ad.download-available.xyz Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://afodreet.net/partitial/5117834/?var=4797137&ab2r=0&prfrev=true&rhd=false&os_version=10.0.0
Effective URL:
https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=1...
Submission: On March 22 via manual (March 22nd 2024, 1:33:05 am UTC) from HU — Scanned from GB

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 62 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ad.download-available.xyz.
TLS certificate: Issued by GTS CA 1P5 on March 4th 2024. Valid for: 3 months.

This is the only time ad.download-available.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
2	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
5	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1 17	172.64.106.29 172.64.106.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
1 1	157.230.52.75 157.230.52.75	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	52.58.28.63 52.58.28.63	16509 (AMAZON-02) (AMAZON-02)
16	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
62	9

3 139.45.197.243 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

afodreet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.64.106.29 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bawelteey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.230.52.75 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

brswntech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.28.63 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-63.eu-central-1.compute.amazonaws.com

datatechdrift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ad.download-available.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	bawelteey.com 1 redirects bawelteey.com	80 KB
16	download-available.xyz ad.download-available.xyz	331 KB
9	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 18471 Failed
5	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 7780	3 KB
3	afodreet.net 1 redirects afodreet.net — Cisco Umbrella Rank: 218653	17 KB
2	datatechone.com datatechone.com — Cisco Umbrella Rank: 19762	930 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1728	261 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	88 KB
1	datatechdrift.com 1 redirects datatechdrift.com — Cisco Umbrella Rank: 508133	449 B
1	brswntech.com 1 redirects brswntech.com — Cisco Umbrella Rank: 458728	242 B
62	10

	Domain	Requested by
17	bawelteey.com	1 redirects bawelteey.com
16	ad.download-available.xyz	ad.download-available.xyz
9	jouteetu.net	bawelteey.com
5	my.rtmark.net	afodreet.net bawelteey.com
3	afodreet.net	1 redirects afodreet.net
2	datatechone.com	afodreet.net bawelteey.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ad.download-available.xyz
1	datatechdrift.com	1 redirects ad.download-available.xyz
1	brswntech.com	1 redirects
62	10

This site contains no links.

Subject Issuer	Validity	Valid
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
bawelteey.com GTS CA 1P5	`2024-01-31` - `2024-04-30`	3 months	crt.sh
jouteetu.net R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
download-available.xyz GTS CA 1P5	`2024-03-04` - `2024-06-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true
Frame ID: 533503A6839EEA5D59221A2CDDAEF08E
Requests: 64 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AdSweeper

Page URL History Show full URLs

http://afodreet.net/partitial/5117834/?var=4797137&ab2r=0&prfrev=true&rhd=false&os_version=10.0.0 Page URL
http://afodreet.net/?z=5117834&syncedCookie=true&rhd=false HTTP 302
https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z... Page URL
https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z... Page URL
https://bawelteey.com/submenu/4662728/?rhd=1&var=5117834&var3=794852749740347480&oaid=8705e7059a02... Page URL
https://bawelteey.com/rhd?z=4662728&syncedCookie=false&rhd=true HTTP 302
https://brswntech.com/click.php?key=wy5qyls9fs70yeuvnv25&visitor_id=794852757193633939&cost=0.0038... HTTP 302
https://datatechdrift.com/click?key=20517ae7e8c59f5c5f24&clickid=6bb35d5ojbghq16f&source=4662728 HTTP 307
https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flo... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

62
Requests

81 %
HTTPS

30 %
IPv6

10
Domains

10
Subdomains

9
IPs

3
Countries

517 kB
Transfer

1388 kB
Size

25
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://afodreet.net/partitial/5117834/?var=4797137&ab2r=0&prfrev=true&rhd=false&os_version=10.0.0 Page URL
http://afodreet.net/?z=5117834&syncedCookie=true&rhd=false HTTP 302
https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0 Page URL
https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0&rdc=2 Page URL
https://bawelteey.com/submenu/4662728/?rhd=1&var=5117834&var3=794852749740347480&oaid=8705e7059a028d9001764ab26dbfcb67&usage_case=push_default Page URL
https://bawelteey.com/rhd?z=4662728&syncedCookie=false&rhd=true HTTP 302
https://brswntech.com/click.php?key=wy5qyls9fs70yeuvnv25&visitor_id=794852757193633939&cost=0.003815&zoneid=4662728&campaignid=7911962&device=desktop&browser=chrome&os=windows&osversion=win10&country=GB&language=en&isp=british%20telecommunications%20plc&user_activity=high HTTP 302
https://datatechdrift.com/click?key=20517ae7e8c59f5c5f24&clickid=6bb35d5ojbghq16f&source=4662728 HTTP 307
https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://afodreet.net/?z=5117834&syncedCookie=true&rhd=false HTTP 302
https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0

62 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
afodreet.net/partitial/5117834/ 33 KB
14 KB 134ms
64ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://afodreet.net/partitial/5117834/?var=4797137&ab2r=0&prfrev=true&rhd=false&os_version=10.0.0

Protocol

HTTP/1.1

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

1e34ee38b3d96df9d733b6a2c9c07fa595af58fc3262b3b721a876b04ba76b3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf8
Date: Fri, 22 Mar 2024 01:33:01 GMT
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Timing-Allow-Origin: * *
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Trace-Id: 1773d9b9f809d73e6621e87095ec2e5e

POST
H/1.1 200
OK sftouch
afodreet.net/ 2 B
875 B 101ms
60ms Ping
text/plain 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://afodreet.net/sftouch?userId=008027164fb745f8e732dd216a26b10e&z=5117834&p_rid=fd3b281a-3257-4ca7-beb8-a0443894c3e6&p_src=sf&branchId=400701&rb=vkm5kYie0RYNmXtrR1GM0vkd8EVgAlXwuThe8i_yYoRDKi7op4pc6zBMQU7oO2392L7At0rwevYmG1ALJ5pjdq3rJKXgx1yZ4WmuLGiQoz2IPegw71yDe4hlQhHams8r_0YgMEVXR9VqvLZL6_XqlHRS7wC9ZuLzf0GMI4cAtK-GTTrSGG-9tt7kDuKZR0Q6Sig8gg21r1FKsxC1MegsfpfTOPYBFaUIr0kK3NWYv3Rw2KrOhAJpNHfThu9qpbjWVkNrEKHpgU_AzpeMDdccRSvYehTEqimRskkN1wE9nosypLaZsRZ608eqoqTEeyv6mln9NA==

