urlscan.io logo urlscan.io
SecurityTrails logo

cdntechone.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://a.flamingololo.com/click.php/e63067/HYWZ0ZXJfcmVnMjAwMTE3LDEzNzcxLGh0dHA6Ly90cmFja2luZy5mbGFtaW5nb2xvbG8uY29tL3RyYW...
Effective URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4537057&axcusid1=52DE1562797&clid={ymid...
Submission: On November 12 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 11 domains to perform 9 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is cdntechone.com. The Cisco Umbrella rank of the primary domain is 77703.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 24th 2021. Valid for: a year.
This is the only time cdntechone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.247.228.48 16509 (AMAZON-02)
2 2 52.212.76.176 16509 (AMAZON-02)
1 34.245.243.150 16509 (AMAZON-02)
1 2 52.33.166.217 16509 (AMAZON-02)
1 1 18.185.204.10 16509 (AMAZON-02)
1 1 35.158.35.225 16509 (AMAZON-02)
3 198.143.165.221 32475 (SINGLEHOP...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2 139.45.197.239 9002 (RETN-AS)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 37.48.68.71 60781 (LEASEWEB-...)
9 7
1    34.247.228.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-228-48.eu-west-1.compute.amazonaws.com
a.flamingololo.com
2    52.212.76.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-76-176.eu-west-1.compute.amazonaws.com
tracking.flamingololo.com
1    34.245.243.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-243-150.eu-west-1.compute.amazonaws.com
beastrackers.com
2    52.33.166.217 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-166-217.us-west-2.compute.amazonaws.com
tr.premtraffic.com
1    18.185.204.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-204-10.eu-central-1.compute.amazonaws.com
tl-eu.adtrackoptimize.com
1    35.158.35.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-35-225.eu-central-1.compute.amazonaws.com
so-glo.yoptv33.com
3    198.143.165.221 (Staten Island, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
go.monetizer.mobi
1    2606:4700:3033::6815:1fd9 (United States)

ASN13335 (CLOUDFLARENET, US)
deepstore.link
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
deepstore.click
2    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
gtoonfd.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdntechone.com
1    37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
datatechone.com
Apex Domain
Subdomains		 Transfer
3 monetizer.mobi
go.monetizer.mobi — Cisco Umbrella Rank: 699704
7 KB
3 flamingololo.com
a.flamingololo.com
tracking.flamingololo.com
1 KB
2 gtoonfd.com
gtoonfd.com — Cisco Umbrella Rank: 292663
839 B
2 premtraffic.com
tr.premtraffic.com
3 KB
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 51964
467 B
1 cdntechone.com
cdntechone.com — Cisco Umbrella Rank: 77703
6 KB
1 deepstore.click
deepstore.click
572 B
1 deepstore.link
deepstore.link
614 B
1 yoptv33.com
so-glo.yoptv33.com
566 B
1 adtrackoptimize.com
tl-eu.adtrackoptimize.com
331 B
1 beastrackers.com
beastrackers.com
342 B
9 11
Domain Requested by
3 go.monetizer.mobi go.monetizer.mobi
2 gtoonfd.com 1 redirects cdntechone.com
2 tr.premtraffic.com 1 redirects beastrackers.com
2 tracking.flamingololo.com 2 redirects
1 datatechone.com cdntechone.com
1 cdntechone.com
1 deepstore.click go.monetizer.mobi
1 deepstore.link 1 redirects
1 so-glo.yoptv33.com 1 redirects
1 tl-eu.adtrackoptimize.com 1 redirects
1 beastrackers.com
1 a.flamingololo.com 1 redirects
9 12

This site contains no links.

Subject Issuer Validity Valid
*.orgsig.com
Amazon		 2022-04-19 -
2023-05-18		 a year crt.sh
go.monetizer.mobi
R3		 2022-09-18 -
2022-12-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-27 -
2023-03-26		 a year crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-24 -
2022-12-24		 a year crt.sh
gtoonfd.com
R3		 2022-09-30 -
2022-12-29		 3 months crt.sh

This page contains 1 frames:

Frame: https://gtoonfd.com/link?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=2744
Frame ID: 0F15991BA566ABBAF340CDD0CDADA63A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Checking you browser...

