urlscan.io logo urlscan.io
SecurityTrails logo

dist.addon-continue.com Open in urlscan Pro
172.67.206.50  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mail.ubertron.ch/
Effective URL: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId...
Submission: On April 08 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 9 domains to perform 21 HTTP transactions. The main IP is 172.67.206.50, located in United States and belongs to CLOUDFLARENET, US. The main domain is dist.addon-continue.com.
TLS certificate: Issued by GTS CA 1P5 on March 15th 2024. Valid for: 3 months.
This is the only time dist.addon-continue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 86.107.197.134 202448 (MVPS www....)
1 1 2604:9a00:201... 30633 (LEASEWEB-...)
1 1 2600:1f18:66d... 14618 (AMAZON-AES)
2 3 172.67.153.238 13335 (CLOUDFLAR...)
1 1 34.90.20.163 396982 (GOOGLE-CL...)
1 1 52.58.28.63 16509 (AMAZON-02)
17 172.67.206.50 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
21 5
1    86.107.197.134 (Dronten, Netherlands)

ASN202448 (MVPS www.mvps.net, CY)
PTR: ip-86-107-197-134-99752.vps.hosted-by-mvps.net
mail.ubertron.ch
1    2604:9a00:2010:a03a:5:: (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
fgxxd.rdtk.io
1    2600:1f18:66d3:cb20:25a6:4624:a302:e49e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
quickload-fast.com
3    172.67.153.238 (United States)

ASN13335 (CLOUDFLARENET, US)
adspredictiv.com
1    34.90.20.163 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 163.20.90.34.bc.googleusercontent.com
tracking.trackingshub.com
1    52.58.28.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-63.eu-central-1.compute.amazonaws.com
excellingvista.com
17    172.67.206.50 (United States)

ASN13335 (CLOUDFLARENET, US)
dist.addon-continue.com
1    2607:f8b0:4006:81c::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
17 addon-continue.com
dist.addon-continue.com
307 KB
3 adspredictiv.com
adspredictiv.com
5 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
259 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
89 KB
1 excellingvista.com
excellingvista.com — Cisco Umbrella Rank: 308906
455 B
1 trackingshub.com
tracking.trackingshub.com — Cisco Umbrella Rank: 285149
351 B
1 quickload-fast.com
quickload-fast.com
3 KB
1 rdtk.io
fgxxd.rdtk.io
870 B
1 ubertron.ch
mail.ubertron.ch
106 B
21 9
Domain Requested by
17 dist.addon-continue.com adspredictiv.com
dist.addon-continue.com
3 adspredictiv.com 2 redirects
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com dist.addon-continue.com
1 excellingvista.com 1 redirects dist.addon-continue.com
1 tracking.trackingshub.com 1 redirects
1 quickload-fast.com 1 redirects
1 fgxxd.rdtk.io 1 redirects
1 mail.ubertron.ch 1 redirects
21 9

This site contains no links.

Subject Issuer Validity Valid
adspredictiv.com
GTS CA 1P5		 2024-02-28 -
2024-05-28		 3 months crt.sh
addon-continue.com
GTS CA 1P5		 2024-03-15 -
2024-06-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Frame ID: C1987A0DE211104E200ADA83967CBB6A
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Primary AdBlock

Page URL History Show full URLs

  1. https://mail.ubertron.ch/ HTTP 302
    https://fgxxd.rdtk.io/658c93036bd83c0001376591 HTTP 302
    https://quickload-fast.com/C67dOHrvTC HTTP 302
    https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=d3f6761b5cba4d32b23c48e36189837b20999&su... Page URL
  2. https://adspredictiv.com/jump/next.php?stamat=m%257CKy4jJit2aQdH8AH0dEdHP3xP.69d%252C7H0PozvLiGV-YkDx... HTTP 302
    https://adspredictiv.com/script/i.php?t=1&c=23735514&stamat=m%257C%252C%252CwiN24jPmoGU3BJ-GH0dEdHP3x... HTTP 302
    https://tracking.trackingshub.com/click?pid=6&offer_id=2435274&sub1=171256439210000TUSTV46462152444Va99&sub2=6... HTTP 302
    https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=6613a8a9e2e9d800011a8273&source=6_... HTTP 307
    https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&f... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

