21 03:50:15	Name: ID Value: c89917bb441c4f1cb9216c8453e0e2c7
ak.alklinker.com/	1970-01-21 03:50:15	Name: oaidts Value: 1710279949
ak.alklinker.com/	1970-01-21 03:50:15	Name: OAID Value: c89917bb441c4f1cb9216c8453e0e2c7
ak.alklinker.com/	1970-01-20 19:14:44	Name: syncedCookie Value: true
ak.ocoaksib.com/	1970-01-21 03:50:15	Name: oaidts Value: 1710279950
ak.ocoaksib.com/	1970-01-21 03:50:15	Name: OAID Value: c89917bb441c4f1cb9216c8453e0e2c7
ak.ocoaksib.com/	1970-01-20 19:14:44	Name: syncedCookie Value: true
excellingvista.com/	1970-01-21 03:50:15	Name: uclick Value: kbiKxV9cO9w1hODxO2CY4HFJVLp791ZsvdaIzsvfJlp9OPYyZ25ZEnLB/RTh0jDuOIlPvqw=
excellingvista.com/	1970-01-21 03:50:15	Name: bcid Value: cnocq3r2r96s73ce9clg
excellingvista.com/	1970-01-21 03:50:15	Name: cid Value: cnocq3r2r96s73ce9clg
.download-available.xyz/	1970-01-21 04:40:39	Name: _ga Value: GA1.1.328019080.1710279952
.download-available.xyz/	1970-01-21 04:40:39	Name: _ga_WV373MWWXX Value: GS1.1.1710279952.1.0.1710279952.0.0.0
.download-available.xyz/	1970-01-21 04:40:39	Name: clk_domain Value: excellingvista.com
.download-available.xyz/	1970-01-21 04:40:39	Name: flow Value: binom
.download-available.xyz/	1970-01-21 04:40:39	Name: campaignId Value: 10557
.download-available.xyz/	1970-01-21 04:40:39	Name: cid Value: cnocq3r2r96s73ce9clg
.download-available.xyz/	1970-01-21 04:40:39	Name: source Value: PropellerAds
.download-available.xyz/	1970-01-21 04:40:39	Name: lpkey Value: 1710284c1befb5d4ee74f16edc85338c3993b80251
.download-available.xyz/	1970-01-21 04:40:39	Name: isV2 Value: true
www.clarity.ms/	1970-01-21 03:50:15	Name: CLID Value: a57c059ab4994db99ea7d649d34c10c4.20240312.20250312
.download-available.xyz/	1970-01-21 03:50:15	Name: _clck Value: hjcou6%7C2%7Cfk0%7C0%7C1532
.download-available.xyz/	1970-01-20 19:06:06	Name: _clsk Value: mvrtin%7C1710279952741%7C1%7C1%7Cn.clarity.ms%2Fcollect
.bing.com/	1970-01-21 04:26:15	Name: MUID Value: 21589ECEB0456A5B047E8A8EB1596B07
.c.bing.com/	1970-01-20 19:14:44	Name: MR Value: 0
.c.bing.com/	1970-01-21 04:26:15	Name: SRM_B Value: 21589ECEB0456A5B047E8A8EB1596B07
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 04:26:15	Name: MUID Value: 21589ECEB0456A5B047E8A8EB1596B07
.c.clarity.ms/	1970-01-20 19:14:44	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:04:40	Name: ANONCHK Value: 0

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://c0.myqvids.com/?cnv_id=undefined Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ak.alklinker.com/afu.php?zoneid=5726880 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ak.alklinker.com/afu.php?zoneid=5726880 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ak.ocoaksib.com/4/6118780/?var=5726880&btz=Pacific/Honolulu&bto=600 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ak.ocoaksib.com/4/6118780/?var=5726880&btz=Pacific/Honolulu&bto=600 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://landing.download-available.xyz/t27a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnocq3r2r96s73ce9clg&source=PropellerAds&lpkey=1710284c1befb5d4ee74f16edc85338c3993b80251&isV2=true Message: Access to XMLHttpRequest at 'https://excellingvista.com/click?upd_clickid=cnocq3r2r96s73ce9clg&add_event6=1' from origin 'https://landing.download-available.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://excellingvista.com/click?upd_clickid=cnocq3r2r96s73ce9clg&add_event6=1 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

173bf111.akstat.io
ak.alklinker.com
ak.ocoaksib.com
b3.myqvids.com
c.bing.com
c.clarity.ms
c.go-mpulse.net
c0.myqvids.com
datatechone.com
excellingvista.com
fonts.googleapis.com
fonts.gstatic.com
jouteetu.net
landing.download-available.xyz
my.rtmark.net
n.clarity.ms
s.go-mpulse.net
shaumtol.com
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
173bf111.akstat.io
excellingvista.com
shaumtol.com
104.117.182.161
139.45.195.253
139.45.195.8
139.45.197.250
139.45.197.251
20.110.205.119
23.44.201.216
2600:141b:1c00:3a7::11a6
2600:141b:5000:395::11a6
2606:4700:3035::6815:559d
2606:4700:3035::ac43:9398
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80e::200e
2607:f8b0:4006:816::2008
2620:1ec:bdf::40
2620:1ec:c11::200
52.184.204.244
52.58.28.63
08ffd52cae98b8ce38870e7e42f4efa09bd581863d9da203f593828851d301b7
15009d82c090a5ca60f35ad0bea797c41176209a310ef68f3fed5146c86e361a
17b4230274e3785db20adfc1df4d93dcee45ead0b6fff74d94d019d3dea27820
25fe80013eb2222e748429721dd632fba347bcd63bb04f9c75ac015d9fe190a6
31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc
42ccefc110cfc9f6cc2dcfc0a6043645099aac0e1b32e0214e3d2dd954fe27a7
4babba5cbd5143d3ea9cbaa46c5a568eabe6e36149b58a60494a693ecb69f66f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52cf12bc82ebb3724f4b41cb478f383c7c6f57e3a15fda54c87f00db1edd4f87
605a19acc25b956fbe94ea993415b723261a6b9a45ebd2ac3799b2a51337600c
69547eb31e970acabc5b86a4b2083c2c584dcbabf52a917cfc0f72dad7ffc0be
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f564c0872b20b68ed53a1dd9940756dc2d67f836c11d719af67b16a68142180
a36ce78ec1c47535afbf0a9cc8ac858e9bb36a5203baa77c5b51e99c7323c862
a5f7df130bd465b96c08e1d62b70257546ca2bbdf86f11a71333bb73aab63ceb
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bc1797066c4364b50c380ffc02fd29fe378332593b053175deef151301b8f356
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d325f88bd958a422137a658dc31ab40c83a324904041fbc966cceeeb586ae9
fba0eede361a6264de01bf7555a0e56f32a69fa6381a2c421d04652b8a15448c
ff77c61bd9f925275715a3f2685f4a8b4335f887d7dd00bac1c44f5cd58bde45
fff80755437b5821bd1afedcbabbf593bc5ad704164a84e161c7d6903f2cad84

landing.download-available.xyz Open in urlscan Pro 2606:4700:3035::ac43:9398 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

91 %HTTPS

53 %IPv6

17 Domains

21 Subdomains

18 IPs

3 Countries

388 kBTransfer

976 kBSize

29 Cookies

0 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

landing.download-available.xyz Open in urlscan Pro
2606:4700:3035::ac43:9398 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

91 %
HTTPS

53 %
IPv6

17
Domains

21
Subdomains

18
IPs

3
Countries

388 kB
Transfer

976 kB
Size

29
Cookies

57 HTTP transactions
0 data transactions