Requested by

Host: afodreet.net
URL: http://afodreet.net/partitial/5117834/?var=4797137&ab2r=0&prfrev=true&rhd=false&os_version=10.0.0

Protocol

HTTP/1.1

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://afodreet.net/partitial/5117834/?var=4797137&ab2r=0&prfrev=true&rhd=false&os_version=10.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Fri, 22 Mar 2024 01:33:01 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 2
X-Trace-Id: 887756ebe7db303eaeea4075ab05da53
Pragma: no-cache
Server: nginx
Accept-Ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: http://afodreet.net
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
Expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H/1.1 200
OK add Show response
datatechone.com/log/ 2 B
464 B 273ms
59ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=fd3b281a-3257-4ca7-beb8-a0443894c3e6
Requested by: Host: afodreet.net
URL: http://afodreet.net/partitial/5117834/?var=4797137&ab2r=0&prfrev=true&rhd=false&os_version=10.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: http://afodreet.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 22 Mar 2024 01:33:02 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://afodreet.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 269ms
58ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=008027164fb745f8e732dd216a26b10e&z=5117834&p_rid=fd3b281a-3257-4ca7-beb8-a0443894c3e6&p_src=sf

Requested by

Host: afodreet.net
URL: http://afodreet.net/partitial/5117834/?var=4797137&ab2r=0&prfrev=true&rhd=false&os_version=10.0.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://afodreet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2

200

/ Show response
bawelteey.com/
Redirect Chain

http://afodreet.net/?z=5117834&syncedCookie=true&rhd=false
https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0

42 KB
14 KB

222ms
114ms

Document
text/html

172.64.106.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.106.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 287830ee227f918b7d600e49caafae7bcb54cdf2707e55b23ca52ccac57fe571

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: http://afodreet.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86826e69fe3979ac-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 01:33:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEi8zf8Sc9NY8MRv8NBbtdCp3pAxCGHw3iUZizuJ0UiUwbizdg%2BoqnmzcKIlyl2ybwShxfBJGUEW7EO5V5ZMC%2B7zdnDe45fJjtnDSsFfb0E%2BxHxXh04Rj6p1IiPFOnrG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

Accept-Ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: http://afodreet.net
Access-Control-Max-Age: 86400
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 22 Mar 2024 01:33:02 GMT
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Link: <https://bawelteey.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
Location: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=1
Timing-Allow-Origin: * *
X-Content-Type-Options: nosniff
X-Trace-Id: 375b89642449f3ef21a0563c2d7ec3aa

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 59ms
59ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=8705e7059a028d9001764ab26dbfcb67

Requested by

Host: bawelteey.com
URL: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a26e5663167cf1b88cd977e351b8cae6ad03dae53a76c7d121cde3870f1d8bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bawelteey.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
bawelteey.com/pfe/current/ 35 KB
13 KB 73ms
70ms Script
application/javascript 172.64.106.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.106.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 955a7f7e7a9158b178d2ca39513763b297bbec13f6083c534c099af7876c1c8c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 01:33:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2024 09:50:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fab17e-8def"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CsFVSrZjsFhFujzdeJDaTtl4ba6%2Fay%2B14CwdT5yGoOiDp9G4o%2FEEA2oJGXWG2x95dh4F45NIbHM3V2X1m0D0uLxwg65E3SNWNRef7zb7Z8LKVFHeiuag5lyeIAFz%2FAvu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 86826e6adedc79ac-LHR
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
bawelteey.com/19/4662728/ 3 KB
2 KB 66ms
61ms XHR
application/json 172.64.106.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bawelteey.com/19/4662728/?abt_opts=1&var=5117834&var3=794852749740347480&ymid=&rhd=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.106.29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18a968060f024cad56188c80bfc67ec1d068602ef464e684204da09195b4a031

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 1ecee34181bc6795da9e3574e33f8222
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rTAcpP11mI0zIOrIrRtTrEPIySPgzN1s6uvKpKiCt3nOdjsGl2b71tTfVMmhp9mRM3sOim%2FJzcGOjtUqtQpAfMFTgKBbUOrX0DeMcfw1Y7RImldrW4fEWp11VBc3izKk"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cf-ray: 86826e6afef379ac-LHR
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 / Show response
bawelteey.com/ 2 B
410 B 75ms
70ms XHR
application/json 172.64.106.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0&mprtr=1
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.106.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wvWcGH1h2o8%2FVOTXI8oaF3eWhylhuNVpZyAeqQvOg9qL42w%2BnTA%2FWfpMeT6e%2BJEISiakH9BISqpGrEWE4r%2BgnoJsCg0%2B66c7hcRSJVYxnVy03wgvcMV%2FCfF2rHfJzXpE"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 86826e6afef679ac-LHR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

POST custom
jouteetu.net/ 0
0

GET
H2 200 4662709
bawelteey.com/sw-check-permissions/ 0
958 B 62ms
61ms Other
application/javascript 172.64.106.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bawelteey.com/sw-check-permissions/4662709?var=5117834&ymid=794852749740347480&uhd=1&zoneId=4662709
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.106.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oe0Pv53sQygmNLG85Ix4ReD5wJ3GNnWtAZ2b1KMdB4I6Hvp9GwLCbTtqa7syvQZ0xobEYOjfypymx43090MBGmSf4xW5qi0YtvAzjNpoqBz%2BsZjJ8hTqu8hyi0ugEPop"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 86826e6b6f4479ac-LHR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST custom
jouteetu.net/ 0
0