95 %
HTTPS

44 %
IPv6

9
Domains

9
Subdomains

5
IPs

3
Countries

399 kB
Transfer

1095 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mail.ubertron.ch/ HTTP 302
    https://fgxxd.rdtk.io/658c93036bd83c0001376591 HTTP 302
    https://quickload-fast.com/C67dOHrvTC HTTP 302
    https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=d3f6761b5cba4d32b23c48e36189837b20999&sub1=226864&sub2= Page URL
  2. https://adspredictiv.com/jump/next.php?stamat=m%257CKy4jJit2aQdH8AH0dEdHP3xP.69d%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRrkDU6Vf_brgPGIb9K4zVGlOR-RNGrlruQdOQWV1wcL_NPYkpMaFzO7t0kax1VixoIHpSdH4d7GRIo2uyoFHmia&cbpage=https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=d3f6761b5cba4d32b23c48e36189837b20999&sub1=226864&sub2=&cbur=0.7495037454036639&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1113&cbdescription=&cbkeywords=&cbref= HTTP 302
    https://adspredictiv.com/script/i.php?t=1&c=23735514&stamat=m%257C%252C%252CwiN24jPmoGU3BJ-GH0dEdHP3xP.193%252Cg8UdN4EznouB4VaI2WvvXCrV47bt_1JYmYcCJ2bvdmCgXa70UFgqYoLd6QLKNmY-QmXC9KEftLY6hYbhfu9N6QiZjIpjhk4ZkRkpV8UCfBEH9Is_4xmIk1i7Uk3ZLiF8QTmwJAY3EZJHfsXdDfGcuwKazgKhbiTCf97uiJ9DmMSPtdK3goGPc1-hQxlb8TJoQZc_ALRC4JcJO346le9xWPOnaMbZTsocWK1CIDEz_P-Cj_iei3rCL1mlq4O2jorA7pSkttdzSnZlM_Wtpuc3c9kjL3NTRE8pUzW-juQmJlj-hH-lwBYgSMf5D2K14wnGdFtsvhvDFLo5ptFLPFQ_1DM7kPjoSIZMdnvdk1f63YHmHz0wtOnORpylLZsLSqXzOTraNXuk2NcoyYpyC15sxkm1hhPuE83tubEWxjGZ3z584MZzC3qZ1tOJFRr3tV42Lyw1mqz_zi2RdJTUvs9rYvIEMJhtZwVkN1jcrKp3rsW8vpkFPTJzUy375BBwAsJMSDPQVK_np13V4fwA0UZHwsqqhO2G3uR0gHbLo4Ac-4P4lWBU6qA-YOhun4HYnHAfHY-wKeCPk759yEZgmNA1kytnFw13NKC4HaZtf1PB5_CkAWchbovay59YyFA8oht8-MxNejEsrFIIiQkllECn-w%252C%252C HTTP 302
    https://tracking.trackingshub.com/click?pid=6&offer_id=2435274&sub1=171256439210000TUSTV46462152444Va99&sub2=6536598-1946262134-0 HTTP 302
    https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=6613a8a9e2e9d800011a8273&source=6_6536598-1946262134-0 HTTP 307
    https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://mail.ubertron.ch/ HTTP 302
  • https://fgxxd.rdtk.io/658c93036bd83c0001376591 HTTP 302
  • https://quickload-fast.com/C67dOHrvTC HTTP 302
  • https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=d3f6761b5cba4d32b23c48e36189837b20999&sub1=226864&sub2=

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
next.php
adspredictiv.com/jump/
Redirect Chain
  • https://mail.ubertron.ch/
  • https://fgxxd.rdtk.io/658c93036bd83c0001376591
  • https://quickload-fast.com/C67dOHrvTC
  • https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=d3f6761b5cba4d32b23c48e36189837b20999&sub1=226864&sub2=
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=d3f6761b5cba4d32b23c48e36189837b20999&sub1=226864&sub2=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.153.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8710d5ba4ee28dfa-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 08 Apr 2024 08:19:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7m%2BR2v61iGr9tJqhjFMojFR%2Br3XncGVGIx%2F5sDwT5V1Z8qMiS1XXnU%2BaGTMY8vMgaBnVGoQyGFvFO9mwicgmRBSN5WPxxSkyq%2F4WrMvypb6u0Vvnq%2BQxUWQDdvmn1aJgGUQV"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
content-language
en-US
content-type
text/html;charset=ISO-8859-1
date
Mon, 08 Apr 2024 08:19:51 GMT
location
https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=d3f6761b5cba4d32b23c48e36189837b20999&sub1=226864&sub2=
server
nginx
Primary Request /
dist.addon-continue.com/
Redirect Chain
  • https://adspredictiv.com/jump/next.php?stamat=m%257CKy4jJit2aQdH8AH0dEdHP3xP.69d%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRrkDU6Vf_brgPGIb9K4zVGlOR-RNGrlruQdOQWV1wcL_NPYkpMaFzO7t0kax1VixoIHpSdH...
  • https://adspredictiv.com/script/i.php?t=1&c=23735514&stamat=m%257C%252C%252CwiN24jPmoGU3BJ-GH0dEdHP3xP.193%252Cg8UdN4EznouB4VaI2WvvXCrV47bt_1JYmYcCJ2bvdmCgXa70UFgqYoLd6QLKNmY-QmXC9KEftLY6hYbhfu9N6Q...
  • https://tracking.trackingshub.com/click?pid=6&offer_id=2435274&sub1=171256439210000TUSTV46462152444Va99&sub2=6536598-1946262134-0
  • https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=6613a8a9e2e9d800011a8273&source=6_6536598-1946262134-0
  • https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Requested by
Host: adspredictiv.com
URL: https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=d3f6761b5cba4d32b23c48e36189837b20999&sub1=226864&sub2=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
a9d77ba4ce568c0d51d75cd99aef9a45c5f56198b8d98a5a8e5f64a4a1281bd6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=d3f6761b5cba4d32b23c48e36189837b20999&sub1=226864&sub2=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8710d5c4cf67a57b-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 08 Apr 2024 08:19:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sUZq565g8pXotYrXeILwMQ4Ok%2FcRTp3vWytslIR45AOgIZm%2BA0p1trsHZSTVv6i1MwnUKk%2Fo3lNT2YA7Bql7LDhiS1XVqL5wP7I14VuuGfEP7PArZ%2F0bNv%2FeLj5L0KvgqF5Aq8Ima3fihQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Next.js