Page URL History Show full URLs

  1. http://a.flamingololo.com/click.php/e63067/HYWZ0ZXJfcmVnMjAwMTE3LDEzNzcxLGh0dHA6Ly90cmFja2luZy5mbGFtaW... HTTP 302
    http://tracking.flamingololo.com/track/tag?to=http%3A%2F%2Ftracking.flamingololo.com%2Ftrack%2Fredirect%3Fmid... HTTP 302
    http://tracking.flamingololo.com/track/redirect?mid=CMEQ9uEhb8lc&to=http%3A%2F%2Fbeastrackers.com%3Fr%3Dhttps... HTTP 302
    http://beastrackers.com/?r=https%3A%2F%2Ftr.premtraffic.com%2Fclick%2FnNzjGS7XdN%3F Page URL
  2. https://tr.premtraffic.com/click/nNzjGS7XdN HTTP 302
    https://tr.premtraffic.com/main/d.php?s=1&link=https%3A%2F%2Ftl-eu.adtrackoptimize.com%2Ft%2Fclk%3Fid%3... Page URL
  3. https://tl-eu.adtrackoptimize.com/t/clk?id=J8XBS8oyCyv1Bc2rVOCo&ept2=2f32f058-9834-48dc-8d7a-157da8805e16 HTTP 302
    https://so-glo.yoptv33.com/t/clk?id=E0qfWjnHqjziGv8RiM&rl=68N19&redirect-from=J8XBS8oyCyv1Bc2rVOCo&rcod... HTTP 302
    https://go.monetizer.mobi/?utm_medium=ec4eee60be986151ad56a07d62a9c3fe7802b9db&utm_campaign=mainstream... Page URL
  4. https://go.monetizer.mobi/?utm_term=7165260864390430806&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
  5. https://go.monetizer.mobi/proc.php?3d4c84349c17150a8d7aa84ad2d70f1391a42b99 Page URL
  6. https://deepstore.link/ll/click.php?key=i264jdrz83fudfq2qmi2&subid=M7165260864390430806&cc=0&t1=797... HTTP 302
    https://deepstore.click/ll/nlp/index.php?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797&url_bnm_r... Page URL
  7. https://gtoonfd.com/link?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797 HTTP 302
    https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4537057&axcusid1=52... Page URL