POST
H3 200 zone
bawelteey.com/ 0
633 B 64ms
63ms Ping
text/plain 172.64.106.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bawelteey.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=bawelteey.com&var=5117834&ymid=794852749740347480&var_3=&var_4=&dsig=&tg=1&sw=3.1.497&trace_id=4bacc84b-205a-4e54-85cd-d59588024c02&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.106.29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-trace-id: 5a323d6e38147be118352dc69b649fd5
date: Fri, 22 Mar 2024 01:33:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SqU8z%2FYuNRr9Db9I%2Bf%2F2%2BLYePDBKqtAnkmoV9HM%2FgCIC%2F3bdcrJj6HBDGMk%2B5JFyLAgHR38OyM8CbipFxDGDGwRvgxwkfn1x4MDy4ADCC8qYcjpEi0eXfrQ%2Fste1ii79"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bawelteey.com
access-control-allow-credentials: true
cf-ray: 86826e6b7a903859-LHR
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

POST custom
jouteetu.net/ 0
0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 59ms
58ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=794852749740347480&var=5117834

Requested by

Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a26e5663167cf1b88cd977e351b8cae6ad03dae53a76c7d121cde3870f1d8bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bawelteey.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST custom
jouteetu.net/ 0
0

GET
H3 200 zone
bawelteey.com/ 796 B
1 KB 59ms
59ms Fetch
application/json 172.64.106.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bawelteey.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=bawelteey.com&var=5117834&ymid=794852749740347480&var_3=&var_4=&dsig=&tg=1&sw=3.1.497&trace_id=4bacc84b-205a-4e54-85cd-d59588024c02&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.106.29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 340f9ebf9a6daab1c3a102415e2ff07a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UAIpM0cWFiVgYGkvyRF6oskG0jqxssSUHxEf1m0gsPQPIA8v%2Fd4uDy9zusEvSvazw1mnn%2FrSzhE9AL%2F5f3Q9gOigf2KylkxUQQlb6dSdhSzoXEK46dIk81SOwf0ZIc2M"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 86826e6b8a9f3859-LHR
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

POST custom
jouteetu.net/ 0
0

GET
H3 200 / Show response
bawelteey.com/ 42 KB
14 KB 99ms
99ms Document
text/html 172.64.106.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0&rdc=2
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.106.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 466aa5bced2fa228559d0aa123e6513860a18fd0e2585bba4894981e39dba4a2

Request headers

Referer: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86826e6beae03859-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 01:33:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=koy5KSsARnhPFBSTjnjHPIXeWoEY5cBpdTbt5W%2BqGxr7G2XSSnL4FGcnjeQsDxuuAccI8NnbZ7WIXrTeUJo%2B5WUs%2BjlYwjoaEPqJuz3l976fCWjvckugvZOpCba6iuGE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST custom
jouteetu.net/ 0
0

GET
H3 200 micro.tag.min.js Show response
bawelteey.com/pfe/current/ 35 KB
13 KB 59ms
59ms Script
application/javascript 172.64.106.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.106.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 955a7f7e7a9158b178d2ca39513763b297bbec13f6083c534c099af7876c1c8c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 01:33:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 20 Mar 2024 09:50:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fab17e-8def"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CKLglvw2Xsz8K58ypcmbYeNLcCXXfU6yisEYOC22I0SL7uPSQlBCqKCvVHizEAZafSLi%2Bjt2nm90nmc6Gpvk82BPbZQbtdhZybRFDOXc6ZjTDXa2Kb9gGIgbmh4A9oYR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 86826e6cab743859-LHR
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 / Show response
bawelteey.com/19/4662728/ 3 KB
2 KB 59ms
59ms XHR
application/json 172.64.106.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bawelteey.com/19/4662728/?abt_opts=1&var=5117834&var3=794852749740347480&ymid=&rhd=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.106.29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a126a26f28d55810057d6c5e1ecf3e6fb792f1109e743f4c7e22c4d8d0c2188

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 05495d555774871331c3c144a99a3353
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CNiUzRuOaQDlNPoPRdK21QIUAVgiIsLxFtCNfDPn%2BIBDioWzhOLJaaNQvnahYX6G4DQTotOnRYyG5LyUNI2XjSVCIrvcWm9%2Bqp3fBtDWgp6ohntYKwLzAWxFPKc6lN5w"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cf-ray: 86826e6cbb773859-LHR
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
bawelteey.com/ 2 B
527 B 63ms
62ms XHR
application/json 172.64.106.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0&rdc=2&mprtr=1
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.106.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XV%2BQ1cjCzql%2FLavdu17wIIcr7YTh1L23tRJoROnoYP2RqNYb%2FQX%2B7UoSEHooe295p8cs4aGRoJ7%2FJ21PLGSqaf%2FU%2Fxgb3N%2BgCy6Sr0jJnfTrToSP3BYJ3P2gCKLdcJ7n"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 86826e6cdb963859-LHR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 59ms
58ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bawelteey.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 4662709
bawelteey.com/sw-check-permissions/ 0
1000 B 69ms
69ms Other
application/javascript 172.64.106.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bawelteey.com/sw-check-permissions/4662709?var=5117834&ymid=794852749740347480&uhd=1&zoneId=4662709
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.106.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wTGZeulvjzyPx1Cc9JnBpcGNurfntoyhOEMnZEgqetIoz%2Ba94Z0igeKBPdhr5wh04j0M%2BB%2F8t6nJSKvF1rCTBRm%2Fc29HZPm9%2FPXUkqd6gfD9PyTT%2FMN6zbPOSY%2Fwj7%2BC"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 86826e6d1bf23859-LHR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 59ms
58ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bawelteey.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 200 zone
bawelteey.com/ 0
588 B 77ms
76ms Ping
text/plain 172.64.106.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bawelteey.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=bawelteey.com&var=5117834&ymid=794852749740347480&var_3=&var_4=&dsig=&tg=1&sw=3.1.497&trace_id=ff717469-89db-4290-99d8-340b21456513&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.106.29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-trace-id: 40a0c3531a33cd4fb2cfec6ccf10e91b
date: Fri, 22 Mar 2024 01:33:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bsmvubOGcy097Oen%2BhpDLNUxKkcjK8Ms3zaiaty%2BI85mIzIC1XnuUbNDBLImr5MepLj7yPekKl%2BZ6w3YTwAZPaEuPpvVgDbO7uN2VItyo51HWBjkmzGQ0vE0RN122URd"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bawelteey.com
access-control-allow-credentials: true
cf-ray: 86826e6d1bf73859-LHR
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 59ms
59ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bawelteey.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 60ms
59ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bawelteey.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 60ms
59ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=794852749740347480&var=5117834

Requested by

Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a26e5663167cf1b88cd977e351b8cae6ad03dae53a76c7d121cde3870f1d8bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bawelteey.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 59ms
58ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bawelteey.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 60ms
60ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bawelteey.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 61ms
60ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bawelteey.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zone Show response
bawelteey.com/ 796 B
1 KB 60ms
59ms Fetch
application/json 172.64.106.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bawelteey.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=bawelteey.com&var=5117834&ymid=794852749740347480&var_3=&var_4=&dsig=&tg=1&sw=3.1.497&trace_id=ff717469-89db-4290-99d8-340b21456513&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.106.29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9557b37bb4044fbd77760358496eeb9e53fb2f290da1ebd3986dd78d54d53363

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:02 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: 9147b6ae5f3ffebe5827a0a11937aa91
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q22uFdx660l3TiDcEMIXgq5xlrTV5KoGJDlRGTGUrrQ4AupRUBt1q%2F%2FfBqAStNPFywi9bihS0xy%2BJkUMdgFUtFEmHmZn71oh8PKl21JqPH6SbuVhvpyZlSSLdIhbn79X"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 86826e6d3c093859-LHR
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

POST
H2 200 custom
jouteetu.net/ 0
0 61ms
59ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bawelteey.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 60ms
59ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/pfe/current/micro.tag.min.js?z=4662709&ymid=794852749740347480&var=5117834&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bawelteey.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 / Show response
bawelteey.com/submenu/4662728/ 34 KB
13 KB 63ms
63ms Document
text/html 172.64.106.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bawelteey.com/submenu/4662728/?rhd=1&var=5117834&var3=794852749740347480&oaid=8705e7059a028d9001764ab26dbfcb67&usage_case=push_default

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.106.29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02d7273f15b6cf62ff0e8801acd9284d07090546aaca1e7dc942ed12933850ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0&rdc=2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 86826e70bf413859-LHR
content-encoding: br
content-type: text/html; charset=utf8
date: Fri, 22 Mar 2024 01:33:03 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8vQlyI44BSjIY270EOO6scLSTDHN%2BTbIsQogwuHvMBmzRQbd0J5SicmcxAREBG%2FKRAGcGAPKTUgLH9LK5%2FCpvTx2SGt6UqgDLE%2BhgORT76Zj157ux43KarLPby75wfL5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-trace-id: 59fe99e1050a2752533ab9ae1e265a7d

POST
H3 200 sftouch
bawelteey.com/ 2 B
753 B 58ms
57ms Ping
text/plain 172.64.106.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bawelteey.com/sftouch?userId=8705e7059a028d9001764ab26dbfcb67&z=4662728&p_rid=98ca3da5-19d7-4c6d-8bd0-b03c0b95f6d9&p_src=sf&branchId=0&rb=I89WFQon3SeO4O85fe9qxJHUnUqr_il3IkHlBhH0gYQGhxOaHr_579BBN4MjvfQZPH5y-NfG1GFFzOLTx8rh1VooziAFV3246tp07-F_-7vaoVdRmv16PbbE1y4ETfErvRTaCmg9HnMSSqdL4RU5RyG6eczfeaMAnBvn3nQZl659ypE_mKFxJghmj3ZwFodHLwtRNn6RALCXLp-LHlTFcQBninPXHfA3VPWvjvWJFWQ9sYZVBMaRDckZdPnGxWt1RAD0QUO8Tl6OzaaF3q-A8zl8mAbpl0R6Jg0QlOmuR3BiAXOBhtwHC5WWufZ4myOhSE-FyEULIqrs0Th416HGTD-BJPagj3wZRjgtufh5o8Et6fv7RhexF4QIjdhoZP2C1O4AERz7ibxvLl6_MMn3Z4zq0_S3eFpZSsSxm-_JQ9DZW--epS9A53PZ9kLpbFMeceIALZd7ufSIYzpSD5OjojWuqSpAWkXNw9ZzGPsyEIP57V0lSffBgn3DVQoSjapVtfC4sq0cv0-LMb4m5nq1_t9jA0e2FJsXfvyuuUhC5FXM49YQfAiIprCiGzmzPEpz

Requested by

Host: bawelteey.com
URL: https://bawelteey.com/submenu/4662728/?rhd=1&var=5117834&var3=794852749740347480&oaid=8705e7059a028d9001764ab26dbfcb67&usage_case=push_default

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.106.29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/submenu/4662728/?rhd=1&var=5117834&var3=794852749740347480&oaid=8705e7059a028d9001764ab26dbfcb67&usage_case=push_default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:03 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2
x-trace-id: 5d2181482289572ba8ab87e6bcd5ddea
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://bawelteey.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M9jQkX6lBPRR0e1sbjhRDuMbcMdzQSsyr9WyoCwJsO0jK03%2BSzkp4EsfE86TXRSlz1mXkmc6Z0t4eKwAS%2Blf4tfRdmfIP4EfDmtoRqg0OveXAQ4BL%2Buk%2BJRcu%2BMKR3b2"}],"group":"cf-nel","max_age":604800}
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cf-ray: 86826e713fa43859-LHR
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 img.gif
my.rtmark.net/ 43 B
504 B 59ms
59ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=8705e7059a028d9001764ab26dbfcb67&z=4662728&p_rid=98ca3da5-19d7-4c6d-8bd0-b03c0b95f6d9&p_src=sf

Requested by

Host: bawelteey.com
URL: https://bawelteey.com/submenu/4662728/?rhd=1&var=5117834&var3=794852749740347480&oaid=8705e7059a028d9001764ab26dbfcb67&usage_case=push_default

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://bawelteey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:03 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://bawelteey.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
466 B 61ms
61ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=98ca3da5-19d7-4c6d-8bd0-b03c0b95f6d9
Requested by: Host: bawelteey.com
URL: https://bawelteey.com/submenu/4662728/?rhd=1&var=5117834&var3=794852749740347480&oaid=8705e7059a028d9001764ab26dbfcb67&usage_case=push_default
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Referer: https://bawelteey.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 22 Mar 2024 01:33:03 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://bawelteey.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

Primary Request / Show response
ad.download-available.xyz/
Redirect Chain

https://bawelteey.com/rhd?z=4662728&syncedCookie=false&rhd=true
https://brswntech.com/click.php?key=wy5qyls9fs70yeuvnv25&visitor_id=794852757193633939&cost=0.003815&zoneid=4662728&campaignid=7911962&device=desktop&browser=chrome&os=windows&osversion=win10&count...
https://datatechdrift.com/click?key=20517ae7e8c59f5c5f24&clickid=6bb35d5ojbghq16f&source=4662728
https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17...

8 KB
5 KB

212ms
92ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

c80651c6e0f0f6f14444cfc97825cade964dd7686098a87bc7a2ca9bc91b01d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://bawelteey.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86826e76bab86100-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 22 Mar 2024 01:33:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EW3M7KfnUuYIpk0lCCurXI6VaCyaXecjeOTTQXVkUKy%2Biwm751UetqZnR%2B8nOEqWEDxXI%2FSHYZZ3rR%2B%2Bzz8N0TTfZMPx328e%2FD%2BLlHgiDT8uJCX1FLoJfe2KIffaa8nPoFuzPss8gLeE5ljq0oFcTdIdzJ13UTxU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Next.js

Redirect headers

content-length: 0
date: Fri, 22 Mar 2024 01:33:04 GMT
location: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true
server: Caddy
x-request-id: c88e5c89-9d67-4501-9bdb-3ebaf13cea74

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
88 KB 179ms
63ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW

Requested by

Host: ad.download-available.xyz
URL: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08c2551887a287097b9e8125c98e065f9877e79ab6f058e1e7312ea5450ee43b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89795
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Mar 2024 01:33:04 GMT

GET
H2 200 9d92a176c9608aa4.css
ad.download-available.xyz/_next/static/css/ 102 B
468 B 54ms
53ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.download-available.xyz/_next/static/css/9d92a176c9608aa4.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 293021
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 17 Mar 2024 22:48:51 GMT
server: cloudflare
etag: W/"66-18e4e9a7e3b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CUheSLXKVhdr6Xzskk8aqdmJF5p5IN3BULUVHCzCm2DDB6Schh3O4W%2Fl78zLrbqEBiHL%2FhVhhj%2FTXBXAAFf7gzr3JvQuxsbG0LU44TmYheRl4anMik4VN3HWs%2BVRbGki6kl6USFDvhjFBmdpmKb9w%2FQOt8hMQC1b"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86826e775b616100-LHR

GET
H2 200 df2d61f3a1484867.css
ad.download-available.xyz/_next/static/css/ 53 KB
28 KB 55ms
54ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.download-available.xyz/_next/static/css/df2d61f3a1484867.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a26e0b290eeaa16de5fe9e753209448a0517295087f074213a7b9b446eb8ae22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9774
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"d526-18e63340fc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wH1muYnvlzfy%2FuCin5lF4%2BUtT%2FJAXZWdc5553VZsSl9JSh%2B%2FZJ5Y%2FifwBJ2YaYr72dp%2Bqqh9JmS9PKSX5bAI7UTwIGbrWIHfDg6JuauaYG03rHqn5vViM9aqtztB6QKzmtNx9d7%2B1llxReqH3uAB8B6B0%2Fs0BIit"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86826e775b626100-LHR

GET
H2 200 1f026a36892be721.css
ad.download-available.xyz/_next/static/css/ 3 KB
1 KB 58ms
57ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.download-available.xyz/_next/static/css/1f026a36892be721.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc09bedf275bd4bed137d95fa9572ee38cd837667fada433a23b7a795ede56ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9770
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"c86-18e63340fc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v8ot6QHWwPEcOlsPR5v%2Fmex1U8D3PWlYJrIBUyu4GgGZRF6qII6egCjIAatWggMtmf8nWeEfk99InjzYgiV9AD5%2BulcJyiNQrNRo25ie8gNSe5ddi5cbbwcS9Jk%2BUQmd%2FxWSmrNajaKkVsAqSQkHY27ZAbDNmxga"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86826e775b636100-LHR

GET
H2 200 928-ca8af82232fa8a34.js Show response
ad.download-available.xyz/_next/static/chunks/ 108 KB
36 KB 57ms
54ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.download-available.xyz/_next/static/chunks/928-ca8af82232fa8a34.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdf8d3e02cc6846a4699197ab835985726562959df8ac0a3a597700a286ab7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9774
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"1af01-18e63340fc8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2z3VEKIzLurvfC0FCWRDXM%2BjxOrkbu4xArcN3mLBEpS3ZAKND0YNehqGZzNmSCvtLE0PL0nrKtnSvaf4kPFvI5YzwHLCChl4%2Bdw36M05RbVm81%2BP2Y5o5neHZ62OmQlJ0SwDy%2F82eZWuX%2FLSxOX%2BUhmdb74f6q6k"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86826e776b696100-LHR

GET
H2 200 166.56db062c8bd73af1.js Show response
ad.download-available.xyz/_next/static/chunks/ 18 KB
7 KB 92ms
89ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.download-available.xyz/_next/static/chunks/166.56db062c8bd73af1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b5fe398e54070d73ca1d7a6a4ac3e621fca00e033c9a262b00b8524e64bb571

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9770
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"4716-18e63340fc8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WgoaUGI84sWx96Q6X3%2BBBBKqcJQwN4Lhoui0gf4i6tvJyfRzV2rmBn4sFICFs%2FquIXzTYKF9jBAZmD%2BFJ0yJTp%2FM8ps7IwvANBkS5WZ1ZloRCFwvymJM%2FXBlyImT%2F56dbt0qhHahXLrj67VLcpiiqD0n%2BHDxltCJ"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86826e776b6c6100-LHR

GET
H2 200 983.c92c349dc608fd07.js Show response
ad.download-available.xyz/_next/static/chunks/ 151 KB
37 KB 93ms
90ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.download-available.xyz/_next/static/chunks/983.c92c349dc608fd07.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc37b7a5de5d53b9f5ae9073e11ec7752a883782f22d149a7f3540e73558c327

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9770
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"25c77-18e63340fc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ia%2FmuNrNZtYdLXQKViKHynoVOyAkT9RJTRmnr7HfDdDBjQUm0fL%2B%2Bbv8edxLqtLYSW6D8aujWnhRWg%2FS4zCdIut4eJlw46h6v4baoATOUp8xTddjBj0XTdKcvWsudg8IEdZAZlsSlYt1siK5xyOBJj5zqNegeT5B"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86826e776b6e6100-LHR

GET
H2 200 webpack-af9b4f31a516f01a.js Show response
ad.download-available.xyz/_next/static/chunks/ 10 KB
5 KB 53ms
51ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.download-available.xyz/_next/static/chunks/webpack-af9b4f31a516f01a.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

539664a49d31c447171cf575c4876d1977a83e04d9ffc6431a8f5184c17e52bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9770
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"26cd-18e63340fc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ho63lA8AcqcavOnvaAtsyZIfZjL79QPvyNxZskS3KYEIIVQJdp28i4FIt%2FDa09UonoDQcFJFSWxLsLWcxX4ABnPHuajpkt5FNKPZ5fw1Y621i0qTUSOhnPvQKkbFizkt4lVENU5N1glAhII7oSQEBhWGEuOX0It7"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86826e776b6f6100-LHR

GET
H2 200 framework-f62b92c55ee7f491.js Show response
ad.download-available.xyz/_next/static/chunks/ 279 KB
98 KB 93ms
91ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.download-available.xyz/_next/static/chunks/framework-f62b92c55ee7f491.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

221140705d21c7a0242d660d851557c5dda6a09fae0a57ce5f63fd2dabcc0cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1653
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"45ad5-18e63340fc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UqyBhzzvgXUNKDhWkBQvAyLSCWqCAxC6cOqiSTyqqVIAsiF3pQYPscIwPFxd7DpGaBOpfdHRA1PkQmfQCJMPja%2Fbz8t%2BvgEAh43oUU019B0wgrfJNtfVqyiJHHhApCt8j6NHTyAkJyqARWFVTmcr4%2FvW%2FQMjQYeK"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86826e776b716100-LHR

GET
H2 200 main-962eb6c260ad2cb8.js Show response
ad.download-available.xyz/_next/static/chunks/ 153 KB
54 KB 92ms
91ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.download-available.xyz/_next/static/chunks/main-962eb6c260ad2cb8.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

067177b7242132eb860632fd9dae1ffd93a29f65617e85fe200d3a9d35fea828

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9769
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"262c5-18e63340fc8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4YMdTqYRdcQ7h3d5vZi1UOMOGmna250fEuYThPHpjbpCyhYg1Px8Q18EPZeQve0Slfdp4P7n%2Bupk5ov2ZoA%2BjX6Ls9IW4tZExDUyn5SylrFYnFm2rW5nxzZMS%2Fd2mdrV5KHpJclTbBC%2FfOi%2FhHKQKKSo1WW1UVl4"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86826e776b726100-LHR

GET
H2 200 _app-a4bcd005effe1516.js Show response
ad.download-available.xyz/_next/static/chunks/pages/ 80 KB
40 KB 91ms
90ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.download-available.xyz/_next/static/chunks/pages/_app-a4bcd005effe1516.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50a9c4facf6c52fe6b5d4f28254ae188b0b404d4691ef71e456c0b3a6f8437d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9769
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"13f18-18e63340fc8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VPeXGBIFrgzw0cqgyAErC5Ye03a6Ts4vFE%2BiT86WiOtvD7ND1vYKC3a5bH%2FrXEJEB9TOMqpDCJTRjcDbgPneLG9AWUFPGy50JqMa7RrVepDyPXzUnXnZFb%2Bm4xishTDyE8VbG5hDh5zAyhxf10shaZMb2%2B2jLtV5"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86826e776b736100-LHR

GET
H2 200 index-0c2ec17af75d4144.js Show response
ad.download-available.xyz/_next/static/chunks/pages/ 21 KB
8 KB 93ms
92ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.download-available.xyz/_next/static/chunks/pages/index-0c2ec17af75d4144.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e54ef3d700fb4dd6457fff72cf8a174d0a8d9e0be6ccf004bcfa4cd249cd04d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9768
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"5339-18e63340fc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3fAKUpzf1PYfojMNccxDNT3LjiIb0Kq%2FT6rigUu2ul0enq4lHveCT%2BGAAorrxrzI37HcVlkoxT1jtdNAwtlqZvU%2FN7K0kxxTbVcmXKDUiqFuXEgC3HxCU5B8%2FIXixwUEzd92Cc6ud0NtNvRkzwBHsM9iMsFkb2HP"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86826e779b926100-LHR

GET
H2 200 _buildManifest.js Show response
ad.download-available.xyz/_next/static/DtNHE6x0Uf-sCycvuGP0T/ 1 KB
841 B 93ms
92ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.download-available.xyz/_next/static/DtNHE6x0Uf-sCycvuGP0T/_buildManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89cd564607262c6cb99a76477cea2a393a96afd86c3529abac4c1e212a16f2dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9768
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"407-18e63340fc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5T8udGvBCbG2vE51AZS9aOdcP%2BApin7x%2F9tMaTCEf5Oefc%2FKNoTYiyUHwzFWSTOfRcoFyQ7eDHTOx2w31m65F3DL0twYWfnf80TjMjpdLtD7ZfLNnFIyTSosyb3tsy%2BgFN%2BzCPypndz6mgiJo463WxU8%2FfUCUJHN"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86826e779b946100-LHR

GET
H2 200 _ssgManifest.js Show response
ad.download-available.xyz/_next/static/DtNHE6x0Uf-sCycvuGP0T/ 77 B
367 B 92ms
91ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.download-available.xyz/_next/static/DtNHE6x0Uf-sCycvuGP0T/_ssgManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9768
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:49:00 GMT
server: cloudflare
etag: W/"4d-18e63340fc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1YxOfY81FLqvjOjuFgcYcjUzFwI1%2BCN9BPbqFaHAT0lq4WKVvpXf2N0vbxBR%2FbngNsodo2%2FBRpHxzdOdjPp8jwsVGk63svCFUoWsA%2Bd2Z0nE5ukxbiYGmfEd2Z8m5XhJAmMIC1bvAKWCWJUN4Hl24rydrGnDyXYv"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86826e779b956100-LHR

GET
H2 200 icon.svg
ad.download-available.xyz/images/promo-images/salmon/ 3 KB
2 KB 119ms
118ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.download-available.xyz/images/promo-images/salmon/icon.svg

Requested by

Host: ad.download-available.xyz
URL: https://ad.download-available.xyz/_next/static/css/1f026a36892be721.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/_next/static/css/1f026a36892be721.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:48:45 GMT
server: cloudflare
etag: W/"c75-18e6333d654"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sHVleohdPYDIjvwWXGy1lPnhJxbLs3tQWzGikKRxaHrjCMdz2uGmOlfQ2203Tt5T6v5wFM0q3ptiR2kyjjDarPIEC2KLLfaWIwaK0BwB4ZmLiiCBha3P9Er%2F71LKSwG6wllVn1q2lXjAmrY%2FZuviiqq32wHqFJZd"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 86826e77cbad6100-LHR

GET
H2 200 available-in-chrome.svg
ad.download-available.xyz/images/browser-icons/ 21 KB
7 KB 119ms
118ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.download-available.xyz/images/browser-icons/available-in-chrome.svg

Requested by

Host: ad.download-available.xyz
URL: https://ad.download-available.xyz/_next/static/css/df2d61f3a1484867.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/_next/static/css/df2d61f3a1484867.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 01:33:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 22:48:45 GMT
server: cloudflare
etag: W/"5287-18e6333d630"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U2rdUOUXin3qS8IeVl7t4l11w0elHYHvMvJkgBWxfgAuJwoXJNSI0aP87wfx9edmsCLLqmYfDpHAGtgZvLhyIAQ6dAe5LBuYFqmhLhcJAQYpt%2FsP2KlFO4OlSCdxNsjaFgOO%2Fncplkq2aiaCrt7ajPkCrjiOCdbv"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 86826e77cbb16100-LHR

GET click
datatechdrift.com/ 0
0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 210ms
96ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D9B6K7HFTW&gtm=45je43k0v9138996702za200&_p=1711071184522&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1369417356.1711071185&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711071184&sct=1&seg=0&dl=https%3A%2F%2Fad.download-available.xyz%2F%3Fextension%3Dad_sweeper%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Ddatatechdrift.com%26flow%3Dbinom%26campaignId%3D10697%26src%3D4662728%26cid%3Dcnudvk32r96s7389bv7g%26trafficsource%3D53%26lpkey%3D17110823d1aa2c4fa604735083cafbab3761b71484%26isV2%3Dtrue&dt=AdSweeper&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1257
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ad.download-available.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 01:33:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ad.download-available.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: jouteetu.net
URL: https://jouteetu.net/custom

Domain: datatechdrift.com
URL: https://datatechdrift.com/click?upd_clickid=cnudvk32r96s7389bv7g&add_event6=1

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
afodreet.net/	1970-01-21 04:03:27	Name: OAID Value: 008027164fb745f8e732dd216a26b10e
afodreet.net/	1970-01-21 04:03:27	Name: oaidts Value: 1711071181
my.rtmark.net/	1970-01-21 04:03:27	Name: ID Value: 008027164fb745f8e732dd216a26b10e
afodreet.net/	1970-01-20 19:27:55	Name: syncedCookie Value: true
bawelteey.com/	1970-01-20 19:27:55	Name: syncedCookie Value: true
bawelteey.com/	1970-01-20 19:17:54	Name: reverse Value: NyeBm4mYS8jYobkZvmyp7bWtz22q3NpP7OHTDHrjms8
bawelteey.com/	1970-01-21 04:03:27	Name: oaidts Value: 1711071183
bawelteey.com/	1970-01-21 04:03:27	Name: OAID Value: 008027164fb745f8e732dd216a26b10e
brswntech.com/	1970-01-20 19:19:17	Name: uclick Value: d5ojbghq
datatechdrift.com/	1970-01-21 04:03:27	Name: uclick Value: yrmLlw0KP941grL1bWCY4hWv+Mb9UZT81m3Ly1yVQSOWJwyC9hxS84FfLUP4HMaVMLOW/LA=
datatechdrift.com/	1970-01-21 04:03:27	Name: bcid Value: cnudvk32r96s7389bv7g
datatechdrift.com/	1970-01-21 04:03:27	Name: cid Value: cnudvk32r96s7389bv7g
.download-available.xyz/	1970-01-21 04:53:51	Name: extension Value: ad_sweeper
.download-available.xyz/	1970-01-21 04:53:51	Name: promo Value: salmon
.download-available.xyz/	1970-01-21 04:53:51	Name: big Value: none
.download-available.xyz/	1970-01-21 04:53:51	Name: clk_domain Value: datatechdrift.com
.download-available.xyz/	1970-01-21 04:53:51	Name: flow Value: binom
.download-available.xyz/	1970-01-21 04:53:51	Name: campaignId Value: 10697
.download-available.xyz/	1970-01-21 04:53:51	Name: src Value: 4662728
.download-available.xyz/	1970-01-21 04:53:51	Name: cid Value: cnudvk32r96s7389bv7g
.download-available.xyz/	1970-01-21 04:53:51	Name: trafficsource Value: 53
.download-available.xyz/	1970-01-21 04:53:51	Name: lpkey Value: 17110823d1aa2c4fa604735083cafbab3761b71484
.download-available.xyz/	1970-01-21 04:53:51	Name: isV2 Value: true
.download-available.xyz/	1970-01-21 04:53:51	Name: _ga Value: GA1.1.1369417356.1711071185
.download-available.xyz/	1970-01-21 04:53:51	Name: _ga_D9B6K7HFTW Value: GS1.1.1711071184.1.0.1711071184.0.0.0

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://afodreet.net/partitial/5117834/?var=4797137&ab2r=0&prfrev=true&rhd=false&os_version=10.0.0(Line 46) Message: getGamepad will now require Secure Context. Please update your application accordingly. For more information see https://github.com/w3c/gamepad/pull/120
other	warning	URL: http://afodreet.net/partitial/5117834/?var=4797137&ab2r=0&prfrev=true&rhd=false&os_version=10.0.0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0&rdc=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bawelteey.com/?s=794852749740347480&ssk=0a918d6fca62aaf8b585d16dc056784c&svar=1711071182&z=5117834&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=Europe/London&bto=0&rdc=2 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bawelteey.com/afu.php?zoneid=4662728&var=4662728&rid=UOc2oKHlKAQMxeQ00KE1Mg%3D%3D&rhd=true&ab2r=0&sf=1&is_mobile=false Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bawelteey.com/afu.php?zoneid=4662728&var=4662728&rid=UOc2oKHlKAQMxeQ00KE1Mg%3D%3D&rhd=true&ab2r=0&sf=1&is_mobile=false Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://ad.download-available.xyz/?extension=ad_sweeper&promo=salmon&big=none&clk_domain=datatechdrift.com&flow=binom&campaignId=10697&src=4662728&cid=cnudvk32r96s7389bv7g&trafficsource=53&lpkey=17110823d1aa2c4fa604735083cafbab3761b71484&isV2=true Message: Access to XMLHttpRequest at 'https://datatechdrift.com/click?upd_clickid=cnudvk32r96s7389bv7g&add_event6=1' from origin 'https://ad.download-available.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://datatechdrift.com/click?upd_clickid=cnudvk32r96s7389bv7g&add_event6=1 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.download-available.xyz
afodreet.net
bawelteey.com
brswntech.com
datatechdrift.com
datatechone.com
jouteetu.net
my.rtmark.net
region1.google-analytics.com
www.googletagmanager.com
datatechdrift.com
jouteetu.net
139.45.195.253
139.45.195.8
139.45.197.243
139.45.197.251
157.230.52.75
172.64.106.29
2001:4860:4802:32::36
2a00:1450:4001:813::2008
2a06:98c1:3120::3
52.58.28.63
02d7273f15b6cf62ff0e8801acd9284d07090546aaca1e7dc942ed12933850ab
067177b7242132eb860632fd9dae1ffd93a29f65617e85fe200d3a9d35fea828
08c2551887a287097b9e8125c98e065f9877e79ab6f058e1e7312ea5450ee43b
18a968060f024cad56188c80bfc67ec1d068602ef464e684204da09195b4a031
1e34ee38b3d96df9d733b6a2c9c07fa595af58fc3262b3b721a876b04ba76b3d
221140705d21c7a0242d660d851557c5dda6a09fae0a57ce5f63fd2dabcc0cfe
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
287830ee227f918b7d600e49caafae7bcb54cdf2707e55b23ca52ccac57fe571
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
466aa5bced2fa228559d0aa123e6513860a18fd0e2585bba4894981e39dba4a2
4a126a26f28d55810057d6c5e1ecf3e6fb792f1109e743f4c7e22c4d8d0c2188
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50a9c4facf6c52fe6b5d4f28254ae188b0b404d4691ef71e456c0b3a6f8437d0
539664a49d31c447171cf575c4876d1977a83e04d9ffc6431a8f5184c17e52bd
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa
89cd564607262c6cb99a76477cea2a393a96afd86c3529abac4c1e212a16f2dd
9557b37bb4044fbd77760358496eeb9e53fb2f290da1ebd3986dd78d54d53363
955a7f7e7a9158b178d2ca39513763b297bbec13f6083c534c099af7876c1c8c
9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10
9b5fe398e54070d73ca1d7a6a4ac3e621fca00e033c9a262b00b8524e64bb571
a26e0b290eeaa16de5fe9e753209448a0517295087f074213a7b9b446eb8ae22
a26e5663167cf1b88cd977e351b8cae6ad03dae53a76c7d121cde3870f1d8bab
c80651c6e0f0f6f14444cfc97825cade964dd7686098a87bc7a2ca9bc91b01d6
cc09bedf275bd4bed137d95fa9572ee38cd837667fada433a23b7a795ede56ff
dc37b7a5de5d53b9f5ae9073e11ec7752a883782f22d149a7f3540e73558c327
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54ef3d700fb4dd6457fff72cf8a174d0a8d9e0be6ccf004bcfa4cd249cd04d9
ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa
fdf8d3e02cc6846a4699197ab835985726562959df8ac0a3a597700a286ab7c0

ad.download-available.xyz Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

81 %HTTPS

30 %IPv6

10 Domains

10 Subdomains

9 IPs

3 Countries

517 kBTransfer

1388 kBSize

25 Cookies

0 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ad.download-available.xyz Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

81 %
HTTPS

30 %
IPv6

10
Domains

10
Subdomains

9
IPs

3
Countries

517 kB
Transfer

1388 kB
Size

25
Cookies

62 HTTP transactions
2 data transactions