Redirect headers

content-length
0
date
Mon, 08 Apr 2024 08:19:53 GMT
location
https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
server
Caddy
x-request-id
c7065df0-20bc-450b-beac-22bf1e86283b
js
www.googletagmanager.com/gtag/ 		252 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Requested by
Host: dist.addon-continue.com
URL: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
757faa3df20bd24da5c38dfbd497a9a652cb4fc4b162bc7d07357f53e20ea890
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90327
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 08 Apr 2024 08:19:54 GMT
9d92a176c9608aa4.css
dist.addon-continue.com/_next/static/css/ 		102 B
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dist.addon-continue.com/_next/static/css/9d92a176c9608aa4.css
Requested by
Host: dist.addon-continue.com
URL: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3312
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:49:03 GMT
server
cloudflare
etag
W/"66-18ebac03847"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n0%2BDbtw4%2BK8ankjgEpPUdyERUQP7uV66Yxd3yIS00lItDqWRzqE4K%2BwSjb8qfseWkMANy%2BI7tYg%2BeuTUS7B2sO6j25YcQxAHuFwM2qiRL07nUm4%2BRqofZo5c7t9Ngu6xYFddjZXb74QeOg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8710d5c7f899a57b-MIA
ebb1c9e41e8a25fa.css
dist.addon-continue.com/_next/static/css/ 		53 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dist.addon-continue.com/_next/static/css/ebb1c9e41e8a25fa.css
Requested by
Host: dist.addon-continue.com
URL: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25acd4abdf87bd44a41871bcf2339bbaf86cbdcffa931529d38a96b5ae5f59ed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3312
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:49:03 GMT
server
cloudflare
etag
W/"d52e-18ebac03847"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fdLNdUL6XihbNV0A1fhODQqgJi3d%2FehBeBWsMZ6yANbzoasWzpGos6MgLOVTz2aOp%2BvPkmPowm9CZkUJ8yP3pJj12a4kKte502j5W4QDEUNvlp0X32FsdZUDwa0GoJypqNe99RSXD4vDwA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8710d5c7f89aa57b-MIA
eae8a8cf4963b90e.css
dist.addon-continue.com/_next/static/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dist.addon-continue.com/_next/static/css/eae8a8cf4963b90e.css
Requested by
Host: dist.addon-continue.com
URL: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f2aa27ac07bb9a560590184ddc577ed95a31c6f84455024587c3c8f94938284
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3312
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:49:03 GMT
server
cloudflare
etag
W/"c92-18ebac03847"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A9urI%2Fozh5RcDPDqPTW8cv41HK%2F0v7MWnf0Fvp4bzS%2BPE2OIn5%2FuZTidZavn%2B5MhDzTIebsvJT8QZ%2FK1qnkZlPAbKPmwXSfBY%2BgCiT6aIfeIGJw9aRQrQkFfLpC2r495gM%2BPAA60Ns4HZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8710d5c7f89ba57b-MIA
928-e4c7df5ef9f3dd1f.js
dist.addon-continue.com/_next/static/chunks/ 		96 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.addon-continue.com/_next/static/chunks/928-e4c7df5ef9f3dd1f.js
Requested by
Host: dist.addon-continue.com
URL: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1361af56d814402a14433af85b84a0f2e1015a216f86a4e5cf093c407c9cfff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3354
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:49:03 GMT
server
cloudflare
etag
W/"17f14-18ebac0384f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ddBAa59tuTxIAeKmPpsNU91GSWmi5cT9Rn8wVqvFP%2BDfHueN%2BtYzoWxu5MjmTkOU0lb4ax5YCL8HpuHrTAgja5syTp9pWOPd8%2B3p6fDKnKfwH%2ByIgNqr5rdtqBoFtpWQ4myYj%2F5G%2BrT7w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8710d5c858d2a57b-MIA
166.a64669721497f78d.js
dist.addon-continue.com/_next/static/chunks/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.addon-continue.com/_next/static/chunks/166.a64669721497f78d.js
Requested by
Host: dist.addon-continue.com
URL: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a15a3e0bb770295d5e83783216d58b5378e71a0175579c9d0bb4ec49600c6a1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3354
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:49:03 GMT
server
cloudflare
etag
W/"4007-18ebac0384f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g8l0fjkNShjg99X5%2Fu4vBJwYt6hffLmtRke8fIXOnNfTwjuRllFIrIDeRmqvzAk%2Bwn2oP5jRRZfi%2Bw1Pv06Hz7NBxM0ITsgmpu7KxTO3afwz8iSOqAVVr2yD4W4ZekLrM5fnhMJMrHLT8w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8710d5c858d4a57b-MIA
983.1fb50b07348f4592.js
dist.addon-continue.com/_next/static/chunks/ 		150 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.addon-continue.com/_next/static/chunks/983.1fb50b07348f4592.js
Requested by
Host: dist.addon-continue.com