Page Statistics

9
Requests

89 %
HTTPS

25 %
IPv6

11
Domains

12
Subdomains

7
IPs

5
Countries

15 kB
Transfer

32 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://a.flamingololo.com/click.php/e63067/HYWZ0ZXJfcmVnMjAwMTE3LDEzNzcxLGh0dHA6Ly90cmFja2luZy5mbGFtaW5nb2xvbG8uY29tL3RyYWNrL3RhZw/qP3RvPWh0dHAlM0ElMkYlMkZ0cmFja2luZy5mbGFtaW5nb2xvbG8uY29tJTJGdHJhY2slMkZyZWRpcmVjdCUzRm1pZCUzRENNRVE5dUVoYjhsYyUyNnRvJTNEaHR0cCUyNTNBJTI1MkYlMjUyRmJlYXN0cmFja2Vycy5jb20lMjUzRnIlMjUzRGh0dHBzJTI1MjUzQSUyNTI1MkYlMjUyNTJGdHIucHJlbXRyYWZmaWMuY29tJTI1MjUyRmNsaWNrJTI1MjUyRm5OempHUzdYZE4lMjUyNTNGJm1pZD1DTUVROXVFaGI4bGMmdj14SFRiMkttbmgwT1JaVEVlRm1EREF3JTNEJTNEJmE9YWRkIA/se0a01ad3d8 HTTP 302
    http://tracking.flamingololo.com/track/tag?to=http%3A%2F%2Ftracking.flamingololo.com%2Ftrack%2Fredirect%3Fmid%3DCMEQ9uEhb8lc%26to%3Dhttp%253A%252F%252Fbeastrackers.com%253Fr%253Dhttps%25253A%25252F%25252Ftr.premtraffic.com%25252Fclick%25252FnNzjGS7XdN%25253F&mid=CMEQ9uEhb8lc&v=xHTb2Kmnh0ORZTEeFmDDAw%3D%3D&a=add%20 HTTP 302
    http://tracking.flamingololo.com/track/redirect?mid=CMEQ9uEhb8lc&to=http%3A%2F%2Fbeastrackers.com%3Fr%3Dhttps%253A%252F%252Ftr.premtraffic.com%252Fclick%252FnNzjGS7XdN%253F HTTP 302
    http://beastrackers.com/?r=https%3A%2F%2Ftr.premtraffic.com%2Fclick%2FnNzjGS7XdN%3F Page URL
  2. https://tr.premtraffic.com/click/nNzjGS7XdN HTTP 302
    https://tr.premtraffic.com/main/d.php?s=1&link=https%3A%2F%2Ftl-eu.adtrackoptimize.com%2Ft%2Fclk%3Fid%3DJ8XBS8oyCyv1Bc2rVOCo%26ept2%3D2f32f058-9834-48dc-8d7a-157da8805e16 Page URL
  3. https://tl-eu.adtrackoptimize.com/t/clk?id=J8XBS8oyCyv1Bc2rVOCo&ept2=2f32f058-9834-48dc-8d7a-157da8805e16 HTTP 302
    https://so-glo.yoptv33.com/t/clk?id=E0qfWjnHqjziGv8RiM&rl=68N19&redirect-from=J8XBS8oyCyv1Bc2rVOCo&rcode=R05&rseq=R05,R99,R98 HTTP 302
    https://go.monetizer.mobi/?utm_medium=ec4eee60be986151ad56a07d62a9c3fe7802b9db&utm_campaign=mainstream2021&1=4937&cid=95a7989e-054a-4f9e-884f-dda4ab89e21c Page URL
  4. https://go.monetizer.mobi/?utm_term=7165260864390430806&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d Page URL
  5. https://go.monetizer.mobi/proc.php?3d4c84349c17150a8d7aa84ad2d70f1391a42b99 Page URL
  6. https://deepstore.link/ll/click.php?key=i264jdrz83fudfq2qmi2&subid=M7165260864390430806&cc=0&t1=797&t2=797-0034cf92&t3=M7165260864390430806&t4=DE1&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d HTTP 302
    https://deepstore.click/ll/nlp/index.php?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797&url_bnm_redirect=https://gtoonfd.com/link Page URL
  7. https://gtoonfd.com/link?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797 HTTP 302
    https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4537057&axcusid1=52DE1562797&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D4537057%26ymid%3D2e170heusgxntwjfbe%26var%3D52DE1562797%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=2744 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://a.flamingololo.com/click.php/e63067/HYWZ0ZXJfcmVnMjAwMTE3LDEzNzcxLGh0dHA6Ly90cmFja2luZy5mbGFtaW5nb2xvbG8uY29tL3RyYWNrL3RhZw/qP3RvPWh0dHAlM0ElMkYlMkZ0cmFja2luZy5mbGFtaW5nb2xvbG8uY29tJTJGdHJhY2slMkZyZWRpcmVjdCUzRm1pZCUzRENNRVE5dUVoYjhsYyUyNnRvJTNEaHR0cCUyNTNBJTI1MkYlMjUyRmJlYXN0cmFja2Vycy5jb20lMjUzRnIlMjUzRGh0dHBzJTI1MjUzQSUyNTI1MkYlMjUyNTJGdHIucHJlbXRyYWZmaWMuY29tJTI1MjUyRmNsaWNrJTI1MjUyRm5OempHUzdYZE4lMjUyNTNGJm1pZD1DTUVROXVFaGI4bGMmdj14SFRiMkttbmgwT1JaVEVlRm1EREF3JTNEJTNEJmE9YWRkIA/se0a01ad3d8 HTTP 302
  • http://tracking.flamingololo.com/track/tag?to=http%3A%2F%2Ftracking.flamingololo.com%2Ftrack%2Fredirect%3Fmid%3DCMEQ9uEhb8lc%26to%3Dhttp%253A%252F%252Fbeastrackers.com%253Fr%253Dhttps%25253A%25252F%25252Ftr.premtraffic.com%25252Fclick%25252FnNzjGS7XdN%25253F&mid=CMEQ9uEhb8lc&v=xHTb2Kmnh0ORZTEeFmDDAw%3D%3D&a=add%20 HTTP 302
  • http://tracking.flamingololo.com/track/redirect?mid=CMEQ9uEhb8lc&to=http%3A%2F%2Fbeastrackers.com%3Fr%3Dhttps%253A%252F%252Ftr.premtraffic.com%252Fclick%252FnNzjGS7XdN%253F HTTP 302
  • http://beastrackers.com/?r=https%3A%2F%2Ftr.premtraffic.com%2Fclick%2FnNzjGS7XdN%3F
Request Chain 1
  • https://tr.premtraffic.com/click/nNzjGS7XdN HTTP 302
  • https://tr.premtraffic.com/main/d.php?s=1&link=https%3A%2F%2Ftl-eu.adtrackoptimize.com%2Ft%2Fclk%3Fid%3DJ8XBS8oyCyv1Bc2rVOCo%26ept2%3D2f32f058-9834-48dc-8d7a-157da8805e16
Request Chain 2
  • https://tl-eu.adtrackoptimize.com/t/clk?id=J8XBS8oyCyv1Bc2rVOCo&ept2=2f32f058-9834-48dc-8d7a-157da8805e16 HTTP 302
  • https://so-glo.yoptv33.com/t/clk?id=E0qfWjnHqjziGv8RiM&rl=68N19&redirect-from=J8XBS8oyCyv1Bc2rVOCo&rcode=R05&rseq=R05,R99,R98 HTTP 302
  • https://go.monetizer.mobi/?utm_medium=ec4eee60be986151ad56a07d62a9c3fe7802b9db&utm_campaign=mainstream2021&1=4937&cid=95a7989e-054a-4f9e-884f-dda4ab89e21c
Request Chain 5
  • https://deepstore.link/ll/click.php?key=i264jdrz83fudfq2qmi2&subid=M7165260864390430806&cc=0&t1=797&t2=797-0034cf92&t3=M7165260864390430806&t4=DE1&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d HTTP 302
  • https://deepstore.click/ll/nlp/index.php?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797&url_bnm_redirect=https://gtoonfd.com/link
Request Chain 7
  • http://gtoonfd.com/link?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=2744 HTTP 307
  • https://gtoonfd.com/link?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=2744

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
beastrackers.com/
Redirect Chain
  • http://a.flamingololo.com/click.php/e63067/HYWZ0ZXJfcmVnMjAwMTE3LDEzNzcxLGh0dHA6Ly90cmFja2luZy5mbGFtaW5nb2xvbG8uY29tL3RyYWNrL3RhZw/qP3RvPWh0dHAlM0ElMkYlMkZ0cmFja2luZy5mbGFtaW5nb2xvbG8uY29tJTJGdHJhY...
  • http://tracking.flamingololo.com/track/tag?to=http%3A%2F%2Ftracking.flamingololo.com%2Ftrack%2Fredirect%3Fmid%3DCMEQ9uEhb8lc%26to%3Dhttp%253A%252F%252Fbeastrackers.com%253Fr%253Dhttps%25253A%25252F...
  • http://tracking.flamingololo.com/track/redirect?mid=CMEQ9uEhb8lc&to=http%3A%2F%2Fbeastrackers.com%3Fr%3Dhttps%253A%252F%252Ftr.premtraffic.com%252Fclick%252FnNzjGS7XdN%253F
  • http://beastrackers.com/?r=https%3A%2F%2Ftr.premtraffic.com%2Fclick%2FnNzjGS7XdN%3F
126 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
http://beastrackers.com/?r=https%3A%2F%2Ftr.premtraffic.com%2Fclick%2FnNzjGS7XdN%3F
Protocol
HTTP/1.1
Server
34.245.243.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-245-243-150.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 12 Nov 2022 22:31:37 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 12 Nov 2022 22:31:36 GMT
Location
http://beastrackers.com?r=https%3A%2F%2Ftr.premtraffic.com%2Fclick%2FnNzjGS7XdN%3F
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
d.php
tr.premtraffic.com/main/
Redirect Chain
  • https://tr.premtraffic.com/click/nNzjGS7XdN?
  • https://tr.premtraffic.com/main/d.php?s=1&link=https%3A%2F%2Ftl-eu.adtrackoptimize.com%2Ft%2Fclk%3Fid%3DJ8XBS8oyCyv1Bc2rVOCo%26ept2%3D2f32f058-9834-48dc-8d7a-157da8805e16
185 B
606 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.premtraffic.com/main/d.php?s=1&link=https%3A%2F%2Ftl-eu.adtrackoptimize.com%2Ft%2Fclk%3Fid%3DJ8XBS8oyCyv1Bc2rVOCo%26ept2%3D2f32f058-9834-48dc-8d7a-157da8805e16
Requested by
Host: beastrackers.com
URL: http://beastrackers.com/?r=https%3A%2F%2Ftr.premtraffic.com%2Fclick%2FnNzjGS7XdN%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.166.217 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-166-217.us-west-2.compute.amazonaws.com
Software
nginx/1.11.6 /
Resource Hash
2ddc3aff066a8901a2e95ea2e75ec456acb4442c55efcc2b90e89c8894a13e40

Request headers

Referer
http://beastrackers.com/?r=https%3A%2F%2Ftr.premtraffic.com%2Fclick%2FnNzjGS7XdN%3F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 12 Nov 2022 22:31:38 GMT
server
nginx/1.11.6

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Sat, 12 Nov 2022 22:31:37 GMT
location
/main/d.php?s=1&link=https%3A%2F%2Ftl-eu.adtrackoptimize.com%2Ft%2Fclk%3Fid%3DJ8XBS8oyCyv1Bc2rVOCo%26ept2%3D2f32f058-9834-48dc-8d7a-157da8805e16
server
nginx/1.11.6
/
go.monetizer.mobi/
Redirect Chain
  • https://tl-eu.adtrackoptimize.com/t/clk?id=J8XBS8oyCyv1Bc2rVOCo&ept2=2f32f058-9834-48dc-8d7a-157da8805e16
  • https://so-glo.yoptv33.com/t/clk?id=E0qfWjnHqjziGv8RiM&rl=68N19&redirect-from=J8XBS8oyCyv1Bc2rVOCo&rcode=R05&rseq=R05,R99,R98
  • https://go.monetizer.mobi/?utm_medium=ec4eee60be986151ad56a07d62a9c3fe7802b9db&utm_campaign=mainstream2021&1=4937&cid=95a7989e-054a-4f9e-884f-dda4ab89e21c
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.monetizer.mobi/?utm_medium=ec4eee60be986151ad56a07d62a9c3fe7802b9db&utm_campaign=mainstream2021&1=4937&cid=95a7989e-054a-4f9e-884f-dda4ab89e21c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.143.165.221 Staten Island, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.1.9
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://tr.premtraffic.com/main/d.php?s=1&link=https%3A%2F%2Ftl-eu.adtrackoptimize.com%2Ft%2Fclk%3Fid%3DJ8XBS8oyCyv1Bc2rVOCo%26ept2%3D2f32f058-9834-48dc-8d7a-157da8805e16
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 12 Nov 2022 22:31:39 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://go.monetizer.mobi/?utm_term=7165260864390430806&ver=4viyaptcjo
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.1.9

Redirect headers

cache-control
no-transform
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 12 Nov 2022 22:31:39 GMT
location
https://go.monetizer.mobi/?utm_medium=ec4eee60be986151ad56a07d62a9c3fe7802b9db&utm_campaign=mainstream2021&1=4937&cid=95a7989e-054a-4f9e-884f-dda4ab89e21c
server
nginx/1.12.2
vary
Cookie, Origin
x-frame-options
SAMEORIGIN
/
go.monetizer.mobi/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.monetizer.mobi/?utm_term=7165260864390430806&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Requested by
Host: go.monetizer.mobi
URL: https://go.monetizer.mobi/?utm_medium=ec4eee60be986151ad56a07d62a9c3fe7802b9db&utm_campaign=mainstream2021&1=4937&cid=95a7989e-054a-4f9e-884f-dda4ab89e21c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.143.165.221 Staten Island, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.1.9
Resource Hash
b0c7fa648df17e6a3f69de5a62acf9b54b0923166ead1301fe2042594c841481
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://go.monetizer.mobi/?utm_medium=ec4eee60be986151ad56a07d62a9c3fe7802b9db&utm_campaign=mainstream2021&1=4937&cid=95a7989e-054a-4f9e-884f-dda4ab89e21c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 12 Nov 2022 22:31:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.1.9
proc.php
go.monetizer.mobi/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.monetizer.mobi/proc.php?3d4c84349c17150a8d7aa84ad2d70f1391a42b99
Requested by
Host: go.monetizer.mobi
URL: https://go.monetizer.mobi/?utm_term=7165260864390430806&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.143.165.221 Staten Island, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.1.9
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://go.monetizer.mobi/?utm_term=7165260864390430806&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 12 Nov 2022 22:31:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://deepstore.link/ll/click.php?key=i264jdrz83fudfq2qmi2&subid=M7165260864390430806&cc=0&t1=797&t2=797-0034cf92&t3=M7165260864390430806&t4=DE1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.1.9
index.php
deepstore.click/ll/nlp/
Redirect Chain
  • https://deepstore.link/ll/click.php?key=i264jdrz83fudfq2qmi2&subid=M7165260864390430806&cc=0&t1=797&t2=797-0034cf92&t3=M7165260864390430806&t4=DE1&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8...
  • https://deepstore.click/ll/nlp/index.php?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797&url_bnm_redirect=https://gtoonfd.com/link
119 B
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://deepstore.click/ll/nlp/index.php?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797&url_bnm_redirect=https://gtoonfd.com/link
Requested by
Host: go.monetizer.mobi
URL: https://go.monetizer.mobi/proc.php?3d4c84349c17150a8d7aa84ad2d70f1391a42b99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e762facba04ac64ec28b9bb085676a84379336b25fd2ec7a04e479276d1c8e5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://go.monetizer.mobi/proc.php?3d4c84349c17150a8d7aa84ad2d70f1391a42b99
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7692b81f3e0390b8-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 12 Nov 2022 22:31:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBwEN9iJ1bobTUY4XGAwMXeevdqIwChtoyt3knqfz5fP%2FiraC2W%2FzIhyGxjnm9cSUX6knU34B5Uil0SA5yAoY6iyJ4oLv4XPQe74Zqp6JPDbqAUHI3GFmgCPQWhfjfTQ0ow0T%2FEq9dJmLK0BMRw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7692b81e38759b7d-FRA
content-type
text/html; charset=UTF-8
date
Sat, 12 Nov 2022 22:31:40 GMT
location
https://deepstore.click/ll/nlp/index.php?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797&url_bnm_redirect=https://gtoonfd.com/link
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9Z68k0W08HcnyqAUFu%2F3wY0PjmjdO0gksaOfNjxr9Khy56AcRl00qT9NfUtNS3vs%2FkdsUVmXRo2nU5i%2FANGGOnhzx86Qa83keIHnkpLsGbv68QeGB9b59KlJbezvl8k8hxj2mVjP1ILfLefaw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
Primary Request r.html
cdntechone.com/
Redirect Chain
  • https://gtoonfd.com/link?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797
  • https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4537057&axcusid1=52DE1562797&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D4537057%26ymid%3D2e170heusgxntwjfbe%...
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4537057&axcusid1=52DE1562797&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D4537057%26ymid%3D2e170heusgxntwjfbe%26var%3D52DE1562797%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=2744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90a4db02d12732a33f0d02859bab23d0c09a6b344802bf7f4dd696dbbff1be3

