urlscan.io logo urlscan.io
SecurityTrails logo

landing.download-available.xyz Open in urlscan Pro
2606:4700:3035::ac43:9398  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://jixoluxe.com/cl/63baca1e59754bef?p1=&p2=&source=&site=&p1=9tjngces2r8dikazi2ny2t
Effective URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=P...
Submission: On March 11 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 17 domains to perform 63 HTTP transactions. The main IP is 2606:4700:3035::ac43:9398, located in and belongs to . The main domain is landing.download-available.xyz.
TLS certificate: Issued by GTS CA 1P5 on March 4th 2024. Valid for: 3 months.
This is the only time landing.download-available.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3035::ac43:b4f8 (United States)

ASN13335 (CLOUDFLARENET, US)
jixoluxe.com
3    2600:1f18:43d1:2a02:b6ee:327b:545e:e578 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
skvn3.bemobtrcks.com
6    2606:4700:3032::ac43:91be (United States)

ASN13335 (CLOUDFLARENET, US)
myofferjungle.com
2    139.45.197.252 (United Kingdom)

ASN9002 (RETN-AS, GB)
desenteir.com
1    2606:4700:3037::6815:1ff4 (United States)

ASN13335 (CLOUDFLARENET, US)
jixoluxe.com
6    139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)
shaumtol.com
19    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
jouteetu.net
3    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
4    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
oodrampi.com
1    139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)
datatechone.com
1    52.58.28.63 (None, )

ASN- ()
excellingvista.com
11    2606:4700:3035::ac43:9398 (None, )

ASN- ()
landing.download-available.xyz
1    2607:f8b0:4006:81d::2008 (None, )

ASN- ()
www.googletagmanager.com
1    2607:f8b0:4006:80e::200a (None, )

ASN- ()
fonts.googleapis.com
2    2620:1ec:bdf::40 (None, )

ASN- ()
www.clarity.ms
2    2607:f8b0:4006:80d::2003 (None, )

ASN- ()
fonts.gstatic.com
1    2607:f8b0:4006:820::200e (None, )

ASN- ()
www.google-analytics.com
2    20.110.205.119 (None, )

ASN- ()
c.clarity.ms
1    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
1    20.96.88.162 (None, )

ASN- ()
k.clarity.ms
Apex Domain
Subdomains		 Transfer
19 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 30771
11 download-available.xyz
landing.download-available.xyz
212 KB
6 shaumtol.com
shaumtol.com — Cisco Umbrella Rank: 269924
31 KB
6 myofferjungle.com
myofferjungle.com
6 KB
5 clarity.ms
www.clarity.ms
c.clarity.ms
k.clarity.ms
27 KB
4 oodrampi.com
oodrampi.com
30 KB
3 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11818
2 KB
3 bemobtrcks.com
skvn3.bemobtrcks.com
3 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 desenteir.com
desenteir.com — Cisco Umbrella Rank: 520749
2 jixoluxe.com
jixoluxe.com
3 KB
1 bing.com
c.bing.com
764 B
1 google-analytics.com
www.google-analytics.com
256 B
1 googleapis.com
fonts.googleapis.com
1 KB
1 googletagmanager.com
www.googletagmanager.com
85 KB
1 excellingvista.com
excellingvista.com
417 B
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 37995 Failed
465 B
63 17
Domain Requested by
19 jouteetu.net shaumtol.com
11 landing.download-available.xyz landing.download-available.xyz
6 shaumtol.com myofferjungle.com
shaumtol.com
6 myofferjungle.com 2 redirects myofferjungle.com
shaumtol.com
4 oodrampi.com 1 redirects myofferjungle.com
oodrampi.com
3 my.rtmark.net shaumtol.com
oodrampi.com
3 skvn3.bemobtrcks.com 3 redirects myofferjungle.com
2 c.clarity.ms 1 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 www.clarity.ms landing.download-available.xyz
www.clarity.ms
2 desenteir.com myofferjungle.com
2 jixoluxe.com 2 redirects
1 k.clarity.ms www.clarity.ms
1 c.bing.com 1 redirects
1 www.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com landing.download-available.xyz
1 www.googletagmanager.com landing.download-available.xyz
1 excellingvista.com 1 redirects landing.download-available.xyz
1 datatechone.com oodrampi.com
63 19

This site contains no links.

Subject Issuer Validity Valid
myofferjungle.com
GTS CA 1P5		 2024-01-25 -
2024-04-24		 3 months crt.sh
desenteir.com
R3		 2024-02-11 -
2024-05-11		 3 months crt.sh
shaumtol.com
R3		 2024-02-21 -
2024-05-21		 3 months crt.sh
jouteetu.net
R3		 2024-02-24 -
2024-05-24		 3 months crt.sh
rtmark.net
R3		 2024-03-02 -
2024-05-31		 3 months crt.sh
oodrampi.com
R3		 2024-02-02 -
2024-05-02		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-10 -
2024-12-23		 a year crt.sh
download-available.xyz
GTS CA 1P5		 2024-03-04 -
2024-06-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh

This page contains 3 frames:

Primary Page: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Frame ID: 837589146536E31E66BCF92272FD19F7
Requests: 41 HTTP requests in this frame

Frame: https://oodrampi.com/4/7200044
Frame ID: 614C23D86B98B47FF6ECDA7C315C4E49
Requests: 21 HTTP requests in this frame

Frame: https://skvn3.bemobtrcks.com/go/a8a9323d-ef8e-4bb8-9033-89bc530e0733?cost={cost}&visitor_id=${SUBID}&zoneid={zoneid}&bannerid={bannerid}&country={country}&os={os}&user_activity={user_activity}&zone_type={zone_type}
Frame ID: FAEA750B59D0CC91D8B824B141D92535
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://jixoluxe.com/cl/63baca1e59754bef?p1=&p2=&source=&site=&p1=9tjngces2r8dikazi2ny2t HTTP 302
    https://skvn3.bemobtrcks.com/go/a8a9323d-ef8e-4bb8-9033-89bc530e0733?cost={cost}&visitor_id=${SUBID}&zone... HTTP 302
    https://myofferjungle.com/iF_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec3... HTTP 301
    https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec3... Page URL
  2. https://oodrampi.com/4/7200044 Page URL
  3. https://oodrampi.com/?z=7200044&syncedCookie=true&rhd=false HTTP 302
    https://excellingvista.com/click?key=fickwiw7fy7yshltu1k2&visitor_id=791174104232505749&cost=0.046898&z... HTTP 307
    https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