URL: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32973cc46e72f487fc1a1240d507dde16f6da428bf862f98eb1e98b9c0160cc6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3311
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:49:03 GMT
server
cloudflare
etag
W/"258d4-18ebac0384b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PzinHsRZMmy2p6iIQdhh3W6fS1dHjzc6w4UdX5P8l%2BVhOnG18p4lnOabs2HwnSUHZa4KJqn4fh9mmbXFSGjUSXgf53lR%2FztuGdaZQHxXgBtl9Fj1c%2F2S7X2HE%2B%2FHksW4X7T%2ByOlc93EhmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8710d5c858d5a57b-MIA
webpack-3adba788bcc5557a.js
dist.addon-continue.com/_next/static/chunks/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.addon-continue.com/_next/static/chunks/webpack-3adba788bcc5557a.js
Requested by
Host: dist.addon-continue.com
URL: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3478f1fc1abb18881d874ddb51d45cc038044488349e973e27960da22fb7e066
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3354
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:49:03 GMT
server
cloudflare
etag
W/"231c-18ebac0384f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PaMJ3%2Fj%2F%2FBA4vAl6xKRy4qJieNkO9e2hw6Rqog2fby7F0Oxux6N3JCJnMyj8kJXx27gukBxdd5H%2FGb7MykQBCL%2Fz9BFolvBJSUali0F4ilnEEopU8nwu0pndBdWj3iJL%2BHhJBkiuxhovNg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8710d5c858d6a57b-MIA
framework-cd1a3b9417e48a3d.js
dist.addon-continue.com/_next/static/chunks/ 		231 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.addon-continue.com/_next/static/chunks/framework-cd1a3b9417e48a3d.js
Requested by
Host: dist.addon-continue.com
URL: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19367050a7eb866556d5c7e82cc076e1971122084ecfda249512f7dbe3aa551f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3354
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:49:03 GMT
server
cloudflare
etag
W/"39b0c-18ebac0384f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yYWAjK3GaH35PXQ5gdMTkMFc0rHHwKKRzkgVc0DFSwMbgQ%2FOlgVlv0xVtbjw9rgVrfCUSr8RxuAoJr%2Bl%2BFFCMMdMY5KaCwcsk6YONifSEtYS0MLOuBYRvxBc5jlGyxJvjCXb%2BFZWgIw8FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8710d5c858d7a57b-MIA
main-827d11337fa3eeef.js
dist.addon-continue.com/_next/static/chunks/ 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.addon-continue.com/_next/static/chunks/main-827d11337fa3eeef.js
Requested by
Host: dist.addon-continue.com
URL: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd793ca16b2c618bb775ada27dc17b43d581e9e15076ad09746da8ca68a92f50
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3354
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:49:03 GMT
server
cloudflare
etag
W/"21d2d-18ebac0384b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTi%2F50GloVJvdRIqzBuWVzApDkbIx%2B%2FXnjs7r1ba%2BQXo%2B0ptLeCLOyGaT5n1MjcQE7a%2FYguJE2LvfuZ1wUQ0c3zQuS0hes%2FgEcMA9hkVdRn3IyZvaWJ6aKKXAtopBsheCcOTGlEjBDN8BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8710d5c858d8a57b-MIA
_app-ca6426aff72c01da.js
dist.addon-continue.com/_next/static/chunks/pages/ 		79 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.addon-continue.com/_next/static/chunks/pages/_app-ca6426aff72c01da.js
Requested by
Host: dist.addon-continue.com
URL: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3d555df754343a4450c0ea8509e1ca6e7e55290f3f320206395a587884de8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3354
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:49:03 GMT
server
cloudflare
etag
W/"13c4c-18ebac0384f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OhaTEPliJwKjuvSVAnUYqtZeBkgxMdFOGg9%2B6YRk%2BW3YA70oH9qmIKsUnXbUMnYQrUQOtjEOyLZzX5c5%2BqqablgT5DrAxZjsHmflG4A0tvfbSjBAuDs27pArcqf56ZMOPUqAKthqkpB1Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8710d5c858d9a57b-MIA
index-79063694a6360469.js
dist.addon-continue.com/_next/static/chunks/pages/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.addon-continue.com/_next/static/chunks/pages/index-79063694a6360469.js
Requested by
Host: dist.addon-continue.com
URL: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c67230678116cd030deedcca846c32604690019f9b17d29fd3c9a9467fc1f545
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3354
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:49:03 GMT
server
cloudflare
etag
W/"4b44-18ebac0384f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O6Rrzs3GDLjp8riyFavI9RF13oiJX%2B2GmcrbLMI%2Bu%2B2jxIoNBm0pO%2F2Ctjjol783tKANmDXnEOyUjsnDTHxdMiczJNd72KhYYFpVuoh%2BwOXKiN18GcNyNAYF6kC3koJAeQ%2Bh4cZpGZtuEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8710d5c858dba57b-MIA
_buildManifest.js
dist.addon-continue.com/_next/static/topETuMiq1PSIM5fYEZLt/ 		1 KB
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.addon-continue.com/_next/static/topETuMiq1PSIM5fYEZLt/_buildManifest.js
