onegadsdesign.com Open in urlscan Pro
2606:4700:3030::ac43:d818 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.agoogle.com/
Effective URL:
https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90112640733&sid=364314927&s=0.016168
Submission: On March 12 via manual (March 12th 2023, 10:05:22 pm UTC) from SA — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3030::ac43:d818, located in United States and belongs to CLOUDFLARENET, US. The main domain is onegadsdesign.com.
TLS certificate: Issued by E1 on January 23rd 2023. Valid for: 3 months.

This is the only time onegadsdesign.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	204.188.203.154 204.188.203.154	46844 (SHARKTECH) (SHARKTECH)
2 2	185.82.200.215 185.82.200.215	60117 (HS) (HS)
1 1	78.41.204.32 78.41.204.32	62370 (SNEL) (SNEL)
1 2	192.99.158.241 192.99.158.241	16276 (OVH) (OVH)
1 2	52.116.53.155 52.116.53.155	36351 (SOFTLAYER) (SOFTLAYER)
2	2606:4700:303... 2606:4700:3030::ac43:d818	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.197.244 172.67.197.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:7e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	6

1 204.188.203.154 (Chicago, United States) 1 redirects

ASN46844 (SHARKTECH, US)
PTR: sixsigma4.ssbrmkt.com.br

www.agoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.82.200.215 (Amsterdam, Netherlands) 2 redirects

ASN60117 (HS, AE)

freeredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.41.204.32 (Netherlands) 1 redirects

ASN62370 (SNEL, NL)

googloe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.99.158.241 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ip241.ip-192-99-158.net

btpnative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.116.53.155 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 9b.35.7434.ip4.static.sl-reverse.com

mybettermb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p274639.mybettermb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:d818 (United States)

ASN13335 (CLOUDFLARENET, US)

onegadsdesign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.197.244 (United States)

ASN13335 (CLOUDFLARENET, US)

feed.cn-rtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.cn-rtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:7e4 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	ocmhood.com sdk.ocmhood.com — Cisco Umbrella Rank: 73976 cdn.ocmhood.com — Cisco Umbrella Rank: 23096 t.ocmhood.com — Cisco Umbrella Rank: 10552	14 KB
2	cn-rtb.com feed.cn-rtb.com — Cisco Umbrella Rank: 75089 t.cn-rtb.com — Cisco Umbrella Rank: 84229	866 B
2	onegadsdesign.com onegadsdesign.com	15 KB
2	mybettermb.com 1 redirects mybettermb.com — Cisco Umbrella Rank: 70505 p274639.mybettermb.com	2 KB
2	btpnative.com 1 redirects btpnative.com — Cisco Umbrella Rank: 304513	10 KB
2	freeredir.com 2 redirects freeredir.com	428 B
1	googloe.com 1 redirects googloe.com	604 B
1	agoogle.com 1 redirects www.agoogle.com	198 B
10	8

	Domain	Requested by
2	t.ocmhood.com	sdk.ocmhood.com
2	onegadsdesign.com	p274639.mybettermb.com onegadsdesign.com
2	btpnative.com	1 redirects
2	freeredir.com	2 redirects
1	t.cn-rtb.com	onegadsdesign.com
1	cdn.ocmhood.com	sdk.ocmhood.com
1	sdk.ocmhood.com	onegadsdesign.com
1	feed.cn-rtb.com	onegadsdesign.com
1	p274639.mybettermb.com
1	mybettermb.com	1 redirects
1	googloe.com	1 redirects
1	www.agoogle.com	1 redirects
10	12

This site contains no links.

Subject Issuer	Validity	Valid
*.mybettermb.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-02` - `2023-11-02`	a year	crt.sh
*.onegadsdesign.com E1	`2023-01-23` - `2023-04-23`	3 months	crt.sh
*.cn-rtb.com GTS CA 1P5	`2023-02-22` - `2023-05-23`	3 months	crt.sh
ocmhood.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90112640733&sid=364314927&s=0.016168
Frame ID: 3493544634AEB0672CE480312AA6475A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Click Allow

Page URL History Show full URLs

http://www.agoogle.com/ HTTP 302
http://freeredir.com/trip/agoo HTTP 301
https://freeredir.com/trip/agoo HTTP 302
http://googloe.com/ HTTP 302
http://btpnative.com/click?data=STV4N0tCSnFtOTc0R2ZqdjlHWFk2Sk9NYXdKUE8xM0tuVEZkb043OUJEV00tUHFjR... Page URL
http://btpnative.com/Redirect/ HTTP 302
https://mybettermb.com/aS/feedclick?s=rI7t-hs_SLdE0HI00WdpCubIryAadW7-AKcTJTCK61FgWWAriVrq8qd73pnnD... HTTP 302
https://p274639.mybettermb.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxr_gY8NK0RHfJMWgoUkfJBIb9kd5ITLGg... Page URL
https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90112640733&sid=364314927&s... Page URL