63
Requests

90 %
HTTPS

55 %
IPv6

17
Domains

19
Subdomains

16
IPs

2
Countries

424 kB
Transfer

942 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://jixoluxe.com/cl/63baca1e59754bef?p1=&p2=&source=&site=&p1=9tjngces2r8dikazi2ny2t HTTP 302
    https://skvn3.bemobtrcks.com/go/a8a9323d-ef8e-4bb8-9033-89bc530e0733?cost={cost}&visitor_id=${SUBID}&zoneid={zoneid}&bannerid={bannerid}&country={country}&os={os}&user_activity={user_activity}&zone_type={zone_type} HTTP 302
    https://myofferjungle.com/iF_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041 HTTP 301
    https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041 Page URL
  2. https://oodrampi.com/4/7200044 Page URL
  3. https://oodrampi.com/?z=7200044&syncedCookie=true&rhd=false HTTP 302
    https://excellingvista.com/click?key=fickwiw7fy7yshltu1k2&visitor_id=791174104232505749&cost=0.046898&zoneid=7200044&campaignid=7657014&bannerid=19605546&subzoneid=0 HTTP 307
    https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://jixoluxe.com/cl/63baca1e59754bef?p1=&p2=&source=&site=&p1=9tjngces2r8dikazi2ny2t HTTP 302
  • https://skvn3.bemobtrcks.com/go/a8a9323d-ef8e-4bb8-9033-89bc530e0733?cost={cost}&visitor_id=${SUBID}&zoneid={zoneid}&bannerid={bannerid}&country={country}&os={os}&user_activity={user_activity}&zone_type={zone_type} HTTP 302
  • https://myofferjungle.com/iF_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041 HTTP 301
  • https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Request Chain 2
  • https://skvn3.bemobtrcks.com/click HTTP 302
  • https://jixoluxe.com/cl/63baca1e59754bef?p1=&p2=&source=&site=&p1=2oG15FZ1P9PzCkLF5Moiya HTTP 302
  • https://skvn3.bemobtrcks.com/go/a8a9323d-ef8e-4bb8-9033-89bc530e0733?cost={cost}&visitor_id=${SUBID}&zoneid={zoneid}&bannerid={bannerid}&country={country}&os={os}&user_activity={user_activity}&zone_type={zone_type} HTTP 302
  • https://myofferjungle.com/iF_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..r%3Dhttps%253A%252F%252Fmyofferjungle~BEMOB_DOT~com%252F..ts%3D1710194121993 HTTP 301
  • https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..r%3Dhttps%253A%252F%252Fmyofferjungle~BEMOB_DOT~com%252F..ts%3D1710194121993
Request Chain 16
  • https://skvn3.bemobtrcks.com/click HTTP 302
  • https://jixoluxe.com/cl/63baca1e59754bef?p1=&p2=&source=&site=&p1=2sohDsfLqq1kGAPijacd6W HTTP 302
  • https://skvn3.bemobtrcks.com/go/a8a9323d-ef8e-4bb8-9033-89bc530e0733?cost={cost}&visitor_id=${SUBID}&zoneid={zoneid}&bannerid={bannerid}&country={country}&os={os}&user_activity={user_activity}&zone_type={zone_type}
Request Chain 60
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9F28B4C709564313B5BAB5E3EEE893A4&RedC=c.clarity.ms&MXFR=0D43AD4B4ACC62B707B1B9744ECC6C6F HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9F28B4C709564313B5BAB5E3EEE893A4&MUID=292E6FD5263066C307A27BEA275F675B

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
if_smartlink
myofferjungle.com/
Redirect Chain
  • http://jixoluxe.com/cl/63baca1e59754bef?p1=&p2=&source=&site=&p1=9tjngces2r8dikazi2ny2t
  • https://skvn3.bemobtrcks.com/go/a8a9323d-ef8e-4bb8-9033-89bc530e0733?cost={cost}&visitor_id=${SUBID}&zoneid={zoneid}&bannerid={bannerid}&country={country}&os={os}&user_activity={user_activity}&zone...
  • https://myofferjungle.com/iF_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
  • https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:91be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e38fab37c44d200afacbb20f5eba04509a61227940a8e4d8c3ae06b49a174e6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
14588
alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
cf-cache-status
DYNAMIC
cf-ray
862ec9ca78201a0b-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 11 Mar 2024 21:55:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZo8kKJKw9XmlzlX6L1su7EEESMQhqAZuI2U1RRgS15k2T%2F4qe5ySKkkIighLysxnDyX%2Bh4IB2x8WVfwFLSkbcctc93yMmfXPhw%2BZpTOt%2FvebWaK%2B80fGVytuBNRCI5SQ39whllr61%2FOm8ylvU422g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-nf-request-id
01HRQR6PMHNMAB6BGRSMND9G0R