Requested by
Host: dist.addon-continue.com
URL: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
700049da35d40218619f3cb5d96ff315f756095f3069af2fc3c4f503f86a8430
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3353
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:49:03 GMT
server
cloudflare
etag
W/"407-18ebac03847"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dmeuOybynj9qeMgi5PHdHy1ooVSa4Zi%2BQ8TyP1Jtgj7pDanD6XY1af4CPGD35HLhIucfeuZXw5oRCqqjW6RylKiFbMSvRvRxsaq0Z8o4RJh9uJprgJcRdzudldi7pa%2BZHJZv75Mt7%2F8m5g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8710d5c858dda57b-MIA
_ssgManifest.js
dist.addon-continue.com/_next/static/topETuMiq1PSIM5fYEZLt/ 		77 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dist.addon-continue.com/_next/static/topETuMiq1PSIM5fYEZLt/_ssgManifest.js
Requested by
Host: dist.addon-continue.com
URL: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3353
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:49:03 GMT
server
cloudflare
etag
W/"4d-18ebac03847"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FbwSPEcJQxAYES5JzPPrQzQwpZWvtkKXvjMF5XHATRZzRWeKPLbe1dWmHpRD1%2FalHzOKEfpMkVJTINSKYW%2BETAdCzsUFSquPWuyY7qJGnuj0MWrkNLZEkapqTr8N4hnZC53MrRkH9p81Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
8710d5c858dea57b-MIA
icon.svg
dist.addon-continue.com/images/promo-images/salmon/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dist.addon-continue.com/images/promo-images/salmon/icon.svg
Requested by
Host: dist.addon-continue.com
URL: https://dist.addon-continue.com/_next/static/css/eae8a8cf4963b90e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/_next/static/css/eae8a8cf4963b90e.css
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:48:48 GMT
server
cloudflare
etag
W/"c75-18ebabffe33"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7LDaWRSVNPOt%2FzFA3227JCKw1nQjg%2BWIAGORwoIUIJAQ0UomnfgLXbdY1MqCR9urCydiDHnZF3OS7UUftSCNeVL%2B%2B0xHW4qQo2VQxhdpSG3b4V%2F8E3x9cYg3GLqiiqmRLOz3YayDrlcQRw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8710d5c888f0a57b-MIA
available-in-chrome.svg
dist.addon-continue.com/images/browser-icons/ 		21 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dist.addon-continue.com/images/browser-icons/available-in-chrome.svg
Requested by
Host: dist.addon-continue.com
URL: https://dist.addon-continue.com/_next/static/css/ebb1c9e41e8a25fa.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/_next/static/css/ebb1c9e41e8a25fa.css
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:48:48 GMT
server
cloudflare
etag
W/"5287-18ebabffe03"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2qiL9tMc9PIJsNbODOHBEEllF8xH3%2FmZoHkbQzBvKzqMGZhUKia1Nw%2FttTNtjrJ%2BjmigTONSUmaqUaiVlbMMzaVlBFuKlzE1%2BhQuGcRUJf3UcrYGMpDZJnpXP2Srlr20iE0yHdrvBTNsdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8710d5c888f1a57b-MIA
click
excellingvista.com/ 		0
0
collect
www.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-D9B6K7HFTW&gtm=45je4430v9138996702za200&_p=1712564394250&gcd=13l3l3l3l1&npa=0&dma=0&cid=296672099.1712564395&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712564394&sct=1&seg=0&dl=https%3A%2F%2Fdist.addon-continue.com%2F%3Fextension%3Dprimary_adb%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dexcellingvista.com%26flow%3Dbinom%26campaignId%3D10659%26trafficsource%3D29%26src%3D6_6536598-1946262134-0%26cid%3Dco9qhab2r96s73br8p70%26lpkey%3D171255daff9eefa7a5b82ca7edcdaccf29ee164693%26isV2%3Dtrue&dt=Primary%20AdBlock&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2430
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 08 Apr 2024 08:19:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dist.addon-continue.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
dist.addon-continue.com/images/extension-icons/primary-adblock/ 		15 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dist.addon-continue.com/images/extension-icons/primary-adblock/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dc86bcb63b4c5f30ab4a584acceca2f83aa7da547791e47e87e28f21f6675f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:19:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 07 Apr 2024 22:48:48 GMT
server
cloudflare
etag
W/"3c2e-18ebabffe13"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/x-icon
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yYJzQwHweIP4IxsB4t88blLZs4W%2BtQVT7LhDOsf%2Fk6HfrpEcsw7W2LxJo%2F2pfjeBTaCv0MRhtb5zdaiOxvvUZYHn99LBooyKqCzpBPEueq9unwZb4gVs0E%2FGkafII9etzH4HDZJFfdKMSw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
8710d5caf9ffa57b-MIA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
excellingvista.com
URL
https://excellingvista.com/click?upd_clickid=co9qhab2r96s73br8p70&add_event6=1