Request headers

Referer
https://deepstore.click/ll/nlp/index.php?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797&url_bnm_redirect=https://gtoonfd.com/link
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7692b8203e0e993f-FRA
content-encoding
br
content-type
text/html
date
Sat, 12 Nov 2022 22:31:40 GMT
last-modified
Tue, 18 Oct 2022 14:05:52 GMT
link
<https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAv12Bhs%2BKfvUw7vNsAN0BUbE31WV%2Bp96PzOPHdAS46KFhPFOlatbBMK2sbANv8PY5O6iNC71dFgPgVQXuvW9gGGSDywwaG8fx7njLKRbhRIkvAwgVMudDWaveTyb3k2kGXg5KLwl69vVXbkxg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Sat, 12 Nov 2022 22:31:40 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://cdntechone.com>; rel="dns-prefetch preconnect"
location
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4537057&axcusid1=52DE1562797&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D4537057%26ymid%3D2e170heusgxntwjfbe%26var%3D52DE1562797%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=2744
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
x-content-type-options
nosniff
x-trace-id
93e196429bd62e360c25ecc77190cd27
add
datatechone.com/log/ 		2 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4537057&axcusid1=52DE1562797&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D4537057%26ymid%3D2e170heusgxntwjfbe%26var%3D52DE1562797%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=2744
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://cdntechone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 12 Nov 2022 22:31:40 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://cdntechone.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
link
gtoonfd.com/
Redirect Chain
  • http://gtoonfd.com/link?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=2744
  • https://gtoonfd.com/link?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=2744
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gtoonfd.com/link?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=2744
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4537057&axcusid1=52DE1562797&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D4537057%26ymid%3D2e170heusgxntwjfbe%26var%3D52DE1562797%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=2744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=4537057&axcusid1=52DE1562797&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D4537057%26ymid%3D2e170heusgxntwjfbe%26var%3D52DE1562797%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=2744
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Sat, 12 Nov 2022 22:31:40 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
x-content-type-options
nosniff
x-trace-id
fe2b4098d69e5c8337a0840a3ed4f2fe

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://gtoonfd.com/link?z=4537057&ymid=2e170heusgxntwjfbe&var=52DE1562797&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=2744
Non-Authoritative-Reason
HSTS

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __ds3dcV__

15 Cookies

Domain/Path Name / Value
tr.premtraffic.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Im1vOGNzSmQ1NlNJd0ZIWkl5Q1BXNHc9PSIsInZhbHVlIjoiOHNnaXZnQUlHM1FBVDFGdHUwNUFCWmwzS1haQW1pYzhEVUFvWEFmUFA1NnA4aGR6OXNFSGdNWjQ0a3pcL1B0aFVKYUJ6cW05SGVYdUN3VTVqckFmRmdnPT0iLCJtYWMiOiJhOTRjMmM1YmM0NDVlMzZkNzQ0ZjE5NTU5YzY2ZTQxNDI4ZWE1NzU2MzliZjJlZDBlYmE2YmNhYzE1ZjgxNTY5In0%3D
tr.premtraffic.com/ Name: session
Value: eyJpdiI6ImY5TmZHXC8wOXJsNjI3c2dFeVJ3SDR3PT0iLCJ2YWx1ZSI6Ilp4RzArSFVZQkl2ck9EUU8rV2FGXC9LOHN6c3dURnI3UXc3Yk5lcXBLaXFIdnBzeGQzUThqbXVVVEhVTlF6QlBFRzZVMEJLWkhNWEVMUFoyYTBhb2N4UT09IiwibWFjIjoiMjBlNzJiYmMxYjQ5MTM3MGEyOTdiMmY0ZGM0ZGVkMjA2MTJlZDhlNDQ4NTI1MDYxN2Q4ZWYyZDBkZTc1YzQ5MCJ9
tr.premtraffic.com/ Name: ept2
Value: eyJpdiI6InRBTVpKVUhEeUFybTY4RFFhYVpUSXc9PSIsInZhbHVlIjoiVERtZjBqckRSXC85N29TRDVPUTIzRW5yWG5vWHI3c1BpMUhzYVBPNkJ1UE95cjduWUZndTlHYisxcWtoYUZMZkpoeHlSM3pnSHBFdTJudlpYZzlmdERvelBrelFuRU1mMzNrTVNUVXMwbHN3R3NhNEZlS0FDWURUbG04Y28rVFhJSUU5UllmNzdEVk5WKzhvK1Mzd2RZMUtUZHNIQ3E0cFNZT1hqYUdac1duNkRPbHFncXllVDBqa2JnUjMzaGp0NSIsIm1hYyI6ImViMGI3YTllY2Q3MzE2NDVkNTdjYzRkMDU0MWI0MjNiM2M5ZTU0ODI5MjQwYTdhNzkzMjQwZWNjMmVhYmY1YjEifQ%3D%3D
tr.premtraffic.com/ Name: jjOVKq4M7YjNRXAmv8NU8Qp0rjvrzcs3yg72L4el
Value: eyJpdiI6IlFBMTlhaTdGVVlXK0FYUTdXbks5c3c9PSIsInZhbHVlIjoibFR6czdoQmxNNm02YzhSSmNSV0R0YUpyazQzeDVEbEtKaTI5ekF3b2hnZHQ4M0lTUUtcLyt1RUZHYWhzcDJZd3MzSEFCNCt6aHBuamMrQzRXWEszdmV2WVN5djFtbnZqQjRBbnc4RkMwSHlVWTBQVFJWNmNJWmNjSSthaDV0Y0pQZ0RnVzRQM1J5ckpJZys1d2wrNDhmQldzaFJpWUI4VUJ5QVlwallcL1dXbTJMMFF2N3F4VElKRThteWV5MU03RTJDVXpnN2tad0pCOWdoN2lYZlNMRFozVG5tWjd3SktJMDdxZysxQ0luZkVhVHp4WDhqdll2QTFJYVFjN3lyamw1eHdxVFljQlpGWlNJWG5jendXM1dcLzBJR2ZGTXBSRUtuSVM2QTA1VFZmWDZVSUI3M2pDSVFyeVJENlNrOE8wQ3BubHl1K3BkanJPcHZDVmpiMUIzclJzUkloS0pUbk44SlIxU0E2UGVnQ1piT1wvY2l5ZnJIdTU0MTkyeFdBWkZsVWpKeDJOZDRHdlBEaHNhbmVsVk9kRXBTcThxVllXVlNQRDZWc0JjRzZ3ZnFPTHZIQTFTNFwvdG1kYTFpaVwvVE9zWFBMV3JobVB6UjNtdlwvVHQ2ZmJDNjB2T21sUjV2elNtNUNTRCs0N09mRVpIc3pOMEdrZmtYa2o5eEFCS3diQWxmcVNOOTVQV3hGWXRIdnV1QjFmXC9cL2hlRVJLb1lZSGIrVGJIK0dNWW5wYXZFPSIsIm1hYyI6IjE2YTNkNzdiNjRhNWJlZWY3MDMzNTUyNDRjM2ExYzQxZjRjNzQ4MWQyMWNlNDcxMzhkMmJmZDM0ZjhmZTAyN2QifQ%3D%3D
tr.premtraffic.com/ Name: AWSALB
Value: lG6WGWNpnQeOSC/ugYyBTMHgABDucbG8siP43IxSB4RupNJMWswAGjTtz5KtE9tJ8041RNeZlAjPTWUF2357o6VR0NEabiL299pC+j/lxeNf4n9Ag+rNxVElYrYN
tr.premtraffic.com/ Name: AWSALBCORS
Value: lG6WGWNpnQeOSC/ugYyBTMHgABDucbG8siP43IxSB4RupNJMWswAGjTtz5KtE9tJ8041RNeZlAjPTWUF2357o6VR0NEabiL299pC+j/lxeNf4n9Ag+rNxVElYrYN
tl-eu.adtrackoptimize.com/ Name: ydt_f9f233826b8c496eaa637f6d3e6f9d36
Value: "[]:1otz2J:2lllUFoCt-SXzjEnYCSjhXV6y_Q"
so-glo.yoptv33.com/ Name: uip
Value: "[\"XL1AShQqZ\"\054 {\"zXgjV\": \"BN185eY\"}]:1otz2J:7DfkX6aiYqbtwaog49u4D4CUSfE"
so-glo.yoptv33.com/ Name: ydt_69a756d9a2a44370a5365f82fbdfa6e5
Value: "[\"95a7989e-054a-4f9e-884f-dda4ab89e21c\"]:1otz2J:hpIgMJGDen_vIQcprvlr5naQO1M"
go.monetizer.mobi/ Name: u
Value: 32cf0ce6a0e4efd2d1f351a259b90bed
deepstore.link/ Name: uclick
Value: heusgxntwj
gtoonfd.com/ Name: OAID
Value: 63531eec06f54c5bbb9fc7c63b8996a8
gtoonfd.com/ Name: oaidts
Value: 1668292300
gtoonfd.com/ Name: phpckd4537057
Value: true
gtoonfd.com/ Name: allcnt
Value: 1