Redirect headers

accept-ranges
bytes
age
14585
alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
cf-cache-status
DYNAMIC
cf-ray
862ec9c9efa81a0b-EWR
content-type
text/html; charset=UTF-8
date
Mon, 11 Mar 2024 21:55:21 GMT
location
/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBLPGqxD9J7pl1uJcfS4l2dNRtsDcTs3EipNd8Uebi%2FKbLm2lOsAyBypZ6%2B7Ll9iS4j3oKT5mlKzNkK7nqVuGgKFLKnkC8eShCkRaj055oBICDj8rXzTNuCssVO%2FZNkcVa%2F4m438G3O9Q7bqgRTPfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-nf-request-id
01HRQR6PJ3NHVJH22C1YSY1322
reverse.min.js
desenteir.com/tb1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://desenteir.com/tb1/reverse.min.js?sf=1
Requested by
Host: myofferjungle.com
URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.252 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myofferjungle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers
if_smartlink
myofferjungle.com/ Frame 614C
Redirect Chain
  • https://skvn3.bemobtrcks.com/click
  • https://jixoluxe.com/cl/63baca1e59754bef?p1=&p2=&source=&site=&p1=2oG15FZ1P9PzCkLF5Moiya
  • https://skvn3.bemobtrcks.com/go/a8a9323d-ef8e-4bb8-9033-89bc530e0733?cost={cost}&visitor_id=${SUBID}&zoneid={zoneid}&bannerid={bannerid}&country={country}&os={os}&user_activity={user_activity}&zone...
  • https://myofferjungle.com/iF_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..r%3Dhttps%253A%252F%252Fmyofferjungle~BEMOB_DOT~co...
  • https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..r%3Dhttps%253A%252F%252Fmyofferjungle~BEMOB_DOT~co...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..r%3Dhttps%253A%252F%252Fmyofferjungle~BEMOB_DOT~com%252F..ts%3D1710194121993
Requested by
Host: myofferjungle.com
URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:91be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e38fab37c44d200afacbb20f5eba04509a61227940a8e4d8c3ae06b49a174e6

Request headers

Referer
https://myofferjungle.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
13598
alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
cf-cache-status
DYNAMIC
cf-ray
862ec9d0285c1a34-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 11 Mar 2024 21:55:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9xCpcwW4yqFc4ihIk988gIcNbgJlrEzexWpKFT0W5%2FxAYp7uSGm6JS%2FjSVD4XbQD8PJXKc%2BHN%2Bxpm%2FM2uzw33cnOrmkIULTuNgKeG7MLvFjMMZySiey0upsDIolm1uX2y0pKsU44VmbElYOrRuN7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-nf-request-id
01HRQR6QH5FX5N54JSH4ZRMA5C

Redirect headers

accept-ranges
bytes
age
14586
alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
cf-cache-status
DYNAMIC
cf-ray
862ec9cf3f941a34-EWR
content-type
text/html; charset=UTF-8
date
Mon, 11 Mar 2024 21:55:22 GMT
location
/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..r%3Dhttps%253A%252F%252Fmyofferjungle~BEMOB_DOT~com%252F..ts%3D1710194121993
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Us4SsPUqvvyAFFkD3kfdgw%2FxqIeD70FauvMomr6Xyqbltvc%2Ba8xK6ZMmDN%2FdrBfCpVrfORIoyl%2BYR1zb3H3C21VeHnauQSTNdC3n%2FRFfwZOBr7jz1b47xRaGOAzy3%2FbYv369%2Fal6YIxvBF29zAgwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-nf-request-id
01HRQR6QCM1RCD76FDY7V9A7X5
micro.tag.min.js
shaumtol.com/pfe/current/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Requested by
Host: myofferjungle.com
URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ac659687f647d5e86d31f6d9e4be3cd6a5534d01532d1310e8ced114919e0afb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myofferjungle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Mar 2024 21:55:21 GMT
content-encoding
gzip
last-modified
Fri, 08 Mar 2024 09:19:22 GMT
server
nginx
etag
W/"65ead81a-8a1a"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
sw-check-permissions-a2fe0.js
myofferjungle.com/ 		0
892 B 		Other
General
Check archive.org
Download Go to
Full URL
https://myofferjungle.com/sw-check-permissions-a2fe0.js?zoneId=7200043
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:91be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-nf-request-id
01HRKSN0KH029MV2Z40HW7B8AR
date
Mon, 11 Mar 2024 21:55:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=566
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"83814131083dfb78b87dd9167b5eb893-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQWbmq5QxLI8NUIl%2B18svZFpHhboZZgIjA7FYpYevU6Cm7bXzBHkQSTP%2BG6PsmVkZYN6nPKo%2Fi8HPs%2FArr8VOVn7a6QUEQv0cEunHQELZ%2BwFALje5Wu5qiIy3mGRSlu54KlRTsMAGBnx%2FjYnDBgzzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
862ec9cebf3e1a34-EWR
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
shaumtol.com/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://shaumtol.com/zone?&pub=0&zone_id=7200043&is_mobile=false&domain=myofferjungle.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=37d17007-e5ad-45c1-9d47-4492e00535d1&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myofferjungle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-trace-id
52c9cb977da33f0144c0b05b8508363f
date
Mon, 11 Mar 2024 21:55:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
https://myofferjungle.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=7200043&checkDuplicate=true&ymid=&var=
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2cb0129d3099efcbeaa9dd5612485e19758a4378d773ffae89935078456f4c45
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myofferjungle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:55:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://myofferjungle.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
shaumtol.com/ 		801 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shaumtol.com/zone?&pub=0&zone_id=7200043&is_mobile=false&domain=myofferjungle.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=37d17007-e5ad-45c1-9d47-4492e00535d1&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9b1308fbdbda02929c1cbe96f8b9cd9de80df38ee2fab49150b12ca3325814ff
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myofferjungle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-trace-id
dfe495cdd7af14a7342e354253cb39ce
date
Mon, 11 Mar 2024 21:55:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://myofferjungle.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
801
reverse.min.js
desenteir.com/tb1/ Frame 614C 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://desenteir.com/tb1/reverse.min.js?sf=1
Requested by
Host: myofferjungle.com
URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..r%3Dhttps%253A%252F%252Fmyofferjungle~BEMOB_DOT~com%252F..ts%3D1710194121993
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.252 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myofferjungle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers
a8a9323d-ef8e-4bb8-9033-89bc530e0733
skvn3.bemobtrcks.com/go/ Frame FAEA
Redirect Chain
  • https://skvn3.bemobtrcks.com/click
  • https://jixoluxe.com/cl/63baca1e59754bef?p1=&p2=&source=&site=&p1=2sohDsfLqq1kGAPijacd6W
  • https://skvn3.bemobtrcks.com/go/a8a9323d-ef8e-4bb8-9033-89bc530e0733?cost={cost}&visitor_id=${SUBID}&zoneid={zoneid}&bannerid={bannerid}&country={country}&os={os}&user_activity={user_activity}&zone...
0
0
micro.tag.min.js
shaumtol.com/pfe/current/ Frame 614C 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Requested by
Host: myofferjungle.com
URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..r%3Dhttps%253A%252F%252Fmyofferjungle~BEMOB_DOT~com%252F..ts%3D1710194121993
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ac659687f647d5e86d31f6d9e4be3cd6a5534d01532d1310e8ced114919e0afb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myofferjungle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Mar 2024 21:55:22 GMT
content-encoding
gzip
last-modified
Fri, 08 Mar 2024 09:19:22 GMT
server
nginx
etag
W/"65ead81a-8a1a"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ Frame 614C 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
sw-check-permissions-a2fe0.js
myofferjungle.com/ Frame 614C 		0
857 B 		Other
General
Check archive.org
Download Go to
Full URL
https://myofferjungle.com/sw-check-permissions-a2fe0.js?zoneId=7200043
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:91be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..r%3Dhttps%253A%252F%252Fmyofferjungle~BEMOB_DOT~com%252F..ts%3D1710194121993
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-nf-request-id
01HRKSN0KH029MV2Z40HW7B8AR
date
Mon, 11 Mar 2024 21:55:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=566
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"83814131083dfb78b87dd9167b5eb893-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjAjqL4QKMbzcB%2Bn8lzCRbi7f3v6DyR%2BMIxyXfibjPVASl5FRO1R6Z5pL9FAW%2BVIVnJs81R8PYO%2Bx2MWjfVS%2BxzF5ZB1DvQcCL4SGGDzdHRR%2Fsoc3Au6h9tjWb5wgTB%2FRtblYaCj7AU2QrPj7HCBMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
862ec9d44b6c1a34-EWR
custom
jouteetu.net/ Frame 614C 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
shaumtol.com/ Frame 614C 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://shaumtol.com/zone?&pub=0&zone_id=7200043&is_mobile=false&domain=myofferjungle.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=0263ef07-25e7-4db6-be20-66c4ec57abd4&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myofferjungle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-trace-id
dd57870942e69fcf16b9034fb460821d
date
Mon, 11 Mar 2024 21:55:23 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
https://myofferjungle.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
custom
jouteetu.net/ Frame 614C 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ Frame 614C 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ Frame 614C 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=7200043&checkDuplicate=true&ymid=&var=
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myofferjungle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:55:23 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://myofferjungle.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ Frame 614C 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ Frame 614C 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
7200044
oodrampi.com/4/ 		33 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oodrampi.com/4/7200044
Requested by
Host: myofferjungle.com
URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
1d684d94683f0eda7f29485f502f254071805cac203aced3d8fe45aa62b0b87b

Request headers

Referer
https://myofferjungle.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Mon, 11 Mar 2024 21:55:23 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
ebd0ff53d480bdabcd427f4f15a62051
custom
jouteetu.net/ Frame 614C 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ Frame 614C 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
shaumtol.com/ Frame 614C 		801 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shaumtol.com/zone?&pub=0&zone_id=7200043&is_mobile=false&domain=myofferjungle.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=0263ef07-25e7-4db6-be20-66c4ec57abd4&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myofferjungle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-trace-id
fefdf95fda055798a94b098144ee0cbf
date
Mon, 11 Mar 2024 21:55:23 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://myofferjungle.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
801
custom
jouteetu.net/ Frame 614C 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
7200044
oodrampi.com/4/ Frame 614C 		33 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oodrampi.com/4/7200044
Requested by
Host: myofferjungle.com
URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..r%3Dhttps%253A%252F%252Fmyofferjungle~BEMOB_DOT~com%252F..ts%3D1710194121993
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://myofferjungle.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Mon, 11 Mar 2024 21:55:23 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
dbe4a12b4ee9fbc16f0fca7a96d6ec67
custom
jouteetu.net/ Frame 614C 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=7200043&sw=/sw-check-permissions-a2fe0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://myofferjungle.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
sftouch
oodrampi.com/ Frame 614C 		0
0
img.gif
my.rtmark.net/ Frame 614C 		0
0
add
datatechone.com/log/ Frame 614C 		0
0
sftouch
oodrampi.com/ 		2 B
608 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://oodrampi.com/sftouch?userId=00801c423ff44188fc6e3354d14b2c09&z=7200044&p_rid=d9e0a5b7-3e61-4b8c-ba41-97f25b665977&p_src=sf&branchId=400701&rb=Dx0xciAmLCCClzwUpcl7YiVj-xhnENbEnCbEJugChrbg7R5ipjR4zQyP4LrrTpAuf0Fh1LJgT_VYg9WPeQCcNfBoIsCtV2TWKkgjPYKQuW9hN5AXNuJUp1s6Y0zBXHVDrNW6RFa6X4ylllXvC5DOlnk7jMyLOlQHwoD1RKMQfy4VwvXrWCA_3Tes-xC_98_fEdeUJ3-zpKlGLqDPrP6OmKM1sZdiINgrXA4-NG5iHJJoeB26r0F1V-5aGDnRDXwvSlSla1t2imusF-ivnbrEgKWY2FTb_EfLq7-mEBqeCN0tgKtJUwGlSckQVhf8YT5CMQ7UV6W5Cd6TWc18
Requested by
Host: oodrampi.com
URL: https://oodrampi.com/4/7200044
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://oodrampi.com/4/7200044
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:55:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
45b5327d5241ce46cc5fea9e098be337
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://oodrampi.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=00801c423ff44188fc6e3354d14b2c09&z=7200044&p_rid=d9e0a5b7-3e61-4b8c-ba41-97f25b665977&p_src=sf
Requested by
Host: oodrampi.com
URL: https://oodrampi.com/4/7200044
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://oodrampi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:55:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ 		2 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d9e0a5b7-3e61-4b8c-ba41-97f25b665977
Requested by
Host: oodrampi.com
URL: https://oodrampi.com/4/7200044
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://oodrampi.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 11 Mar 2024 21:55:24 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://oodrampi.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
Primary Request t10a
landing.download-available.xyz/
Redirect Chain
  • https://oodrampi.com/?z=7200044&syncedCookie=true&rhd=false
  • https://excellingvista.com/click?key=fickwiw7fy7yshltu1k2&visitor_id=791174104232505749&cost=0.046898&zoneid=7200044&campaignid=7657014&bannerid=19605546&subzoneid=0
  • https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&i...
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9398 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d0fa32a2da3a7972aa5400f056c0e07b019bdd73b64d2b154133d514377dfc40
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://oodrampi.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
862ec9e5b89541de-EWR
content-encoding
br
content-type
text/html
date
Mon, 11 Mar 2024 21:55:25 GMT
last-modified
Mon, 11 Mar 2024 13:49:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7lyRe2PWJsVoRZnNlzyTZxABYJbl%2BAfUGNE6147IaqVDBshrQHYcAdj0X8V0TXpJi4ipP3Uw8%2BxPsBPaXqEjJhU63XWdgpY%2BRK%2BMtiv2ophZrcW4QZds3lZlNcYzZkcW1U6%2F4TkbNHcUAN7UiXOzOBMY6AnhF5thQCqv%2Bg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

content-length
0
date
Mon, 11 Mar 2024 21:55:25 GMT
location
https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
server
Caddy
x-request-id
af7c9f4a-3493-4ada-bddc-c2601506582e
style.css
landing.download-available.xyz/t10a/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landing.download-available.xyz/t10a/style.css?50707e3441e2bd43e1c89afd8eed49cf
Requested by
Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9398 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8c8aa8a76ad4d0ec3c6c0e9b2b8c517f9608137d5888dc212f61e5506a2dcace
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:55:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28539
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Mar 2024 13:49:30 GMT
server
cloudflare
etag
W/"65ef0bea-d86"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B297amyuFbR4WzqNqgIQObF9I46EncIzabb1yU8TQJ53tz9AG1hmCyzsesoS0ensgFANLhKuB%2F78g0fcCv%2Fd5bJc54I8TA1RDuBOndfxAzv0JBct9%2BqUFqoc2nk%2FqEvtZAoAcvRxXvE0ElQVVR08nd1YuwLWUP%2BlrL8lC88%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
862ec9e6c9cc41de-EWR
expires
Tue, 11 Mar 2025 13:59:45 GMT
shared.css
landing.download-available.xyz/styles/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landing.download-available.xyz/styles/shared.css?50707e3441e2bd43e1c89afd8eed49cf
Requested by
Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9398 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f6d325f88bd958a422137a658dc31ab40c83a324904041fbc966cceeeb586ae9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:55:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6752
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Mar 2024 13:49:30 GMT
server
cloudflare
etag
W/"65ef0bea-61c5"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pf9L7nYPbWvV8AA7hSXObHRe%2BcBEVHSvnqMcJTqusu22SlLKy96bACL2DKWsZJQKUGAOiYV2A5%2F2XL6fVvS7Fr9TMJ%2ButgEEovoV1luEeWo4mcvjrZyNJdIh9HjPjXK9shYiOtW9aXKCtTgGyGx4iOH2BXFvuN%2Bog9g8rEg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
862ec9e6c9cd41de-EWR
js
www.googletagmanager.com/gtag/ 		242 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WV373MWWXX
Requested by
Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
42569178b7824a78038fa9dd50947c1e360ad3818b696cdfbc741a51c52eef00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landing.download-available.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:55:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86929
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 11 Mar 2024 21:55:26 GMT
screen1.svg
landing.download-available.xyz/images/promo-images/t10a/ 		54 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.download-available.xyz/images/promo-images/t10a/screen1.svg
Requested by
Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9398 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
dde9cf301c99dbdf1c7aa3ab8499df364876961d6e6b4bc7bd25a288da518ae5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:55:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5142
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Mar 2024 13:49:30 GMT
server
cloudflare
etag
W/"65ef0bea-d751"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoUGOf5DLIU4aK%2FSPWIk5v62ScfeUm7r7oKwm7%2BJOxhFU3inThYbvT1JaP90kVikmvg4IekfS3ICexmA1utCXaviDDL%2BQWWd1Obamo4mpzuP7QzqS6WmbzFzV4PnE27z0yKNVRW2r%2FybXLbn67s%2B%2BBvhfxy%2BgtHR%2FxqZTo8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
862ec9e6c9ce41de-EWR
arroww.svg
landing.download-available.xyz/images/promo-images/t10a/ 		500 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.download-available.xyz/images/promo-images/t10a/arroww.svg
Requested by
Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9398 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ab26d57838aecb68b5569b2be4b51ec7417d3a6171977160e77d9f1e01f58c42
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:55:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5494
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Mar 2024 13:49:30 GMT
server
cloudflare
etag
W/"65ef0bea-1f4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAyWQJT7DnwHahVbacrwFFkyHZw0HEWgmiWTTcNCbOUBc1wR60wXlS4hoSNj3tr90GMcMncQZ8YcCG5GKjOU4OW8iCPf%2FVPuEddVjcLMnB8XzQbIlaTBwEcNvaemtNscv2Hn%2BQnpI2S0o8F6NnVZ%2BJMcN%2B3T64Z4QPUXb1w%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
862ec9e6d9d341de-EWR
screen2.svg
landing.download-available.xyz/images/promo-images/t10a/ 		61 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.download-available.xyz/images/promo-images/t10a/screen2.svg
Requested by
Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9398 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2e3423219e97d9e0d2141dde0642dd7880d9533a9d87bb43eb4b1d5fdc99b7b9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:55:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5749
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Mar 2024 13:49:30 GMT
server
cloudflare
etag
W/"65ef0bea-f3da"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSYJBpey1JHp5zjDPycWSbu%2BDbfRty7Ci1vJkZ96gyHsWXvP9iRNLPa5fJILSXiED1PQ7VTHkpRBUGeP16%2FVACehLYhboETXzwB7lM7hDQvh%2B%2BkJyeV5f1FcdDF4h8FzTiuz6XDMQls7IL%2BRaCOrJLPCdzkAYCScarDuEOg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
862ec9e6e9dd41de-EWR
index.js
landing.download-available.xyz/js/ 		174 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing.download-available.xyz/js/index.js?50707e3441e2bd43e1c89afd8eed49cf
Requested by
Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9398 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a5f7df130bd465b96c08e1d62b70257546ca2bbdf86f11a71333bb73aab63ceb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:55:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6515
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Mar 2024 13:49:30 GMT
server
cloudflare
etag
W/"65ef0bea-2b9fb"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghnhj669NBK1LlcI%2BiT%2Fn7x71vMHGkOORAwuA%2FzRYxsBMk0oDHt1n3OJtqyStVIQ10OSAOvA7bs98%2FCoGXlU1q3htqh7F%2FwSKwc7e%2BOMpPEYHmlJZ0Ru%2BB0OFjTvNlEYBQCdZ1lFiDYoRQaiSxEf94pVAIvPTB%2F8j2tGzOs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
862ec9e6e9da41de-EWR
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/styles/shared.css?50707e3441e2bd43e1c89afd8eed49cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landing.download-available.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Mar 2024 21:55:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 20:05:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Mar 2024 21:55:26 GMT
jfl2pu6cif
www.clarity.ms/tag/ 		699 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/jfl2pu6cif
Requested by
Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/js/index.js?50707e3441e2bd43e1c89afd8eed49cf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb22fee84f5309f102e5cca3f640860eea51e0b6ccbd1422dbdcca3f80734597

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landing.download-available.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
-1
date
Mon, 11 Mar 2024 21:55:26 GMT
x-azure-ref
20240311T215526Z-dahmqmvsv101t6uhyvvum14mk0000000045g00000000cmh3
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
699
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
bg.webp
landing.download-available.xyz/images/promo-images/t10a/ 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.download-available.xyz/images/promo-images/t10a/bg.webp
Requested by
Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/t10a/style.css?50707e3441e2bd43e1c89afd8eed49cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9398 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b0aa9ed9b943d0790609e6ca04dda0993c1aed61749a48ca064ea31ef06be182
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landing.download-available.xyz/t10a/style.css?50707e3441e2bd43e1c89afd8eed49cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:55:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2727
alt-svc
h3=":443"; ma=86400
content-length
110858
last-modified
Mon, 11 Mar 2024 13:49:30 GMT
server
cloudflare
etag
"65ef0bea-1b10a"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkhe6an%2FC%2B%2FPaCAVlIeaysTSWnuMR00Ew5lN%2BuraIP5z9JDdVWIjtTFQ9sW7BodkHg8pFdUgotF%2Be4yqOnUp4ZFF34xvVdFDjMoEi6hvi1qbv2BrCYvfiFznBd2jJSee7gM4GJKjgTPYLYkbQmFg1k%2F7121Ecs4Ra8m82dY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
862ec9e8a95e18f6-EWR
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://landing.download-available.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 09:13:39 GMT
x-content-type-options
nosniff
age
477707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Mar 2025 09:13:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://landing.download-available.xyz
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 08:56:32 GMT
x-content-type-options
nosniff
age
478734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Mar 2025 08:56:32 GMT
collect
www.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WV373MWWXX&gtm=45je4360v9138627631za200&_p=1710194126188&gcd=13l3l3l3l1&npa=0&dma=0&cid=111412849.1710194126&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710194126&sct=1&seg=0&dl=https%3A%2F%2Flanding.download-available.xyz%2Ft10a%3Fclk_domain%3Dexcellingvista.com%26flow%3Dbinom%26campaignId%3D10557%26cid%3Dcnnnrjb2r96s73b7ejb0%26source%3DPropellerAds%26lpkey%3D1710184c1befb5d4ee74f16edc85338c3993b94425%26isV2%3Dtrue&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1931
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WV373MWWXX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landing.download-available.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Mar 2024 21:55:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://landing.download-available.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1821.3afe217ea2b4b745983d.js
landing.download-available.xyz/js/ 		462 B
834 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landing.download-available.xyz/js/1821.3afe217ea2b4b745983d.js
Requested by
Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/js/index.js?50707e3441e2bd43e1c89afd8eed49cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9398 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f44f68a97c51459d0f64b322d54fc9c35d9a3e468d0f205ffc752f88071b8a30
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:55:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1999
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Mar 2024 13:49:30 GMT
server
cloudflare
etag
W/"65ef0bea-1ce"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRal3r%2BmsYeoeu%2FHOWmMetyp5H1dFaeNGtNC1PbPV1X%2BW6zdwTVmQFc6z3gsqwWLWzO8n26VKCQ5c63Q7VEUGVVaIl7oNHm5vcMSi%2FZR8XOC7vZJJx59OSiLYi4gSR4UDmkehMlsrgM2O7fOPMvcRYbnb6XZaWGn3OLNtBY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
862ec9e929de18f6-EWR
logo.svg
landing.download-available.xyz/images/extension-icons/ad_sweeper/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.download-available.xyz/images/extension-icons/ad_sweeper/logo.svg
Requested by
Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/styles/shared.css?50707e3441e2bd43e1c89afd8eed49cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9398 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
fba0eede361a6264de01bf7555a0e56f32a69fa6381a2c421d04652b8a15448c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landing.download-available.xyz/styles/shared.css?50707e3441e2bd43e1c89afd8eed49cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:55:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2727
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Mar 2024 13:49:30 GMT
server
cloudflare
etag
W/"65ef0bea-869"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TErmojRBdk6aebK2F5wBytJhdhodgBYNW423umyodc%2FXJMTyY1hLvGb%2Fz08zdYXOAtihK6ZGXGxNQ4cIH%2FFoobBjg%2FAKSXY4h03KziKKmwMZHBalyd5B2V%2BzoKzGLI9ol3Zu%2F3S74WiUylkfp0pxcmQ7U0roGNBp%2BWU6FAw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
862ec9ea6ade18f6-EWR
available-in-chrome.svg
landing.download-available.xyz/images/browser-icons/ 		21 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.download-available.xyz/images/browser-icons/available-in-chrome.svg
Requested by
Host: landing.download-available.xyz
URL: https://landing.download-available.xyz/styles/shared.css?50707e3441e2bd43e1c89afd8eed49cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9398 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c387f0c95059dcc0e4e81da155b4f9bb846dc1e0ca283a289b437731db113d1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landing.download-available.xyz/styles/shared.css?50707e3441e2bd43e1c89afd8eed49cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:55:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1267
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Mar 2024 13:49:30 GMT
server
cloudflare
etag
W/"65ef0bea-536e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JifFUFOLAblYJ9GGxVitm4wOvXlisXU27vbQM0uJTc7bq1pfMlMcxL3YbK7gtJeOSbGzdbDcjbWld9GytIG%2F3KT2B26OPbQslN7V3y7BjCP5H9VlKIfbzL5q%2F8UnFJTiywjRcA5n%2BVtb19GDsr3QyZT9eA7bzF0YR1JGGN4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
862ec9ea6ae118f6-EWR
clarity.js
www.clarity.ms/s/0.7.24/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.24/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jfl2pu6cif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landing.download-available.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 21:55:26 GMT
content-encoding
br
last-modified
Sun, 10 Mar 2024 17:00:12 GMT
etag
W/"0x8DC41238D312F83"
vary
Accept-Encoding
x-azure-ref
20240311T215526Z-dahmqmvsv101t6uhyvvum14mk0000000045g00000000cmh4
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d5a1266e-d01e-007a-2f1b-73339b000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
click
excellingvista.com/ 		0
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9F28B4C709564313B5BAB5E3EEE893A4&RedC=c.clarity.ms&MXFR=0D43AD4B4ACC62B707B1B9744ECC6C6F
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9F28B4C709564313B5BAB5E3EEE893A4&MUID=292E6FD5263066C307A27BEA275F675B
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9F28B4C709564313B5BAB5E3EEE893A4&MUID=292E6FD5263066C307A27BEA275F675B
Protocol
H2
Server
20.110.205.119 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landing.download-available.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Mar 2024 21:55:26 GMT
last-modified
Fri, 01 Mar 2024 22:53:54 GMT
server
Microsoft-IIS/10.0
etag
"32434d562b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 11 Mar 2024 21:55:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D34C93FA6F3544BA8B8135C8B1C5C602 Ref B: PHL30EDGE0207 Ref C: 2024-03-11T21:55:27Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9F28B4C709564313B5BAB5E3EEE893A4&MUID=292E6FD5263066C307A27BEA275F675B
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
k.clarity.ms/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://landing.download-available.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://landing.download-available.xyz
Date
Mon, 11 Mar 2024 21:55:26 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
skvn3.bemobtrcks.com
URL
https://skvn3.bemobtrcks.com/go/a8a9323d-ef8e-4bb8-9033-89bc530e0733?cost={cost}&visitor_id=${SUBID}&zoneid={zoneid}&bannerid={bannerid}&country={country}&os={os}&user_activity={user_activity}&zone_type={zone_type}
Domain
oodrampi.com
URL
https://oodrampi.com/sftouch?userId=00801c760dd44414e67451c81a606c72&z=7200044&p_rid=fdfa378c-7cde-4c35-b94f-09393e14b80a&p_src=sf&branchId=400701&rb=rf8HrmgMPsHavNfXD5JobZ1bIzphtlIzSuu5FHp7CFPsl2wPXP4jwC1GQluJgwIY9xT_7-sOWwshwAbBpH4JUkkEUwaZd01BeQATrDCPjBPDAaHB3L694tHb5zFNtxmcnCl8NMYqwD8AMXAjbAETcfnl4A06_naz7GTmAFQCNd0RdsPRJM-v9ESkmw73lvQ4zsQ3QKh_pg1a48o5zUSWRwFDFJRMi13Tl5jb-zW-HYlfN0j79W1DiYEYWbKgCHGpgL4ZozVF14meIvcHJXsKY5muywWHqiNOB6v4b89DhYazJ9BpnqC6aEBVCABc7YkUPQU7u8RenTZqQ6A6YaXQWw==
Domain
my.rtmark.net
URL
https://my.rtmark.net/img.gif?f=merge&userId=00801c760dd44414e67451c81a606c72&z=7200044&p_rid=fdfa378c-7cde-4c35-b94f-09393e14b80a&p_src=sf
Domain
datatechone.com
URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=fdfa378c-7cde-4c35-b94f-09393e14b80a
Domain
excellingvista.com
URL
https://excellingvista.com/click?upd_clickid=cnnnrjb2r96s73b7ejb0&add_event6=1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Domain/Path Name / Value
jixoluxe.com/ Name: sbc63baca1e59754bef
Value: eyJpdiI6Ik9ERWczVW9xOXlsTVg3YlBBakhaY1E9PSIsInZhbHVlIjoiMEVZakw0MEdTcFZUd1U5WGVveVlTQT09IiwibWFjIjoiZjNlN2VmYmMzNDMxYjcwNDkyNWVhNTFiZTFmMzM3NjEzMDQxZjMzZDYwMTllZGEyMGU0YTEzYzQyNWI5NzQ5NyIsInRhZyI6IiJ9
jixoluxe.com/ Name: vis
Value: eyJpdiI6IndMV05qL2xaVzJsNng5QTRvRkVSbWc9PSIsInZhbHVlIjoiTStYdUNnVi9FUHB5b2hIVVJiTVkxUT09IiwibWFjIjoiNmNjOWFlZjU2YmI1ZWQxYmVlMjM2OTliYTA1NmRlZGJkZjgyODYwN2EzMTQ3ODc5NmUwMGE1OWQzNDI0MTFkZiIsInRhZyI6IiJ9
.skvn3.bemobtrcks.com/ Name: bemob-viewer-id
Value: c6906a52-46da-4986-a5e3-de7ec8f5ee4e
.skvn3.bemobtrcks.com/ Name: bemob-uniq-visit:a8a9323d-ef8e-4bb8-9033-89bc530e0733
Value: 1
.skvn3.bemobtrcks.com/ Name: bemob-rotation:a8a9323d-ef8e-4bb8-9033-89bc530e0733:random:bf0bf9c02577b8d95e4bf1ad6d8e3be5
Value: 0-0-0
.skvn3.bemobtrcks.com/ Name: bemob-uniq-click:a8a9323d-ef8e-4bb8-9033-89bc530e0733
Value: 1
.skvn3.bemobtrcks.com/ Name: bemob-rotation:a8a9323d-ef8e-4bb8-9033-89bc530e0733:random:61c06127332436af7a0fe926b52dd985
Value: 0-0-0
.skvn3.bemobtrcks.com/ Name: bemob-track-url
Value: https%3A%2F%2Fmyofferjungle.com%2FiF_smartlink%3Fbemobdata%3Dc%253Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%253D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%253D0..b%253D1..r%253Dhttps%25253A%25252F%25252Fmyofferjungle~BEMOB_DOT~com%25252F..ts%253D1710194121993
.skvn3.bemobtrcks.com/ Name: bemob-click-id
Value: 2sohDsfLqq1kGAPijacd6W
my.rtmark.net/ Name: ID
Value: 9452bc64c0de46b191b090b221250c0a
oodrampi.com/ Name: oaidts
Value: 1710194123
oodrampi.com/ Name: OAID
Value: 9452bc64c0de46b191b090b221250c0a
oodrampi.com/ Name: syncedCookie
Value: true

39 Console Messages

Source Level URL
Text
network error URL: https://desenteir.com/tb1/reverse.min.js?sf=1
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://desenteir.com/tb1/reverse.min.js?sf=1
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://myofferjungle.com/if_smartlink?bemobdata=c%3Da8a9323d-ef8e-4bb8-9033-89bc530e0733..l%3D2995ec33-1f59-48ac-9af8-5b29266f8d4e..a%3D0..b%3D1..ts%3D1710194121041
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://oodrampi.com/4/7200044
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://oodrampi.com/4/7200044
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://oodrampi.com/4/7200044
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Message:
Access to XMLHttpRequest at 'https://excellingvista.com/click?upd_clickid=cnnnrjb2r96s73b7ejb0&add_event6=1' from origin 'https://landing.download-available.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://excellingvista.com/click?upd_clickid=cnnnrjb2r96s73b7ejb0&add_event6=1
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://landing.download-available.xyz/t10a?clk_domain=excellingvista.com&flow=binom&campaignId=10557&cid=cnnnrjb2r96s73b7ejb0&source=PropellerAds&lpkey=1710184c1befb5d4ee74f16edc85338c3993b94425&isV2=true
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
datatechone.com
desenteir.com
excellingvista.com
fonts.googleapis.com
fonts.gstatic.com
jixoluxe.com
jouteetu.net
k.clarity.ms
landing.download-available.xyz
my.rtmark.net
myofferjungle.com
oodrampi.com
shaumtol.com
skvn3.bemobtrcks.com
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
datatechone.com
excellingvista.com
my.rtmark.net
oodrampi.com
skvn3.bemobtrcks.com
139.45.195.253
139.45.195.8
139.45.197.239
139.45.197.250
139.45.197.251
139.45.197.252
20.110.205.119
20.96.88.162
2600:1f18:43d1:2a02:b6ee:327b:545e:e578
2606:4700:3032::ac43:91be
2606:4700:3035::ac43:9398
2606:4700:3035::ac43:b4f8
2606:4700:3037::6815:1ff4
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80e::200a
2607:f8b0:4006:81d::2008
2607:f8b0:4006:820::200e
2620:1ec:bdf::40
2620:1ec:c11::200
52.58.28.63
1d684d94683f0eda7f29485f502f254071805cac203aced3d8fe45aa62b0b87b
1e38fab37c44d200afacbb20f5eba04509a61227940a8e4d8c3ae06b49a174e6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2cb0129d3099efcbeaa9dd5612485e19758a4378d773ffae89935078456f4c45
2e3423219e97d9e0d2141dde0642dd7880d9533a9d87bb43eb4b1d5fdc99b7b9
31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc
42569178b7824a78038fa9dd50947c1e360ad3818b696cdfbc741a51c52eef00
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
8c8aa8a76ad4d0ec3c6c0e9b2b8c517f9608137d5888dc212f61e5506a2dcace
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b1308fbdbda02929c1cbe96f8b9cd9de80df38ee2fab49150b12ca3325814ff
a5f7df130bd465b96c08e1d62b70257546ca2bbdf86f11a71333bb73aab63ceb
ab26d57838aecb68b5569b2be4b51ec7417d3a6171977160e77d9f1e01f58c42
ac659687f647d5e86d31f6d9e4be3cd6a5534d01532d1310e8ced114919e0afb
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0aa9ed9b943d0790609e6ca04dda0993c1aed61749a48ca064ea31ef06be182
c387f0c95059dcc0e4e81da155b4f9bb846dc1e0ca283a289b437731db113d1f
cb22fee84f5309f102e5cca3f640860eea51e0b6ccbd1422dbdcca3f80734597
d0fa32a2da3a7972aa5400f056c0e07b019bdd73b64d2b154133d514377dfc40
dde9cf301c99dbdf1c7aa3ab8499df364876961d6e6b4bc7bd25a288da518ae5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f44f68a97c51459d0f64b322d54fc9c35d9a3e468d0f205ffc752f88071b8a30
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d325f88bd958a422137a658dc31ab40c83a324904041fbc966cceeeb586ae9
fba0eede361a6264de01bf7555a0e56f32a69fa6381a2c421d04652b8a15448c