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| a38b function| a38a object| webpackChunk_N_E function| a14b function| a14a function| a37b function| a37a function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| a1b function| a1a function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| google_tag_manager object| google_tag_data object| gaGlobal

30 Cookies

Domain/Path Name / Value
.fgxxd.rdtk.io/ Name: redcmps
Value: W3siaWQiOiI2NThjOTMwMzZiZDgzYzAwMDEzNzY1OTEiLCJ0IjoiMjAyNC0wNC0wOFQwODoxOTo1MS42NDgwMDE1NzdaIn1d
.fgxxd.rdtk.io/ Name: redhash
Value: NjYxM2E4YTc3M2ZhZTkwMDAxYTMyZDg4fDB8NjU4YzkzMDM2YmQ4M2MwMDAxMzc2NTkxfHxkOWQ2NTFjOC1jMjgyLTQ4NzctOGRiNi1lMTE1ZTZkMjU2MTV8MTcxMjU2NDM5MQ==
.quickload-fast.com/ Name: gdm_sid_v1_3_001
Value: 0OZAL79f4ece1DBaSM3HanzmBFQ6FeCTU96ZlrTXAm4I7ws2n86Z2AItf/dhOrc/jdThXME7p2NQuFRfB7g6qiZw3kjP2uJD15JlQMGogA7Z5KQISMRyw/Kr3GMysvqn0pqylg3ZMgFRdryuAm1ziVWr9gmW02lxRrWYJx2t4LYv4Ca5MZ4wAHfO1NtkGRUIiIOKYLB91F+0Vf6XNBYVLyVbfyAdQDJ3rFaEgGEMrnhFcJH/7G8fNlYx0imWIsyM0F3KSd0klo3ICf7/13dZ0YfPhkI2o2lm7VTdD+NIhsNCfLYAUWabCCOMZJOP7+RNcq1F2XgW7cZTzRC5HLPyR6HhFriBjKOtyDrwTiwUJguU4B6A9g6XioJHFCB3PVx5DmZ6m01aRdS5vPLq3yV4RDNtmPRZ0+mntd91RDLH491yH13Zd+R/u6S9qKDI2kfP9ogktOfyF4vlse/KvSuptc//6AI3J3v1HxQl8dOGOZBC907uBbdXUBC2n6NVnQ5wNEcFNUtbGzXJtBhJiJuvQDzv6rEFD9P1gA/3emUAXJ3e6nvEXePkEkgZu9MQZe6gMJk4LDaQdbSQupAa3rU88DQsOW6Px6J6DD6k76lS2zsezpquo6wgRlqULWWoRsyAvXdJaSPRu6sfZQ8cXCr4YaESNAZifWiX9rRKkblNbe6rjRvTAuUZAu+NpBOCerecWgaKiY6WXNqPmr56OLS3fP7OvGfmMz72yWOG5DiXDq6gUkqWqffhTSdbUVXOnaKIx5gJ001q2/E3aMp7D3PslJ6HUGF+hYgrUbPQrOeSJ4owSxfWp1sl6QgW+WbnqK4zqtw8NF33NO20ZbMiYDRZhiS0VbpiuNd6q973/QET1nVGiHI5wUiizPFoIZpoQ5qQSHbMHv+Vf59+6LuTE9HzN5zkOgT9x7M4L78PFuWUcr2lqOigsnBMx29pS5DVcnR9IQyX9y3WmSQ/5M/bUgsEhfO8EZZP113yLP5w4dHVLcYVcN0xP2veiT9QI7/i3sFdxB8rvwNU9vFvPK67euaM3Bxh53tyW3UZ90Jz3o82ypT9VK3SjdPIT2fc9SCgsnAz
.quickload-fast.com/ Name: gdm_click_freq_v1_1_001
Value: TT/b6UxEBqPrYpvCwDMn62Ce49bS6eOm3JIVidORj+PicAxzyiSODKsrzGbmZFZf
.quickload-fast.com/ Name: gdm_uid_v2_1_001
Value: rS5lAJRFcxSvq9C2BjDoob3wEcAxbrwylPKY8vRH8RTS1/PVF1LHnBeHZ544WttD
.quickload-fast.com/ Name: gdm_click_adv_freq_v1_1_001
Value: WGP2hL1mCj4amHrx09xylyFgDLm2RqdCZ0jTsOGyN+FEY0zKUkdHl5kgP25xTbvU
.quickload-fast.com/ Name: gdm_uid_v1_1_001
Value: rS5lAJRFcxSvq9C2BjDoob3wEcAxbrwylPKY8vRH8RTS1/PVF1LHnBeHZ544WttD
.quickload-fast.com/ Name: gdm_click_adv_freq_v2_1_001
Value: WGP2hL1mCj4amHrx09xylyFgDLm2RqdCZ0jTsOGyN+FEY0zKUkdHl5kgP25xTbvU
.quickload-fast.com/ Name: gdm_sid_v2_3_001