Page Statistics

10
Requests

90 %
HTTPS

25 %
IPv6

8
Domains

12
Subdomains

6
IPs

3
Countries

35 kB
Transfer

69 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.agoogle.com/ HTTP 302
http://freeredir.com/trip/agoo HTTP 301
https://freeredir.com/trip/agoo HTTP 302
http://googloe.com/ HTTP 302
http://btpnative.com/click?data=STV4N0tCSnFtOTc0R2ZqdjlHWFk2Sk9NYXdKUE8xM0tuVEZkb043OUJEV00tUHFjRUJMR3RDU3ZLbzRhekJoa2xUaFJKVUdZQmZuMnVLQTlzREZPbUd0QlhBLUFtb0luYmxoa2JUSHdTdUxob1Zjank0dU52N01LTWJJaUJ1LTN3clBJa2V5NDJJZHpPRUs5aXEyNXdnMg2&id=afe1ca4d-571d-4eb7-8a89-5d9444acf4cb Page URL
http://btpnative.com/Redirect/ HTTP 302
https://mybettermb.com/aS/feedclick?s=rI7t-hs_SLdE0HI00WdpCubIryAadW7-AKcTJTCK61FgWWAriVrq8qd73pnnDH6ohvzYfNFjJsKn06qgcpL4cFiEu4ekA4JUUCyoc950-7JKvxRhlTspZcZTps4EeX4d50KEGVbR9VHB2Os-U9iuzRU_-GUXMnGI-CJs2G8W8FOu-SsjsAAAUy0cO_ZLGN4EW4QlOyYN_xHHpjwEXC7UEDvb5t7KTfx0varIICy8E2tAx37KMpWCWjHvryodGXYaE7_MDZFgWbSmp8iNQmDEBn0INxDfir6wkN9TIftpg5mZp393Tv91kPfbnLMVsPXqa6VxOxM-vWYTOeoXfn7AU-MvBiuyGj5ADvI-FN4Ef1yDjDjG9wiG0KdnbJoRBcsBTkp90NekTRJb_ORnVl9wvD3j_it5Hu5ulyfYpznotDcEFICnWCSVvLBDlbmo2FwERbS9GbYdUCNB6ahroFDUEe3NY87939RBGULFe_MtYCkAqRI-UTB-ajSdH7sGi_X-L6lMyisl1ip_jc4WHtWAEaB9iEtqlcZlyvBcq8SmPNkRHXJqVP3hoYa_eN-IrdRewzk4KwSWrk_59DSLDiMCQ59Ioik4kQCl5RUknu27HzC_55o7xO2oTwF-WgadQB7wgBwOroMay5zMOQBDjdNZsR0z89Bj23qjrNB-laa44Jl7e9OvFqTzzK9cDVhwas3xDFgk49DwqTDgcyF_0JYPg0M-dC1vrH33AXT23UXDAe-HiGzo1HMp6BBLSCg-0BoSG77FFOEoWlJAIQ5AoYHrKn17ZAwl1ag0FWBwR6MasPL-outuQe7kWqFulP-NBD0FbBE8yWpdLK7S0HR_R7YAINM2Dx-pYCLNhXl_hs3QfcB6eS4YWTBznI8nSoj8VZxGhJHEApSDLDVODw3vpLEoa_U66g-bU8Xc8YVBfPFOOhk1V08UE4IB_Hg4_KFishTVWMhq_Hy4aBKZacNuINnxWMKdMYB7y5FluYJ_eiZgCQwtGosP7OGnSbjxT-JENKiHnQBXGT0A6KD53WCmNQQ9-hpUCa8TKI7eowa_A02KbqKCRADTjzKIPjJhZHyu9STUFKXOnY5kvMByiFveJPiZt_JzL-WaBjLAxQA6ivFG_QC2eBcJ7OXcAaBqGnZ38MSRD-WFVzYc_3pHq9LWf9WL6ty7y5gv-XXF6eYnbiR47AcVDeyKPObjk4R3jU9ij-MYyiTNw1kpGmUR2zJ71dSvxjllhQ5Jbl3OrfUVLLH8yYZ2EUALX3yLbNclVFM0NMa7WLIzJjXjKhk7Jn1WWz6vLaCxEwMwQ_jLwWPn-YGvoHhP2ZEYLAy9V6y9bd66eeQ7fu8jj5B7wVwjaSU5A7vcxG0aIKpYw73vKrHOwHWlgmj94jENbJe4rgjq1Kl3GV941FZbpDXsLsayInnjGEHMb2q92t9NmXcvMK-3V6nDbVBY0kBtL4N4YG38LfdSfdooUlNG18jUlK4ShNi3cTDQi_agS_9O7RDa5tpqxWC5r3YWA1dEpU2KYQw2xFQmYkk0qzh-mdaN6-bmwvgmuugpFHRgysGKrRC_YhnNFimvu-ZCq9gDuKsYNQ_hbFezA8oqn-4ePqCCm5ARA-m6ClHwm3Vgn-hwzSeAvSstmz9V1UqH4dfGerrJkn1zwCHvt4juxX0_IX3UTIKspuHTpQr_qKSG7EFdQpGyj79hMaSDS1uonrNVm0nx9xEeEfkjncliX4OWGA60k0uy5q1Ypbz9KsipvrFRz-CffS_jezyKAMVhSEC2gwNV98y4Z69eRp8EiMRFKz1BhuZ3uS1GL-ww55org3kN-aSmWFTFo6E_vWklKTaUF834vN6fc5XhniHH24A2s3ihROmx3r0kw5vubYAhup5Fvyc2qPVznfBY3WbNOgsxSI2gkidcqyj_gLztgOCrL49ROZ6PWd0QJG359Mvj2lEz8jQYgzLe59cDwDF1DsxRF_t71wqPZ351hRuUpgrjh2AY9iuqghlbmC6wrTCoGMLy8BQXzF6N-72V12RXxZNR972ZFeJm6hIr3jj3JSH2abXH2ySbkMJVGcmhApaTCgldo1Ziba_i6R_La-XV32tJCBsR-Ljc5w8Gn-lKPEqZuZHadYuAXpHy0LODpTThE1A-D85WV4PxkcF3cW6Ym3N-Hl7VYixdfAlnkIOv6nqmOmAMdL67s1jPa5OqzpLcGlQ65qade5r4SM45jDCTn7UhrHZQVBstYNjNW0xy5dRdvSXWrD-mCkt9W6gjRliA_ToJ7-TBwP4Tk-NOhRQW5EBdtCHfZs8dMODWLVLdI4XMeTPGCMoYNGy5UdZ36gGE3VR1sHKpLyHMZgjq8h0E-eSogKzdwzdTEtctZbEJMTq5SjGIl7eNt4is1RQ5LGEw6awRVOy4nr-CRGPVFSz_ek3ACOKpA-l5nRVOzpToULHjWJdPekca6KRKg60M9tfi4ceaVQc2jqHuW8VkyFBMMCbT9E9LZF_dKCb-KEP5a8w8FzDQ3ANDEACXzItjlIvw55b7Z9w_liGgwlu3K937o7JC34W4NwOyk9G1FtybK4pMrw142mOjimUdQihvBN_rrMbaIFAbNNcUr0U9DyBTN8YBAU9byJnBZlMxLvqb_xrurEUVyFymd5I1aRgLx2DWPGAeugdXFymS2zSzkH7h8R3jd6QQOEN50_0CqiiqjWGELRWKdTQMpwYxByd6lw8LmLTiWO7EPO628t9aIsSM7Dq_3jT_WT4vJRHT_45YGHwUzUOiWSZ4MERqc-xHHFxNC1E927HtTVPUJlZQJfjIbJYOSXzm4qIjwxky0eLa_fv58kzvM4mM43HctUWGfKT6Ifj6CGUXDd6khgw1xizex3btw87HaAp4fFE_zlx7_Kbc8xtuWKx-wwWZE6djSyaaYTLrjxTYmEM_PXeejrTyWZ0GzSY6ZE7PspS4ce5ITUkW9-kDa38OhSGc3sb_xW8PrdWy4kyggcoApm4RhLbk-4LaUBBuMoJkfNOMf8fWSQuhxC3JtHBo3XDK93EvRFgnfCMfOWd1XH8dLYd0OJHt6X-wyGlUahLp1XMJwfKWHKqlPKGEodNPpVdIjHujmYwnVR8iAGqTsY9D8FpX5xXsnubMcWo-KN5YUP0JdO9_T2ovW4YXP51pGOLgUQ9i21T7UF6KmvoXvr6mIZvuXYRwlL9gfO_gB-2tUF8Gwu_bFKOReE8_Ge6d_krtQfcdwGaM8-sNalukfQH7wPOwe1t5xjHeQaXSXsJmU378xHA7Ot5M6DJ9wZc0sQh8n3M5RRBPQsANCr91g8sypmPCo7A58SizgHr6iMjqoq_EdHzo-prhGjbGAEyS5_ItudyMNYQcpouDRneOHWhRY3BZhRPp3CJIyMGPhj5LW4_dPxLQBBX-U7VSpAjMnU_WiGHpzjbUq9wjoFZ_GGLxroBpc4txqSRpQiwKFk4vKy9_CqD1fSzXctG-SeCY1NmtpqyVKC8X6FBBaWdwxxL0_KFENZeBgdkf2hJnhkBXJ2Vmir9xyLgRmOK2RWaTR7A48wyko1GVuJrGnnitYZg5p3OI-fqwI4s08YpxKxkaW_F0c97pMRoUXJf-j3Y1V2ur1TrtVbzeVBWCuK7T9jvUc4uS6J8N50hQ2iGOeyY8ku7XNeHSGrkIPe1uWweLMj5Bblq-fwP9is2Ejo0OciBZye8lhxT3YIwL7R6p3jhVMf8zgwkKZqtb9N6IUXOYO5bkZxii5QCpnvyo1ZOpZTcMMkR1pzPp4grmWhT9u8kqxH4uA2el-Enx24tEQ5AScQtVdeeYvX1VgNn4eMO1Qlrixvlt3Su_NzKVBv8UXikBdKItAbelx3uUrv9CVew5FKrE_u4gyCTDLF8YLJcRgqbbEqw7mL8MkgeEaj8nktXQKozscDjyvMdPuQiyfPodxLSFB4dBsD8Ogknt6VLnrcuO-Ut9_SQIrayprLiLWPD6UAsZEYLniJCGS4Df5fuexDRIpAZWa8LMix_8uys-1SLrFK8x1FSrecONlSTMezL8bOc26TEaGhV-As_mXLNbzMHeQ2j6wg3kGULVTz70vR3EtAz-5XYJXU79v-pamuZ2FeVIUthE1v0Ep5XP0_9SfmqR-yXt-DA0Ywh6BQjssZW7CLhN4hzzrhQios4RPmH7tGjNb1XzBs_LCAKcvaJlDjhj6ame3pIrVQ5vWVh_tSoU3R4amv-kVY5TOPUwp5Jzn2VJg4WtlgQDcXMfIHubD5Uu1ZQwKLto81VSfCOh3aYowkrTvtwLKdQVkSj_0sy5WTmava27IKfDBQaM4gW53UBYDuJfQr6nWsUdcwHN6Ex7lSlEz61RwgNls0AJ7_PSGhud1i5G3u6DbabsyjHQwi5NY3YoYLAIyiLGumlieRS28ojHmNsZ4NgUOjw7fKdd_3UZf_nZT6VXSIx7o5mIKrFDJ0d07cL9hhF9f55oEwrLEAaOW_hOrvi3rPOFfhOo2DJaNjNk HTTP 302
https://p274639.mybettermb.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxr_gY8NK0RHfJMWgoUkfJBIb9kd5ITLGgzyR_sRQ6lKRHVqoXBn8UQrKdZ0hYkVe7l2aAEOhnNtzRmAOmF6-Dtb1ppggIzZ4oyPWKrBb_N19_-stOPwwyEs7cjfOKBp2XRDXkhXJENiOQUlQmWMF7ZgPlVTnHqhX2Xw8JESyvFE_ajykqZzwXIxN0WU4nc2lDmZb9emTineanS1-4hcsWfmjSQNF4-uxa-v7VAdLRFTk25_rtcFU56tfcl0xuE0wZUnrThkePvlhmg6YzbHoGiabSyKxhQ29j_Mx5LIQmtYCz-ruVnQNPBYALm0ULp-uUmD_u-wev7Zr253CbOfSjJnGIoTDksqhJ_PkwYhF84q-TxINT3x2ybepfW0lWtL1ich6YtyqeZa1VqH3Ze2tZDIZ9XNYYNGWupzKZ6Lw_AU5Jzy-TGEecmPQhIdADkjuTLeRr8B2mZzZ9jAkqTUKTq7K_IKaI2SlF_eGjekLAbm2eeHDPhk_MOxuLqaWZI7ZcBNDO4Y5k3_9DVi1H_mwDtJsBHQ51ueqt6JVJfwEe_NGSZ4oCAkhAaRsXkvD0u-5ruvoNvcweo2fB9ecITyXSJIC4iJ_dbScdBVfQVNALkwpCtPkrP8UYpanZF1_qtWZ_IEdBw_xIaNIiaLMO_37CvHXQC65lgJvufs3wIGO_nBFZWwwqt7B2mDL1s_TbSfYPhltjPnnWR7Az0zAb47iw0xx7FKoTkFOpS3vO8ZpYmyMpT4lFq52VBagrUZiCIjvtl5gdpClM_f5Y4yyHzruIrOBRCax55AeQdPdhPDNwlWesHP6GfX76OBgDZy5aP5OpYlLZipLO_P5CrUeMfDQYzkeVBZvDw2L6PvbMo8ltC3GAoMdoOkDvJuV-Erlvce2994oL7PQQ1QNE-flioH3Qhh1jDtU11rLKsoDvTbG04lVKIvL96_1IL8s5i3noITw_AgPxpBbMCltjVIjTKd6dqIUpzbKSVmQpEA59NBaAaufaTjnenHdukwwvNOqLJPawKLpKdw81v3IP1Biyiq3Vn_5f2CvTaquRzEuFWNoakvUsLt-7JJCDNaBCQYs-DJTAZb8H_-ZuN7EeYoiBIbmk46626tXTI3k_dXfzr--f6Rcou5kiqP6-Z5Qy5ALRCbWBygL40ACWz2Hq2jpjesYvJd6wd9fjYFrcJT8aQ5hx05C6cOfg5zCL2qKNknVMfJeIvXu3U4cHIexwlUkmxAvaVM4YRWhOvc_e1JKC8vKpvZlne9UtDPljfzMnU_WiGHpzt8XN55YOUKSKKM6G60zPm887rby31oixIzsOr_eNP9ZPi8lEdP_jlgCvLHM1MhvxQM-Jr3Q9J-0-T0AvjbOx9FD-IoRiWjmF-WJdLgktdb-Bry3DbhZYzCYWYKga6GgI22C8JlYZ2PbAUgheKjLQ6KwCMoixrppYnkUtvKIx5jbJPjBUjMHixRqOJSi8AJw7LtMtEVr6G5nnY_OLvfRmqLrRHCMhnfxiiZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxLmTKB2lpsLjbWnaHeEFBufsfIEQ6j_a0nnaMzr4fK_Sl18JH4vfA6eoUd_F0dOvFd1hRF8b5womkEpwcG3g30I&ui=rI7t-hs_SLdE0HI00WdpClY37AsT2AewbdSiFG1VZzwwi9PCJEOAXa2_h5t-WCG-2t_AoMHrhXMkkzlY0fmWANw95-broEcb-ktvFhAshogpfasUVFBMgQ&si=1&oref=bd48e34dc96bbdc41aeeb5f3a1202602&optunit=aTcaLAdRDZDomJ5wtw7vIA&rb=GpFxk10i04s&rr=0&abtg=0 Page URL
https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90112640733&sid=364314927&s=0.016168 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.agoogle.com/ HTTP 302
http://freeredir.com/trip/agoo HTTP 301
https://freeredir.com/trip/agoo HTTP 302
http://googloe.com/ HTTP 302
http://btpnative.com/click?data=STV4N0tCSnFtOTc0R2ZqdjlHWFk2Sk9NYXdKUE8xM0tuVEZkb043OUJEV00tUHFjRUJMR3RDU3ZLbzRhekJoa2xUaFJKVUdZQmZuMnVLQTlzREZPbUd0QlhBLUFtb0luYmxoa2JUSHdTdUxob1Zjank0dU52N01LTWJJaUJ1LTN3clBJa2V5NDJJZHpPRUs5aXEyNXdnMg2&id=afe1ca4d-571d-4eb7-8a89-5d9444acf4cb

Request Chain 1

http://btpnative.com/Redirect/ HTTP 302
https://mybettermb.com/aS/feedclick?s=rI7t-hs_SLdE0HI00WdpCubIryAadW7-AKcTJTCK61FgWWAriVrq8qd73pnnDH6ohvzYfNFjJsKn06qgcpL4cFiEu4ekA4JUUCyoc950-7JKvxRhlTspZcZTps4EeX4d50KEGVbR9VHB2Os-U9iuzRU_-GUXMnGI-CJs2G8W8FOu-SsjsAAAUy0cO_ZLGN4EW4QlOyYN_xHHpjwEXC7UEDvb5t7KTfx0varIICy8E2tAx37KMpWCWjHvryodGXYaE7_MDZFgWbSmp8iNQmDEBn0INxDfir6wkN9TIftpg5mZp393Tv91kPfbnLMVsPXqa6VxOxM-vWYTOeoXfn7AU-MvBiuyGj5ADvI-FN4Ef1yDjDjG9wiG0KdnbJoRBcsBTkp90NekTRJb_ORnVl9wvD3j_it5Hu5ulyfYpznotDcEFICnWCSVvLBDlbmo2FwERbS9GbYdUCNB6ahroFDUEe3NY87939RBGULFe_MtYCkAqRI-UTB-ajSdH7sGi_X-L6lMyisl1ip_jc4WHtWAEaB9iEtqlcZlyvBcq8SmPNkRHXJqVP3hoYa_eN-IrdRewzk4KwSWrk_59DSLDiMCQ59Ioik4kQCl5RUknu27HzC_55o7xO2oTwF-WgadQB7wgBwOroMay5zMOQBDjdNZsR0z89Bj23qjrNB-laa44Jl7e9OvFqTzzK9cDVhwas3xDFgk49DwqTDgcyF_0JYPg0M-dC1vrH33AXT23UXDAe-HiGzo1HMp6BBLSCg-0BoSG77FFOEoWlJAIQ5AoYHrKn17ZAwl1ag0FWBwR6MasPL-outuQe7kWqFulP-NBD0FbBE8yWpdLK7S0HR_R7YAINM2Dx-pYCLNhXl_hs3QfcB6eS4YWTBznI8nSoj8VZxGhJHEApSDLDVODw3vpLEoa_U66g-bU8Xc8YVBfPFOOhk1V08UE4IB_Hg4_KFishTVWMhq_Hy4aBKZacNuINnxWMKdMYB7y5FluYJ_eiZgCQwtGosP7OGnSbjxT-JENKiHnQBXGT0A6KD53WCmNQQ9-hpUCa8TKI7eowa_A02KbqKCRADTjzKIPjJhZHyu9STUFKXOnY5kvMByiFveJPiZt_JzL-WaBjLAxQA6ivFG_QC2eBcJ7OXcAaBqGnZ38MSRD-WFVzYc_3pHq9LWf9WL6ty7y5gv-XXF6eYnbiR47AcVDeyKPObjk4R3jU9ij-MYyiTNw1kpGmUR2zJ71dSvxjllhQ5Jbl3OrfUVLLH8yYZ2EUALX3yLbNclVFM0NMa7WLIzJjXjKhk7Jn1WWz6vLaCxEwMwQ_jLwWPn-YGvoHhP2ZEYLAy9V6y9bd66eeQ7fu8jj5B7wVwjaSU5A7vcxG0aIKpYw73vKrHOwHWlgmj94jENbJe4rgjq1Kl3GV941FZbpDXsLsayInnjGEHMb2q92t9NmXcvMK-3V6nDbVBY0kBtL4N4YG38LfdSfdooUlNG18jUlK4ShNi3cTDQi_agS_9O7RDa5tpqxWC5r3YWA1dEpU2KYQw2xFQmYkk0qzh-mdaN6-bmwvgmuugpFHRgysGKrRC_YhnNFimvu-ZCq9gDuKsYNQ_hbFezA8oqn-4ePqCCm5ARA-m6ClHwm3Vgn-hwzSeAvSstmz9V1UqH4dfGerrJkn1zwCHvt4juxX0_IX3UTIKspuHTpQr_qKSG7EFdQpGyj79hMaSDS1uonrNVm0nx9xEeEfkjncliX4OWGA60k0uy5q1Ypbz9KsipvrFRz-CffS_jezyKAMVhSEC2gwNV98y4Z69eRp8EiMRFKz1BhuZ3uS1GL-ww55org3kN-aSmWFTFo6E_vWklKTaUF834vN6fc5XhniHH24A2s3ihROmx3r0kw5vubYAhup5Fvyc2qPVznfBY3WbNOgsxSI2gkidcqyj_gLztgOCrL49ROZ6PWd0QJG359Mvj2lEz8jQYgzLe59cDwDF1DsxRF_t71wqPZ351hRuUpgrjh2AY9iuqghlbmC6wrTCoGMLy8BQXzF6N-72V12RXxZNR972ZFeJm6hIr3jj3JSH2abXH2ySbkMJVGcmhApaTCgldo1Ziba_i6R_La-XV32tJCBsR-Ljc5w8Gn-lKPEqZuZHadYuAXpHy0LODpTThE1A-D85WV4PxkcF3cW6Ym3N-Hl7VYixdfAlnkIOv6nqmOmAMdL67s1jPa5OqzpLcGlQ65qade5r4SM45jDCTn7UhrHZQVBstYNjNW0xy5dRdvSXWrD-mCkt9W6gjRliA_ToJ7-TBwP4Tk-NOhRQW5EBdtCHfZs8dMODWLVLdI4XMeTPGCMoYNGy5UdZ36gGE3VR1sHKpLyHMZgjq8h0E-eSogKzdwzdTEtctZbEJMTq5SjGIl7eNt4is1RQ5LGEw6awRVOy4nr-CRGPVFSz_ek3ACOKpA-l5nRVOzpToULHjWJdPekca6KRKg60M9tfi4ceaVQc2jqHuW8VkyFBMMCbT9E9LZF_dKCb-KEP5a8w8FzDQ3ANDEACXzItjlIvw55b7Z9w_liGgwlu3K937o7JC34W4NwOyk9G1FtybK4pMrw142mOjimUdQihvBN_rrMbaIFAbNNcUr0U9DyBTN8YBAU9byJnBZlMxLvqb_xrurEUVyFymd5I1aRgLx2DWPGAeugdXFymS2zSzkH7h8R3jd6QQOEN50_0CqiiqjWGELRWKdTQMpwYxByd6lw8LmLTiWO7EPO628t9aIsSM7Dq_3jT_WT4vJRHT_45YGHwUzUOiWSZ4MERqc-xHHFxNC1E927HtTVPUJlZQJfjIbJYOSXzm4qIjwxky0eLa_fv58kzvM4mM43HctUWGfKT6Ifj6CGUXDd6khgw1xizex3btw87HaAp4fFE_zlx7_Kbc8xtuWKx-wwWZE6djSyaaYTLrjxTYmEM_PXeejrTyWZ0GzSY6ZE7PspS4ce5ITUkW9-kDa38OhSGc3sb_xW8PrdWy4kyggcoApm4RhLbk-4LaUBBuMoJkfNOMf8fWSQuhxC3JtHBo3XDK93EvRFgnfCMfOWd1XH8dLYd0OJHt6X-wyGlUahLp1XMJwfKWHKqlPKGEodNPpVdIjHujmYwnVR8iAGqTsY9D8FpX5xXsnubMcWo-KN5YUP0JdO9_T2ovW4YXP51pGOLgUQ9i21T7UF6KmvoXvr6mIZvuXYRwlL9gfO_gB-2tUF8Gwu_bFKOReE8_Ge6d_krtQfcdwGaM8-sNalukfQH7wPOwe1t5xjHeQaXSXsJmU378xHA7Ot5M6DJ9wZc0sQh8n3M5RRBPQsANCr91g8sypmPCo7A58SizgHr6iMjqoq_EdHzo-prhGjbGAEyS5_ItudyMNYQcpouDRneOHWhRY3BZhRPp3CJIyMGPhj5LW4_dPxLQBBX-U7VSpAjMnU_WiGHpzjbUq9wjoFZ_GGLxroBpc4txqSRpQiwKFk4vKy9_CqD1fSzXctG-SeCY1NmtpqyVKC8X6FBBaWdwxxL0_KFENZeBgdkf2hJnhkBXJ2Vmir9xyLgRmOK2RWaTR7A48wyko1GVuJrGnnitYZg5p3OI-fqwI4s08YpxKxkaW_F0c97pMRoUXJf-j3Y1V2ur1TrtVbzeVBWCuK7T9jvUc4uS6J8N50hQ2iGOeyY8ku7XNeHSGrkIPe1uWweLMj5Bblq-fwP9is2Ejo0OciBZye8lhxT3YIwL7R6p3jhVMf8zgwkKZqtb9N6IUXOYO5bkZxii5QCpnvyo1ZOpZTcMMkR1pzPp4grmWhT9u8kqxH4uA2el-Enx24tEQ5AScQtVdeeYvX1VgNn4eMO1Qlrixvlt3Su_NzKVBv8UXikBdKItAbelx3uUrv9CVew5FKrE_u4gyCTDLF8YLJcRgqbbEqw7mL8MkgeEaj8nktXQKozscDjyvMdPuQiyfPodxLSFB4dBsD8Ogknt6VLnrcuO-Ut9_SQIrayprLiLWPD6UAsZEYLniJCGS4Df5fuexDRIpAZWa8LMix_8uys-1SLrFK8x1FSrecONlSTMezL8bOc26TEaGhV-As_mXLNbzMHeQ2j6wg3kGULVTz70vR3EtAz-5XYJXU79v-pamuZ2FeVIUthE1v0Ep5XP0_9SfmqR-yXt-DA0Ywh6BQjssZW7CLhN4hzzrhQios4RPmH7tGjNb1XzBs_LCAKcvaJlDjhj6ame3pIrVQ5vWVh_tSoU3R4amv-kVY5TOPUwp5Jzn2VJg4WtlgQDcXMfIHubD5Uu1ZQwKLto81VSfCOh3aYowkrTvtwLKdQVkSj_0sy5WTmava27IKfDBQaM4gW53UBYDuJfQr6nWsUdcwHN6Ex7lSlEz61RwgNls0AJ7_PSGhud1i5G3u6DbabsyjHQwi5NY3YoYLAIyiLGumlieRS28ojHmNsZ4NgUOjw7fKdd_3UZf_nZT6VXSIx7o5mIKrFDJ0d07cL9hhF9f55oEwrLEAaOW_hOrvi3rPOFfhOo2DJaNjNk HTTP 302
https://p274639.mybettermb.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxr_gY8NK0RHfJMWgoUkfJBIb9kd5ITLGgzyR_sRQ6lKRHVqoXBn8UQrKdZ0hYkVe7l2aAEOhnNtzRmAOmF6-Dtb1ppggIzZ4oyPWKrBb_N19_-stOPwwyEs7cjfOKBp2XRDXkhXJENiOQUlQmWMF7ZgPlVTnHqhX2Xw8JESyvFE_ajykqZzwXIxN0WU4nc2lDmZb9emTineanS1-4hcsWfmjSQNF4-uxa-v7VAdLRFTk25_rtcFU56tfcl0xuE0wZUnrThkePvlhmg6YzbHoGiabSyKxhQ29j_Mx5LIQmtYCz-ruVnQNPBYALm0ULp-uUmD_u-wev7Zr253CbOfSjJnGIoTDksqhJ_PkwYhF84q-TxINT3x2ybepfW0lWtL1ich6YtyqeZa1VqH3Ze2tZDIZ9XNYYNGWupzKZ6Lw_AU5Jzy-TGEecmPQhIdADkjuTLeRr8B2mZzZ9jAkqTUKTq7K_IKaI2SlF_eGjekLAbm2eeHDPhk_MOxuLqaWZI7ZcBNDO4Y5k3_9DVi1H_mwDtJsBHQ51ueqt6JVJfwEe_NGSZ4oCAkhAaRsXkvD0u-5ruvoNvcweo2fB9ecITyXSJIC4iJ_dbScdBVfQVNALkwpCtPkrP8UYpanZF1_qtWZ_IEdBw_xIaNIiaLMO_37CvHXQC65lgJvufs3wIGO_nBFZWwwqt7B2mDL1s_TbSfYPhltjPnnWR7Az0zAb47iw0xx7FKoTkFOpS3vO8ZpYmyMpT4lFq52VBagrUZiCIjvtl5gdpClM_f5Y4yyHzruIrOBRCax55AeQdPdhPDNwlWesHP6GfX76OBgDZy5aP5OpYlLZipLO_P5CrUeMfDQYzkeVBZvDw2L6PvbMo8ltC3GAoMdoOkDvJuV-Erlvce2994oL7PQQ1QNE-flioH3Qhh1jDtU11rLKsoDvTbG04lVKIvL96_1IL8s5i3noITw_AgPxpBbMCltjVIjTKd6dqIUpzbKSVmQpEA59NBaAaufaTjnenHdukwwvNOqLJPawKLpKdw81v3IP1Biyiq3Vn_5f2CvTaquRzEuFWNoakvUsLt-7JJCDNaBCQYs-DJTAZb8H_-ZuN7EeYoiBIbmk46626tXTI3k_dXfzr--f6Rcou5kiqP6-Z5Qy5ALRCbWBygL40ACWz2Hq2jpjesYvJd6wd9fjYFrcJT8aQ5hx05C6cOfg5zCL2qKNknVMfJeIvXu3U4cHIexwlUkmxAvaVM4YRWhOvc_e1JKC8vKpvZlne9UtDPljfzMnU_WiGHpzt8XN55YOUKSKKM6G60zPm887rby31oixIzsOr_eNP9ZPi8lEdP_jlgCvLHM1MhvxQM-Jr3Q9J-0-T0AvjbOx9FD-IoRiWjmF-WJdLgktdb-Bry3DbhZYzCYWYKga6GgI22C8JlYZ2PbAUgheKjLQ6KwCMoixrppYnkUtvKIx5jbJPjBUjMHixRqOJSi8AJw7LtMtEVr6G5nnY_OLvfRmqLrRHCMhnfxiiZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxLmTKB2lpsLjbWnaHeEFBufsfIEQ6j_a0nnaMzr4fK_Sl18JH4vfA6eoUd_F0dOvFd1hRF8b5womkEpwcG3g30I&ui=rI7t-hs_SLdE0HI00WdpClY37AsT2AewbdSiFG1VZzwwi9PCJEOAXa2_h5t-WCG-2t_AoMHrhXMkkzlY0fmWANw95-broEcb-ktvFhAshogpfasUVFBMgQ&si=1&oref=bd48e34dc96bbdc41aeeb5f3a1202602&optunit=aTcaLAdRDZDomJ5wtw7vIA&rb=GpFxk10i04s&rr=0&abtg=0

10 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	click Show response btpnative.com/ Redirect Chain http://www.agoogle.com/ http://freeredir.com/trip/agoo https://freeredir.com/trip/agoo http://googloe.com/ http://btpnative.com/click?data=STV4N0tCSnFtOTc0R2ZqdjlHWFk2Sk9NYXdKUE8xM0tuVEZkb043OUJEV00tUHFjRUJMR3RDU3ZLbzRhekJoa2xUaFJKVUdZQmZuMnVLQTlzREZPbUd0QlhBLUFtb0luYmxoa2JUSHdTdUxob1Zjank0dU52N01LTWJJa...	5 KB 6 KB	197ms 93ms	Document text/html	192.99.158.241 OVH
General Check archive.org Show headers Download Go to Full URL http://btpnative.com/click?data=STV4N0tCSnFtOTc0R2ZqdjlHWFk2Sk9NYXdKUE8xM0tuVEZkb043OUJEV00tUHFjRUJMR3RDU3ZLbzRhekJoa2xUaFJKVUdZQmZuMnVLQTlzREZPbUd0QlhBLUFtb0luYmxoa2JUSHdTdUxob1Zjank0dU52N01LTWJJaUJ1LTN3clBJa2V5NDJJZHpPRUs5aXEyNXdnMg2&id=afe1ca4d-571d-4eb7-8a89-5d9444acf4cb Protocol HTTP/1.1 Server 192.99.158.241 , Canada, ASN16276 (OVH, FR), Reverse DNS ip241.ip-192-99-158.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `dcfe1fbcfadb09c5ab62e8672254ad1d55946d8ab0a1d6f4dd76222dadcf16ad` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Headers Content-Type Access-Control-Allow-Origin * Cache-Control private Content-Length 5441 Content-Type text/html; charset=utf-8 Date Sun, 12 Mar 2023 22:05:17 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-AspNetMvc-Version 5.2 X-Powered-By ASP.NET Redirect headers cache-control max-age=0, private, must-revalidate connection close content-length 11 date Sun, 12 Mar 2023 22:05:17 GMT location http://btpnative.com/click?data=STV4N0tCSnFtOTc0R2ZqdjlHWFk2Sk9NYXdKUE8xM0tuVEZkb043OUJEV00tUHFjRUJMR3RDU3ZLbzRhekJoa2xUaFJKVUdZQmZuMnVLQTlzREZPbUd0QlhBLUFtb0luYmxoa2JUSHdTdUxob1Zjank0dU52N01LTWJJaUJ1LTN3clBJa2V5NDJJZHpPRUs5aXEyNXdnMg2&id=afe1ca4d-571d-4eb7-8a89-5d9444acf4cb server nginx
GET H2	200	domainClick p274639.mybettermb.com/adServe/ Redirect Chain http://btpnative.com/Redirect/ https://mybettermb.com/aS/feedclick?s=rI7t-hs_SLdE0HI00WdpCubIryAadW7-AKcTJTCK61FgWWAriVrq8qd73pnnDH6ohvzYfNFjJsKn06qgcpL4cFiEu4ekA4JUUCyoc950-7JKvxRhlTspZcZTps4EeX4d50KEGVbR9VHB2Os-U9iuzRU_-GUXMnG... https://p274639.mybettermb.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxr_gY8NK0RHfJMWgoUkfJBIb9kd5ITLGgzyR_sRQ6lKRHVqoXBn8UQrKdZ0hYkVe7l2aAEOhnNtzRmAOmF6-Dtb1ppggIzZ4oyPWKrBb_N19_-stOPwwyEs7cjf...	307 B 628 B	152ms 142ms	Document text/html	52.116.53.155 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://p274639.mybettermb.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxr_gY8NK0RHfJMWgoUkfJBIb9kd5ITLGgzyR_sRQ6lKRHVqoXBn8UQrKdZ0hYkVe7l2aAEOhnNtzRmAOmF6-Dtb1ppggIzZ4oyPWKrBb_N19_-stOPwwyEs7cjfOKBp2XRDXkhXJENiOQUlQmWMF7ZgPlVTnHqhX2Xw8JESyvFE_ajykqZzwXIxN0WU4nc2lDmZb9emTineanS1-4hcsWfmjSQNF4-uxa-v7VAdLRFTk25_rtcFU56tfcl0xuE0wZUnrThkePvlhmg6YzbHoGiabSyKxhQ29j_Mx5LIQmtYCz-ruVnQNPBYALm0ULp-uUmD_u-wev7Zr253CbOfSjJnGIoTDksqhJ_PkwYhF84q-TxINT3x2ybepfW0lWtL1ich6YtyqeZa1VqH3Ze2tZDIZ9XNYYNGWupzKZ6Lw_AU5Jzy-TGEecmPQhIdADkjuTLeRr8B2mZzZ9jAkqTUKTq7K_IKaI2SlF_eGjekLAbm2eeHDPhk_MOxuLqaWZI7ZcBNDO4Y5k3_9DVi1H_mwDtJsBHQ51ueqt6JVJfwEe_NGSZ4oCAkhAaRsXkvD0u-5ruvoNvcweo2fB9ecITyXSJIC4iJ_dbScdBVfQVNALkwpCtPkrP8UYpanZF1_qtWZ_IEdBw_xIaNIiaLMO_37CvHXQC65lgJvufs3wIGO_nBFZWwwqt7B2mDL1s_TbSfYPhltjPnnWR7Az0zAb47iw0xx7FKoTkFOpS3vO8ZpYmyMpT4lFq52VBagrUZiCIjvtl5gdpClM_f5Y4yyHzruIrOBRCax55AeQdPdhPDNwlWesHP6GfX76OBgDZy5aP5OpYlLZipLO_P5CrUeMfDQYzkeVBZvDw2L6PvbMo8ltC3GAoMdoOkDvJuV-Erlvce2994oL7PQQ1QNE-flioH3Qhh1jDtU11rLKsoDvTbG04lVKIvL96_1IL8s5i3noITw_AgPxpBbMCltjVIjTKd6dqIUpzbKSVmQpEA59NBaAaufaTjnenHdukwwvNOqLJPawKLpKdw81v3IP1Biyiq3Vn_5f2CvTaquRzEuFWNoakvUsLt-7JJCDNaBCQYs-DJTAZb8H_-ZuN7EeYoiBIbmk46626tXTI3k_dXfzr--f6Rcou5kiqP6-Z5Qy5ALRCbWBygL40ACWz2Hq2jpjesYvJd6wd9fjYFrcJT8aQ5hx05C6cOfg5zCL2qKNknVMfJeIvXu3U4cHIexwlUkmxAvaVM4YRWhOvc_e1JKC8vKpvZlne9UtDPljfzMnU_WiGHpzt8XN55YOUKSKKM6G60zPm887rby31oixIzsOr_eNP9ZPi8lEdP_jlgCvLHM1MhvxQM-Jr3Q9J-0-T0AvjbOx9FD-IoRiWjmF-WJdLgktdb-Bry3DbhZYzCYWYKga6GgI22C8JlYZ2PbAUgheKjLQ6KwCMoixrppYnkUtvKIx5jbJPjBUjMHixRqOJSi8AJw7LtMtEVr6G5nnY_OLvfRmqLrRHCMhnfxiiZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxLmTKB2lpsLjbWnaHeEFBufsfIEQ6j_a0nnaMzr4fK_Sl18JH4vfA6eoUd_F0dOvFd1hRF8b5womkEpwcG3g30I&ui=rI7t-hs_SLdE0HI00WdpClY37AsT2AewbdSiFG1VZzwwi9PCJEOAXa2_h5t-WCG-2t_AoMHrhXMkkzlY0fmWANw95-broEcb-ktvFhAshogpfasUVFBMgQ&si=1&oref=bd48e34dc96bbdc41aeeb5f3a1202602&optunit=aTcaLAdRDZDomJ5wtw7vIA&rb=GpFxk10i04s&rr=0&abtg=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.116.53.155 , United States, ASN36351 (SOFTLAYER, US), Reverse DNS 9b.35.7434.ip4.static.sl-reverse.com Software nginx / Resource Hash Request headers Content-Type application/x-www-form-urlencoded Origin http://btpnative.com Referer http://btpnative.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html;charset=ISO-8859-1 date Sun, 12 Mar 2023 22:05:18 GMT server nginx vary Accept-Encoding Redirect headers content-length 0 date Sun, 12 Mar 2023 22:05:18 GMT location https://p274639.mybettermb.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxr_gY8NK0RHfJMWgoUkfJBIb9kd5ITLGgzyR_sRQ6lKRHVqoXBn8UQrKdZ0hYkVe7l2aAEOhnNtzRmAOmF6-Dtb1ppggIzZ4oyPWKrBb_N19_-stOPwwyEs7cjfOKBp2XRDXkhXJENiOQUlQmWMF7ZgPlVTnHqhX2Xw8JESyvFE_ajykqZzwXIxN0WU4nc2lDmZb9emTineanS1-4hcsWfmjSQNF4-uxa-v7VAdLRFTk25_rtcFU56tfcl0xuE0wZUnrThkePvlhmg6YzbHoGiabSyKxhQ29j_Mx5LIQmtYCz-ruVnQNPBYALm0ULp-uUmD_u-wev7Zr253CbOfSjJnGIoTDksqhJ_PkwYhF84q-TxINT3x2ybepfW0lWtL1ich6YtyqeZa1VqH3Ze2tZDIZ9XNYYNGWupzKZ6Lw_AU5Jzy-TGEecmPQhIdADkjuTLeRr8B2mZzZ9jAkqTUKTq7K_IKaI2SlF_eGjekLAbm2eeHDPhk_MOxuLqaWZI7ZcBNDO4Y5k3_9DVi1H_mwDtJsBHQ51ueqt6JVJfwEe_NGSZ4oCAkhAaRsXkvD0u-5ruvoNvcweo2fB9ecITyXSJIC4iJ_dbScdBVfQVNALkwpCtPkrP8UYpanZF1_qtWZ_IEdBw_xIaNIiaLMO_37CvHXQC65lgJvufs3wIGO_nBFZWwwqt7B2mDL1s_TbSfYPhltjPnnWR7Az0zAb47iw0xx7FKoTkFOpS3vO8ZpYmyMpT4lFq52VBagrUZiCIjvtl5gdpClM_f5Y4yyHzruIrOBRCax55AeQdPdhPDNwlWesHP6GfX76OBgDZy5aP5OpYlLZipLO_P5CrUeMfDQYzkeVBZvDw2L6PvbMo8ltC3GAoMdoOkDvJuV-Erlvce2994oL7PQQ1QNE-flioH3Qhh1jDtU11rLKsoDvTbG04lVKIvL96_1IL8s5i3noITw_AgPxpBbMCltjVIjTKd6dqIUpzbKSVmQpEA59NBaAaufaTjnenHdukwwvNOqLJPawKLpKdw81v3IP1Biyiq3Vn_5f2CvTaquRzEuFWNoakvUsLt-7JJCDNaBCQYs-DJTAZb8H_-ZuN7EeYoiBIbmk46626tXTI3k_dXfzr--f6Rcou5kiqP6-Z5Qy5ALRCbWBygL40ACWz2Hq2jpjesYvJd6wd9fjYFrcJT8aQ5hx05C6cOfg5zCL2qKNknVMfJeIvXu3U4cHIexwlUkmxAvaVM4YRWhOvc_e1JKC8vKpvZlne9UtDPljfzMnU_WiGHpzt8XN55YOUKSKKM6G60zPm887rby31oixIzsOr_eNP9ZPi8lEdP_jlgCvLHM1MhvxQM-Jr3Q9J-0-T0AvjbOx9FD-IoRiWjmF-WJdLgktdb-Bry3DbhZYzCYWYKga6GgI22C8JlYZ2PbAUgheKjLQ6KwCMoixrppYnkUtvKIx5jbJPjBUjMHixRqOJSi8AJw7LtMtEVr6G5nnY_OLvfRmqLrRHCMhnfxiiZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxLmTKB2lpsLjbWnaHeEFBufsfIEQ6j_a0nnaMzr4fK_Sl18JH4vfA6eoUd_F0dOvFd1hRF8b5womkEpwcG3g30I&ui=rI7t-hs_SLdE0HI00WdpClY37AsT2AewbdSiFG1VZzwwi9PCJEOAXa2_h5t-WCG-2t_AoMHrhXMkkzlY0fmWANw95-broEcb-ktvFhAshogpfasUVFBMgQ&si=1&oref=bd48e34dc96bbdc41aeeb5f3a1202602&optunit=aTcaLAdRDZDomJ5wtw7vIA&rb=GpFxk10i04s&rr=0&abtg=0 server nginx
GET H2	200	Primary Request / Show response onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/	29 KB 14 KB	240ms 209ms	Document text/html	2606:4700:3030::ac43:d818 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90112640733&sid=364314927&s=0.016168 Requested by Host: p274639.mybettermb.com URL: https://p274639.mybettermb.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxr_gY8NK0RHfJMWgoUkfJBIb9kd5ITLGgzyR_sRQ6lKRHVqoXBn8UQrKdZ0hYkVe7l2aAEOhnNtzRmAOmF6-Dtb1ppggIzZ4oyPWKrBb_N19_-stOPwwyEs7cjfOKBp2XRDXkhXJENiOQUlQmWMF7ZgPlVTnHqhX2Xw8JESyvFE_ajykqZzwXIxN0WU4nc2lDmZb9emTineanS1-4hcsWfmjSQNF4-uxa-v7VAdLRFTk25_rtcFU56tfcl0xuE0wZUnrThkePvlhmg6YzbHoGiabSyKxhQ29j_Mx5LIQmtYCz-ruVnQNPBYALm0ULp-uUmD_u-wev7Zr253CbOfSjJnGIoTDksqhJ_PkwYhF84q-TxINT3x2ybepfW0lWtL1ich6YtyqeZa1VqH3Ze2tZDIZ9XNYYNGWupzKZ6Lw_AU5Jzy-TGEecmPQhIdADkjuTLeRr8B2mZzZ9jAkqTUKTq7K_IKaI2SlF_eGjekLAbm2eeHDPhk_MOxuLqaWZI7ZcBNDO4Y5k3_9DVi1H_mwDtJsBHQ51ueqt6JVJfwEe_NGSZ4oCAkhAaRsXkvD0u-5ruvoNvcweo2fB9ecITyXSJIC4iJ_dbScdBVfQVNALkwpCtPkrP8UYpanZF1_qtWZ_IEdBw_xIaNIiaLMO_37CvHXQC65lgJvufs3wIGO_nBFZWwwqt7B2mDL1s_TbSfYPhltjPnnWR7Az0zAb47iw0xx7FKoTkFOpS3vO8ZpYmyMpT4lFq52VBagrUZiCIjvtl5gdpClM_f5Y4yyHzruIrOBRCax55AeQdPdhPDNwlWesHP6GfX76OBgDZy5aP5OpYlLZipLO_P5CrUeMfDQYzkeVBZvDw2L6PvbMo8ltC3GAoMdoOkDvJuV-Erlvce2994oL7PQQ1QNE-flioH3Qhh1jDtU11rLKsoDvTbG04lVKIvL96_1IL8s5i3noITw_AgPxpBbMCltjVIjTKd6dqIUpzbKSVmQpEA59NBaAaufaTjnenHdukwwvNOqLJPawKLpKdw81v3IP1Biyiq3Vn_5f2CvTaquRzEuFWNoakvUsLt-7JJCDNaBCQYs-DJTAZb8H_-ZuN7EeYoiBIbmk46626tXTI3k_dXfzr--f6Rcou5kiqP6-Z5Qy5ALRCbWBygL40ACWz2Hq2jpjesYvJd6wd9fjYFrcJT8aQ5hx05C6cOfg5zCL2qKNknVMfJeIvXu3U4cHIexwlUkmxAvaVM4YRWhOvc_e1JKC8vKpvZlne9UtDPljfzMnU_WiGHpzt8XN55YOUKSKKM6G60zPm887rby31oixIzsOr_eNP9ZPi8lEdP_jlgCvLHM1MhvxQM-Jr3Q9J-0-T0AvjbOx9FD-IoRiWjmF-WJdLgktdb-Bry3DbhZYzCYWYKga6GgI22C8JlYZ2PbAUgheKjLQ6KwCMoixrppYnkUtvKIx5jbJPjBUjMHixRqOJSi8AJw7LtMtEVr6G5nnY_OLvfRmqLrRHCMhnfxiiZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxLmTKB2lpsLjbWnaHeEFBufsfIEQ6j_a0nnaMzr4fK_Sl18JH4vfA6eoUd_F0dOvFd1hRF8b5womkEpwcG3g30I&ui=rI7t-hs_SLdE0HI00WdpClY37AsT2AewbdSiFG1VZzwwi9PCJEOAXa2_h5t-WCG-2t_AoMHrhXMkkzlY0fmWANw95-broEcb-ktvFhAshogpfasUVFBMgQ&si=1&oref=bd48e34dc96bbdc41aeeb5f3a1202602&optunit=aTcaLAdRDZDomJ5wtw7vIA&rb=GpFxk10i04s&rr=0&abtg=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:d818 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `375c1c0b429f69beb8f694984aad46c9a078c3e430cc20b9ad3262fbd24439c2` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version access-control-allow-origin * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7a6f567deb122c04-FRA content-encoding br content-type text/html date Sun, 12 Mar 2023 22:05:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5U43lfPJIo1yT2ol2fel7hE4ZhZIMkP3eiRFHVAiM%2F6ZlSH7ghzxee2COGVKBoBO%2Bi42S%2BadXxbTR44%2BIOCtFUnSmsFdilQbLoAMKqXPnkNndX7cMAvB7V8TOqY%2FuhrGwOSg8QyVQ1OHbpaHj9aPg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/png
GET H2	200	AFU1kAAPatM Show response feed.cn-rtb.com/v1/native/	663 B 866 B	879ms 847ms	Fetch application/json	172.67.197.244 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://feed.cn-rtb.com/v1/native/AFU1kAAPatM?subid=62930&uid=807a6ea6-096c-408d-8cf1-d19dd19533f9&kw=download%20install Requested by Host: onegadsdesign.com URL: https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90112640733&sid=364314927&s=0.016168 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.197.244 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4ed5a029d23808e8f08e2809db8870eb9dcc3c32c530a27c349e59ad9a59c580` Request headers accept-language de-DE,de;q=0.9 Referer https://onegadsdesign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Sun, 12 Mar 2023 22:05:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare model report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEdTIbEQcGGxLmpX4hIUWGPyrvM0fL9fXJwRvaDISd8AYXfvh5ZCSTbAR%2Bkx%2B5FAd7ucuwiFlkfTsPkjjPvauxZfXaTl3wN%2FDGdYZq4SJCFOyeTNszTyYhx%2FLZJyF6cyqXI%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache cf-ray 7a6f567fadca5c8c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	conf.json Show response onegadsdesign.com/hood/b25lZ2Fkc2Rlc2lnbi5jb20=/	49 B 412 B	192ms 191ms	Fetch application/json	2606:4700:3030::ac43:d818 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onegadsdesign.com/hood/b25lZ2Fkc2Rlc2lnbi5jb20=/conf.json Requested by Host: onegadsdesign.com URL: https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90112640733&sid=364314927&s=0.016168 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:d818 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b2a8bfbdb86407809072fa664ba652957f4397d1c98ce2279b0dbb1359b7fb8f` Request headers accept-language de-DE,de;q=0.9 Referer https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90112640733&sid=364314927&s=0.016168 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Sun, 12 Mar 2023 22:05:18 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Sun, 12 Mar 2023 22:00:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"640e4b8f-31" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzrhUqek4BMOmYMq500O5tnPmRlwQChVkGgKUOXPsVvc8Oi4Dz59MVCv1x4XLiVPtnOi4koKAsTN%2BIte92hpf2dpyWbMosOlZXLYXi%2B2OxJ%2FfUHEkzEcPHYdUm6mQQRR2zVWXFcQyvRLjEs9OlMZJw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 7a6f567f7d072c04-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated /	748 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	ht.js Show response sdk.ocmhood.com/sdk/	30 KB 12 KB	41ms 16ms	Script application/javascript	2606:4700:20::681a:7e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl Requested by Host: onegadsdesign.com URL: https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90112640733&sid=364314927&s=0.016168 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `70ca645441ebfae7bb9653172c781bd55e9bcf45e3c0d49fe2bbce6c8a83da25` Request headers Referer https://onegadsdesign.com/ Origin https://onegadsdesign.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Sun, 12 Mar 2023 22:05:18 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 465 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 service-worker-allowed / last-modified Mon, 13 Feb 2023 09:58:42 GMT server cloudflare etag W/"63ea09d2-2e94" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbMNq%2Btkqg8%2Fv2M6zQ9eJzUz4yydhllNbKtoeSTR35QBkdfOzaw4BaweTnYKQUIaqSpwSdzww%2FcZ7XkNNCBLuTY%2B2iQ6%2BPDI42%2FXWb%2F24Oy9RI%2FAzogAEinad9mRc98TxKQivgPvT%2BnuOoZ5qA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cf-ray 7a6f5680def59bb0-FRA
GET H2	200	NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl.js Show response cdn.ocmhood.com/tag/	191 B 712 B	44ms 13ms	Script application/javascript	2606:4700:20::681a:7e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.ocmhood.com/tag/NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl.js Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `52ab4af643bc4aab5c955ce99d8779d3804217c85a695bfb5c41bb8f90a33036` Request headers accept-language de-DE,de;q=0.9 Referer https://onegadsdesign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Sun, 12 Mar 2023 22:05:18 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2997 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 service-worker-allowed / last-modified Tue, 13 Dec 2022 16:12:01 GMT server cloudflare etag W/"6398a451-bf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7UXetEopJE1zhIF16e47shnG0ABn0chV%2FCLd0GAQmF7sEP2iIgmkBLLguwQlIni%2B63GfYgee8M24cI%2BM6r9%2FERN9gvgoCnZnMLwgJRuaZKlwjzhWgYyYiAEffCso6JTWdsPAXHnoBEwICYc6Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=300 cf-ray 7a6f56812d729016-FRA
POST H2	201	activity t.ocmhood.com/v2/	0 262 B	35ms 24ms	Ping application/octet-stream	2606:4700:20::681a:7e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.ocmhood.com/v2/activity Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://onegadsdesign.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 12 Mar 2023 22:05:18 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CerFFFfDIDWcvRxJEP5Q4id5vZ4R%2BGlQ6YGqCgKaSnn4r7ai1ZqNdDBQVJYusaMt4cvdaYs1FCfptKD7hTP5T9Kcn257YB6D43fzjUfWayWa2BANfqSSYoTSRdC3dpI4GSZdap6zp4UP0VY%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control no-cache cf-ray 7a6f56816d979016-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	201	activity t.ocmhood.com/v2/	0 298 B	29ms 23ms	Ping application/octet-stream	2606:4700:20::681a:7e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.ocmhood.com/v2/activity Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://onegadsdesign.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 12 Mar 2023 22:05:18 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkWTGiZ7YFh24ZZpUJX95DWMqRe6InF3mnd565iNlOqlf4wO3HK3QMx7TPXzg6%2Fw31j3cVaz2SXHO11P4rk%2Fwx8teSy81liesdqr0zeTTqTeObf9BulIqw1bpRs3x1fapnfgSzCDmIGS9Ww%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control no-cache cf-ray 7a6f56816d999016-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	imp t.cn-rtb.com/	0 0	34ms 23ms	Fetch	172.67.197.244 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.cn-rtb.com/imp?l2=s6BkVTYMNJPWj_ac4wmo4XChn9BF3HMO0C2yytju3rI7bXOB_koi8PlZ0xtBN-2qRqFCU1ejrjwW7erERWb7QkGVaanH-2vR47J0T3_BM4Zj_WfYeOMUsLHLik2rD20zmWVNnG0krkn-xr7nWGuSM72G-ZS_2Dl5E563cEURW5WsHLIxmWTZz97CbIEMNqxk Requested by Host: onegadsdesign.com URL: https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90112640733&sid=364314927&s=0.016168 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.197.244 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://onegadsdesign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Sun, 12 Mar 2023 22:05:19 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7oONuvMbzyStdO5D1DLnFmywmunAz5r%2FvKpdlb%2BvzYuDzi26A5aiUl4W8uncBFuSMBtRisjGCmaZILZUDXrlhaHuuS8r4bR3uEUuQ6KYZVQcCsTJvS7UR%2FqBlf8lo0%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cache-control no-cache cf-ray 7a6f56851c3f5c8c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI	1969-12-31 23:59:59	Name: session Value: HrPAaraCm4k-nAI4VJ3BJ5Nl5mKU4De5
.googloe.com/	1970-01-20 19:53:38	Name: sid Value: f8b4e586-c121-11ed-bd50-e676d91cefc6
btpnative.com/	1969-12-31 23:59:59	Name: QsoPzSmkpjkbKnC Value: QsoPzSmkpjkbKnC
.mybettermb.com/	1970-01-20 14:36:50	Name: rhid Value: 82966671633
.mybettermb.com/	1970-01-20 10:17:42	Name: loi Value: ad_1429240_off_872129_aff_840_cid_274639-156718127-GOOGLOE.COM_ts_1678658718
.onegadsdesign.com/	1970-01-20 19:03:14	Name: _ht_v Value: 1678658718.2457812029
.onegadsdesign.com/	1970-01-20 10:17:40	Name: _ht_s Value: 1678658718.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

btpnative.com
cdn.ocmhood.com
feed.cn-rtb.com
freeredir.com
googloe.com
mybettermb.com
onegadsdesign.com
p274639.mybettermb.com
sdk.ocmhood.com
t.cn-rtb.com
t.ocmhood.com
www.agoogle.com
172.67.197.244
185.82.200.215
192.99.158.241
204.188.203.154
2606:4700:20::681a:7e4
2606:4700:3030::ac43:d818
52.116.53.155
78.41.204.32
375c1c0b429f69beb8f694984aad46c9a078c3e430cc20b9ad3262fbd24439c2
4ed5a029d23808e8f08e2809db8870eb9dcc3c32c530a27c349e59ad9a59c580
52ab4af643bc4aab5c955ce99d8779d3804217c85a695bfb5c41bb8f90a33036
70ca645441ebfae7bb9653172c781bd55e9bcf45e3c0d49fe2bbce6c8a83da25
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23
b2a8bfbdb86407809072fa664ba652957f4397d1c98ce2279b0dbb1359b7fb8f
dcfe1fbcfadb09c5ab62e8672254ad1d55946d8ab0a1d6f4dd76222dadcf16ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

onegadsdesign.com Open in urlscan Pro 2606:4700:3030::ac43:d818 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

90 %HTTPS

25 %IPv6

8 Domains

12 Subdomains

6 IPs

3 Countries

35 kBTransfer

69 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

7 Cookies

Indicators

onegadsdesign.com Open in urlscan Pro
2606:4700:3030::ac43:d818 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

25 %
IPv6

8
Domains

12
Subdomains

6
IPs

3
Countries

35 kB
Transfer

69 kB
Size

7
Cookies

10 HTTP transactions
2 data transactions