Value: 0OZAL79f4ece1DBaSM3HanzmBFQ6FeCTU96ZlrTXAm4I7ws2n86Z2AItf/dhOrc/jdThXME7p2NQuFRfB7g6qiZw3kjP2uJD15JlQMGogA7Z5KQISMRyw/Kr3GMysvqn0pqylg3ZMgFRdryuAm1ziVWr9gmW02lxRrWYJx2t4LYv4Ca5MZ4wAHfO1NtkGRUIiIOKYLB91F+0Vf6XNBYVLyVbfyAdQDJ3rFaEgGEMrnhFcJH/7G8fNlYx0imWIsyM0F3KSd0klo3ICf7/13dZ0YfPhkI2o2lm7VTdD+NIhsNCfLYAUWabCCOMZJOP7+RNcq1F2XgW7cZTzRC5HLPyR6HhFriBjKOtyDrwTiwUJguU4B6A9g6XioJHFCB3PVx5DmZ6m01aRdS5vPLq3yV4RDNtmPRZ0+mntd91RDLH491yH13Zd+R/u6S9qKDI2kfP9ogktOfyF4vlse/KvSuptc//6AI3J3v1HxQl8dOGOZBC907uBbdXUBC2n6NVnQ5wNEcFNUtbGzXJtBhJiJuvQDzv6rEFD9P1gA/3emUAXJ3e6nvEXePkEkgZu9MQZe6gMJk4LDaQdbSQupAa3rU88DQsOW6Px6J6DD6k76lS2zsezpquo6wgRlqULWWoRsyAvXdJaSPRu6sfZQ8cXCr4YaESNAZifWiX9rRKkblNbe6rjRvTAuUZAu+NpBOCerecWgaKiY6WXNqPmr56OLS3fP7OvGfmMz72yWOG5DiXDq6gUkqWqffhTSdbUVXOnaKIx5gJ001q2/E3aMp7D3PslJ6HUGF+hYgrUbPQrOeSJ4owSxfWp1sl6QgW+WbnqK4zqtw8NF33NO20ZbMiYDRZhiS0VbpiuNd6q973/QET1nVGiHI5wUiizPFoIZpoQ5qQSHbMHv+Vf59+6LuTE9HzN5zkOgT9x7M4L78PFuWUcr2lqOigsnBMx29pS5DVcnR9IQyX9y3WmSQ/5M/bUgsEhfO8EZZP113yLP5w4dHVLcYVcN0xP2veiT9QI7/i3sFdxB8rvwNU9vFvPK67euaM3Bxh53tyW3UZ90Jz3o82ypT9VK3SjdPIT2fc9SCgsnAz
.quickload-fast.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.quickload-fast.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.quickload-fast.com/ Name: gdm_click_freq_v2_1_001
Value: TT/b6UxEBqPrYpvCwDMn62Ce49bS6eOm3JIVidORj+PicAxzyiSODKsrzGbmZFZf
tracking.trackingshub.com/ Name: afclick
Value: 6613a8a9e2e9d800011a8273
tracking.trackingshub.com/ Name: afoffers
Value: {"2435274":1712564393}
excellingvista.com/ Name: uclick
Value: yrzYx1xbP4g137bwbmCYsMJOhO8jwmLuh1LyCTi49VXS9xNkGd0ZOhqJ5Hiuy7dRCKvm0oo=
excellingvista.com/ Name: bcid
Value: co9qhab2r96s73br8p70
excellingvista.com/ Name: cid
Value: co9qhab2r96s73br8p70
.addon-continue.com/ Name: extension
Value: primary_adb
.addon-continue.com/ Name: promo
Value: salmon
.addon-continue.com/ Name: big
Value: none
.addon-continue.com/ Name: clk_domain
Value: excellingvista.com
.addon-continue.com/ Name: flow
Value: binom
.addon-continue.com/ Name: campaignId
Value: 10659
.addon-continue.com/ Name: trafficsource
Value: 29
.addon-continue.com/ Name: src
Value: 6_6536598-1946262134-0
.addon-continue.com/ Name: cid
Value: co9qhab2r96s73br8p70
.addon-continue.com/ Name: lpkey
Value: 171255daff9eefa7a5b82ca7edcdaccf29ee164693
.addon-continue.com/ Name: isV2
Value: true
.addon-continue.com/ Name: _ga_D9B6K7HFTW
Value: GS1.1.1712564394.1.0.1712564394.0.0.0
.addon-continue.com/ Name: _ga
Value: GA1.1.296672099.1712564395

2 Console Messages

Source Level URL
Text
javascript error URL: https://dist.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_6536598-1946262134-0&cid=co9qhab2r96s73br8p70&lpkey=171255daff9eefa7a5b82ca7edcdaccf29ee164693&isV2=true
Message:
Access to XMLHttpRequest at 'https://excellingvista.com/click?upd_clickid=co9qhab2r96s73br8p70&add_event6=1' from origin 'https://dist.addon-continue.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://excellingvista.com/click?upd_clickid=co9qhab2r96s73br8p70&add_event6=1
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adspredictiv.com
dist.addon-continue.com
excellingvista.com
fgxxd.rdtk.io
mail.ubertron.ch
quickload-fast.com
tracking.trackingshub.com
www.google-analytics.com
www.googletagmanager.com
excellingvista.com
172.67.153.238
172.67.206.50
2600:1f18:66d3:cb20:25a6:4624:a302:e49e
2604:9a00:2010:a03a:5::
2607:f8b0:4006:81c::2008
2607:f8b0:4006:823::200e
34.90.20.163
52.58.28.63
86.107.197.134
19367050a7eb866556d5c7e82cc076e1971122084ecfda249512f7dbe3aa551f
25acd4abdf87bd44a41871bcf2339bbaf86cbdcffa931529d38a96b5ae5f59ed
2a15a3e0bb770295d5e83783216d58b5378e71a0175579c9d0bb4ec49600c6a1
2dc86bcb63b4c5f30ab4a584acceca2f83aa7da547791e47e87e28f21f6675f4
32973cc46e72f487fc1a1240d507dde16f6da428bf862f98eb1e98b9c0160cc6
3478f1fc1abb18881d874ddb51d45cc038044488349e973e27960da22fb7e066
3f2aa27ac07bb9a560590184ddc577ed95a31c6f84455024587c3c8f94938284
5a3d555df754343a4450c0ea8509e1ca6e7e55290f3f320206395a587884de8a
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
700049da35d40218619f3cb5d96ff315f756095f3069af2fc3c4f503f86a8430
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
757faa3df20bd24da5c38dfbd497a9a652cb4fc4b162bc7d07357f53e20ea890
9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10
a9d77ba4ce568c0d51d75cd99aef9a45c5f56198b8d98a5a8e5f64a4a1281bd6
c1361af56d814402a14433af85b84a0f2e1015a216f86a4e5cf093c407c9cfff
c67230678116cd030deedcca846c32604690019f9b17d29fd3c9a9467fc1f545
cd793ca16b2c618bb775ada27dc17b43d581e9e15076ad09746da8ca68a92f50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa