Submitted URL: http://learnninjio.com/
Effective URL: https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90151311081&sid=445272312&s=0.0041
Submission Tags: demotag1 demotag2 Search All
Submission: On March 25 via api from IN — Scanned from DE

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3030::ac43:d818, located in United States and belongs to CLOUDFLARENET, US. The main domain is onegadsdesign.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 23rd 2023. Valid for: a year.
This is the only time onegadsdesign.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 81.17.29.146 51852 (PLI-AS)
1 2 192.99.158.241 16276 (OVH)
1 2 52.117.247.211 36351 (SOFTLAYER)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 104.21.21.106 13335 (CLOUDFLAR...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
11 7
Apex Domain
Subdomains
Transfer
4 ocmhood.com
sdk.ocmhood.com — Cisco Umbrella Rank: 68545
cdn.ocmhood.com — Cisco Umbrella Rank: 21507
t.ocmhood.com — Cisco Umbrella Rank: 11672
14 KB
2 cn-rtb.com
feed.cn-rtb.com — Cisco Umbrella Rank: 67911
t.cn-rtb.com — Cisco Umbrella Rank: 74103
864 B
2 onegadsdesign.com
onegadsdesign.com
15 KB
2 myckdom.com
beta.myckdom.com — Cisco Umbrella Rank: 634040
1 KB
2 btpnative.com
btpnative.com — Cisco Umbrella Rank: 289635
8 KB
2 learnninjio.com
learnninjio.com
1 KB
11 6
Domain Requested by
2 t.ocmhood.com sdk.ocmhood.com
2 onegadsdesign.com beta.myckdom.com
onegadsdesign.com
2 beta.myckdom.com 1 redirects
2 btpnative.com 1 redirects learnninjio.com
2 learnninjio.com 1 redirects
1 t.cn-rtb.com onegadsdesign.com
1 cdn.ocmhood.com sdk.ocmhood.com
1 sdk.ocmhood.com onegadsdesign.com
1 feed.cn-rtb.com onegadsdesign.com
11 9

This site contains no links.

Subject Issuer Validity Valid
*.myckdom.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-20 -
2024-03-20
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-23 -
2024-03-21
a year crt.sh
*.cn-rtb.com
GTS CA 1P5
2023-02-22 -
2023-05-23
3 months crt.sh
ocmhood.com
Cloudflare Inc ECC CA-3
2022-05-04 -
2023-05-04
a year crt.sh

This page contains 1 frames:

Primary Page: https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90151311081&sid=445272312&s=0.0041
Frame ID: E930532D9B7DBAFA3BE39DA2525BF68D
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

Click Allow

Page URL History Show full URLs

  1. http://learnninjio.com/ Page URL
  2. http://learnninjio.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MT... HTTP 302
    http://btpnative.com/click?data=Wm5sOVBiallMTC1mSHdRM3NSaU5lOGw1QWcwYl91bzlCbWoycnF0VXVKdjhzY0hSd... Page URL
  3. http://btpnative.com/Redirect/ HTTP 302
    https://beta.myckdom.com/aS/feedclick?s=7BsrmHcakyKTjXt548WSd63dDnCBF-q5sugYwu5NDczCwZlXIoBlthG_6U4hq... HTTP 302
    https://beta.myckdom.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxnH0qyoiIqWgi1ayU7KT-UVx8ZvF4in8j... Page URL
  4. https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90151311081&sid=445272312&s... Page URL

Page Statistics

11
Requests

82 %
HTTPS

33 %
IPv6

6
Domains

9
Subdomains

7
IPs

4
Countries

36 kB
Transfer

70 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://learnninjio.com/ Page URL
  2. http://learnninjio.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTczNDIzNywiaWF0IjoxNjc5NzI3MDM3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDdwZGxxdWkwZzdoZWYxN28zOGxoMjIiLCJuYmYiOjE2Nzk3MjcwMzcsInRzIjoxNjc5NzI3MDM3NzgxMDc0fQ.H6WIekl7Pb4wTCxhkQmQc6niKfdrcy-ZQO2azopAkKE&sid=5990fc1c-cad9-11ed-92f8-f23209613cea HTTP 302
    http://btpnative.com/click?data=Wm5sOVBiallMTC1mSHdRM3NSaU5lOGw1QWcwYl91bzlCbWoycnF0VXVKdjhzY0hSdTkyTlhRaV9adEhsdWVVNElnWk12eVl5S0ZUWWxLcnFrcTlCbXA0bjN6clBocHlNM0czaUpPeVVNT1FIdUNCVVpuV2RJaWZOT1BqWkNLcGE3UWpDOVBwclFEMERDN19LeWlfXzl3Mg2&id=f6724dc9-effc-40be-95c4-ad0cfb5eaadb Page URL
  3. http://btpnative.com/Redirect/ HTTP 302
    https://beta.myckdom.com/aS/feedclick?s=7BsrmHcakyKTjXt548WSd63dDnCBF-q5sugYwu5NDczCwZlXIoBlthG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlF20PEq8hHSRiTdYYEA44WYlJzChtcb99a-hz6nOf0-V35hDWF21szTZekRk7AUpJuEGLaVG8NJlYjTTtEvMwihC7IyyaqXYYq24c1KZWf6iWpBv7Gj1FtqHiMitXqAAsE5rL-ohUhWDbakmpvg5zvl2BWansA7oZnrqI7FHqaNXYokmFwxEnrMtmKGav_fEG78zTWx662F3VK-jgZH_c1B-5Pkid6cEcBgKxVuZaiMAtuvgc-yVenwrTwhhswf3JSfDv7GrQtmZv9yrQeG7I655pLM6fAqxNu4SEZVF01z4E2xst8zq_z98KA66wj5uBPlAn8soXSABEBXoTEktKC-DcxZgaDASBx9-I-cYYXgLEWfd1MFlLunBZ2pYkQNzpZJZf2aSGSuJu2N2EjbmL76XgJCaFp8z50jd-pe07gmwcF-0-P4BMXv9Wa3sl0KqjbfLEu8AurTKta_gBJYWGKS-2g6Ru_m8PFZmsetpchT1CFdc6mIv0B5nreor3cQVwuEzKt8vcGl5mHwGq2_MDzyZ7Z-XPjv8lHCiwOOYl2JGjKaART98tHQGfbnvf72Yxp5lcOIfmbPGEYErjLunUIDn61jHigl_m7IV3JMEMaErgk-ZF_RkLFvt_0FNiVS473lhzwAjGpu_stK3bjm5DU79TcyVERgz_JZe14kzwkCevypLYSrH0UMvMwW7VVm-HvtTEMiDt4acC31tU09vD0eDoSnV3Sa9oAYly8lusKy1609raGZ2VL5YhoMJbtyvdvNoK2lnHZjrwiAI8iShOLTThZ57FhrgwjRtsIfznHES0FBZXLsAz7zJObdKqy1xopxJUCcdU39fZ9Tr2TOnUtGwELrqovmSx97fTr375P7P4qlUWiwQFDBcpkts0s5B-4fEd43ekEDhDedP9Aqooqo1hhC0VinU0DKcGMQcnepcPC5i04ljuxICjZuR1GPxloNjHx_UqCwNGXPkqhNbpgwv-ksjOI0oooJ4APUi-E1o_yxSmkH3QiFe8xg5F04Ren8Uc18SEqighuvhJwj6443fqfX5UL4K4qJ8fAe9ZegjFvy2RKG2XybIEmZbsRwc9O6YB5OljvHjaaqL0RwPAOYUKOEDmShzPh1_MuuhOjCA4xaYzvjfiuiA60mfdBAZf0oxNyTI-n0-LYv7gI6xZ1OUg_mm1P-lilAzxBXRY9p_Yv8-B9N2vrRyCeUm6Rlw7YJcoiymXy4u7yR_mWpJ6mRRisDNk98QJFqhTr8uzHfKMrll7rB5pas4ei7jnaVUXR1FYBPnLmmBJgr_5keB68HWieYFgjbTugvJ7Fg-3A247jyTIFWMAav-RsHDTRCLwsAjKIsa6aWL0Wh2qIWG4mkDzl2K3QK2x6erdg3_RkvP0Wh2qIWG4mkDzl2K3QK2xiCqxQydHdO1eR8AuEQKTJT69w8zPi-QL4ygMu14RubfGIxV2e1cjGw HTTP 302
    https://beta.myckdom.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxnH0qyoiIqWgi1ayU7KT-UVx8ZvF4in8j_69cgphgWAr81lnPRAdJFyoTX__u2dmMkbM1QmxJ7k9h_XxP0KkeoJPYv00XJVcXnlDjvP4JXWiXaThdUnMclfyYWAdJYTdNo_cicwUPpFliM2FdQpyrGx134FAiJM5BWJWdAgaDFAOJTu6AXYz7K5L-AWsiJow45rGXQ_me1u9DvSwKO4ccdG_8kuyYEpbaaJHLvTNTQCc5Ri0__Bz8z0mYIJGi_TSUWTfxfs1Jb0VofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysQGyN-Qjb9AIW1p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0pJ5zHbXL8lFkdwZsTwaZNfQ-PlRHY8ha8S33aYyBWDD&ui=7BsrmHcakyKTjXt548WSd1Y37AsT2AewbdSiFG1VZzwytj75Ld-gJDhJCAA3y_FhohuRWaxo0ndgbS5c5G_gqjx0KeQ0oB4MmPkHZgtvRfdzsyeWOH70eg&si=1&oref=9d10d60a9a4330199f59471b06cb2fe0&optunit=S_gFrIiaMOO9LGYePjlWCA&rb=xZlwZvBqH8I&rr=1&abtg=0 Page URL
  4. https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90151311081&sid=445272312&s=0.0041 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://learnninjio.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTczNDIzNywiaWF0IjoxNjc5NzI3MDM3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDdwZGxxdWkwZzdoZWYxN28zOGxoMjIiLCJuYmYiOjE2Nzk3MjcwMzcsInRzIjoxNjc5NzI3MDM3NzgxMDc0fQ.H6WIekl7Pb4wTCxhkQmQc6niKfdrcy-ZQO2azopAkKE&sid=5990fc1c-cad9-11ed-92f8-f23209613cea HTTP 302
  • http://btpnative.com/click?data=Wm5sOVBiallMTC1mSHdRM3NSaU5lOGw1QWcwYl91bzlCbWoycnF0VXVKdjhzY0hSdTkyTlhRaV9adEhsdWVVNElnWk12eVl5S0ZUWWxLcnFrcTlCbXA0bjN6clBocHlNM0czaUpPeVVNT1FIdUNCVVpuV2RJaWZOT1BqWkNLcGE3UWpDOVBwclFEMERDN19LeWlfXzl3Mg2&id=f6724dc9-effc-40be-95c4-ad0cfb5eaadb
Request Chain 2
  • http://btpnative.com/Redirect/ HTTP 302
  • https://beta.myckdom.com/aS/feedclick?s=7BsrmHcakyKTjXt548WSd63dDnCBF-q5sugYwu5NDczCwZlXIoBlthG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlF20PEq8hHSRiTdYYEA44WYlJzChtcb99a-hz6nOf0-V35hDWF21szTZekRk7AUpJuEGLaVG8NJlYjTTtEvMwihC7IyyaqXYYq24c1KZWf6iWpBv7Gj1FtqHiMitXqAAsE5rL-ohUhWDbakmpvg5zvl2BWansA7oZnrqI7FHqaNXYokmFwxEnrMtmKGav_fEG78zTWx662F3VK-jgZH_c1B-5Pkid6cEcBgKxVuZaiMAtuvgc-yVenwrTwhhswf3JSfDv7GrQtmZv9yrQeG7I655pLM6fAqxNu4SEZVF01z4E2xst8zq_z98KA66wj5uBPlAn8soXSABEBXoTEktKC-DcxZgaDASBx9-I-cYYXgLEWfd1MFlLunBZ2pYkQNzpZJZf2aSGSuJu2N2EjbmL76XgJCaFp8z50jd-pe07gmwcF-0-P4BMXv9Wa3sl0KqjbfLEu8AurTKta_gBJYWGKS-2g6Ru_m8PFZmsetpchT1CFdc6mIv0B5nreor3cQVwuEzKt8vcGl5mHwGq2_MDzyZ7Z-XPjv8lHCiwOOYl2JGjKaART98tHQGfbnvf72Yxp5lcOIfmbPGEYErjLunUIDn61jHigl_m7IV3JMEMaErgk-ZF_RkLFvt_0FNiVS473lhzwAjGpu_stK3bjm5DU79TcyVERgz_JZe14kzwkCevypLYSrH0UMvMwW7VVm-HvtTEMiDt4acC31tU09vD0eDoSnV3Sa9oAYly8lusKy1609raGZ2VL5YhoMJbtyvdvNoK2lnHZjrwiAI8iShOLTThZ57FhrgwjRtsIfznHES0FBZXLsAz7zJObdKqy1xopxJUCcdU39fZ9Tr2TOnUtGwELrqovmSx97fTr375P7P4qlUWiwQFDBcpkts0s5B-4fEd43ekEDhDedP9Aqooqo1hhC0VinU0DKcGMQcnepcPC5i04ljuxICjZuR1GPxloNjHx_UqCwNGXPkqhNbpgwv-ksjOI0oooJ4APUi-E1o_yxSmkH3QiFe8xg5F04Ren8Uc18SEqighuvhJwj6443fqfX5UL4K4qJ8fAe9ZegjFvy2RKG2XybIEmZbsRwc9O6YB5OljvHjaaqL0RwPAOYUKOEDmShzPh1_MuuhOjCA4xaYzvjfiuiA60mfdBAZf0oxNyTI-n0-LYv7gI6xZ1OUg_mm1P-lilAzxBXRY9p_Yv8-B9N2vrRyCeUm6Rlw7YJcoiymXy4u7yR_mWpJ6mRRisDNk98QJFqhTr8uzHfKMrll7rB5pas4ei7jnaVUXR1FYBPnLmmBJgr_5keB68HWieYFgjbTugvJ7Fg-3A247jyTIFWMAav-RsHDTRCLwsAjKIsa6aWL0Wh2qIWG4mkDzl2K3QK2x6erdg3_RkvP0Wh2qIWG4mkDzl2K3QK2xiCqxQydHdO1eR8AuEQKTJT69w8zPi-QL4ygMu14RubfGIxV2e1cjGw HTTP 302
  • https://beta.myckdom.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxnH0qyoiIqWgi1ayU7KT-UVx8ZvF4in8j_69cgphgWAr81lnPRAdJFyoTX__u2dmMkbM1QmxJ7k9h_XxP0KkeoJPYv00XJVcXnlDjvP4JXWiXaThdUnMclfyYWAdJYTdNo_cicwUPpFliM2FdQpyrGx134FAiJM5BWJWdAgaDFAOJTu6AXYz7K5L-AWsiJow45rGXQ_me1u9DvSwKO4ccdG_8kuyYEpbaaJHLvTNTQCc5Ri0__Bz8z0mYIJGi_TSUWTfxfs1Jb0VofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysQGyN-Qjb9AIW1p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0pJ5zHbXL8lFkdwZsTwaZNfQ-PlRHY8ha8S33aYyBWDD&ui=7BsrmHcakyKTjXt548WSd1Y37AsT2AewbdSiFG1VZzwytj75Ld-gJDhJCAA3y_FhohuRWaxo0ndgbS5c5G_gqjx0KeQ0oB4MmPkHZgtvRfdzsyeWOH70eg&si=1&oref=9d10d60a9a4330199f59471b06cb2fe0&optunit=S_gFrIiaMOO9LGYePjlWCA&rb=xZlwZvBqH8I&rr=1&abtg=0

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
learnninjio.com/
476 B
923 B
Document
General
Full URL
http://learnninjio.com/
Protocol
HTTP/1.1
Server
81.17.29.146 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control
max-age=0, private, must-revalidate
connection
close
content-length
476
content-type
text/html; charset=utf-8
date
Sat, 25 Mar 2023 06:50:36 GMT
server
nginx
click
btpnative.com/
Redirect Chain
  • http://learnninjio.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTczNDIzNywiaWF0IjoxNjc5NzI3MDM3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDdwZGxxdWkwZzdoZWYxN28z...
  • http://btpnative.com/click?data=Wm5sOVBiallMTC1mSHdRM3NSaU5lOGw1QWcwYl91bzlCbWoycnF0VXVKdjhzY0hSdTkyTlhRaV9adEhsdWVVNElnWk12eVl5S0ZUWWxLcnFrcTlCbXA0bjN6clBocHlNM0czaUpPeVVNT1FIdUNCVVpuV2RJaWZOT1BqW...
5 KB
6 KB
Document
General
Full URL
http://btpnative.com/click?data=Wm5sOVBiallMTC1mSHdRM3NSaU5lOGw1QWcwYl91bzlCbWoycnF0VXVKdjhzY0hSdTkyTlhRaV9adEhsdWVVNElnWk12eVl5S0ZUWWxLcnFrcTlCbXA0bjN6clBocHlNM0czaUpPeVVNT1FIdUNCVVpuV2RJaWZOT1BqWkNLcGE3UWpDOVBwclFEMERDN19LeWlfXzl3Mg2&id=f6724dc9-effc-40be-95c4-ad0cfb5eaadb
Requested by
Host: learnninjio.com
URL: http://learnninjio.com/
Protocol
HTTP/1.1
Server
192.99.158.241 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip241.ip-192-99-158.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
62ca9c374fd9968bd8f064287cb27a03296ced29550437c2cfe2dc276a18669b

Request headers

Referer
http://learnninjio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
5470
Content-Type
text/html; charset=utf-8
Date
Sat, 25 Mar 2023 06:50:37 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Sat, 25 Mar 2023 06:50:37 GMT
location
http://btpnative.com/click?data=Wm5sOVBiallMTC1mSHdRM3NSaU5lOGw1QWcwYl91bzlCbWoycnF0VXVKdjhzY0hSdTkyTlhRaV9adEhsdWVVNElnWk12eVl5S0ZUWWxLcnFrcTlCbXA0bjN6clBocHlNM0czaUpPeVVNT1FIdUNCVVpuV2RJaWZOT1BqWkNLcGE3UWpDOVBwclFEMERDN19LeWlfXzl3Mg2&id=f6724dc9-effc-40be-95c4-ad0cfb5eaadb
server
nginx
domainClick
beta.myckdom.com/adServe/
Redirect Chain
  • http://btpnative.com/Redirect/
  • https://beta.myckdom.com/aS/feedclick?s=7BsrmHcakyKTjXt548WSd63dDnCBF-q5sugYwu5NDczCwZlXIoBlthG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlF20PEq8hHSRiTdYYEA44WYlJzChtcb99a-hz6nOf0-V35hDWF21szTZekRk7A...
  • https://beta.myckdom.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxnH0qyoiIqWgi1ayU7KT-UVx8ZvF4in8j_69cgphgWAr81lnPRAdJFyoTX__u2dmMkbM1QmxJ7k9h_XxP0KkeoJPYv00XJVcXnlDjvP4JXWiXaThdUnMclfyYWAdJYTdN...
305 B
627 B
Document
General
Full URL
https://beta.myckdom.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxnH0qyoiIqWgi1ayU7KT-UVx8ZvF4in8j_69cgphgWAr81lnPRAdJFyoTX__u2dmMkbM1QmxJ7k9h_XxP0KkeoJPYv00XJVcXnlDjvP4JXWiXaThdUnMclfyYWAdJYTdNo_cicwUPpFliM2FdQpyrGx134FAiJM5BWJWdAgaDFAOJTu6AXYz7K5L-AWsiJow45rGXQ_me1u9DvSwKO4ccdG_8kuyYEpbaaJHLvTNTQCc5Ri0__Bz8z0mYIJGi_TSUWTfxfs1Jb0VofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysQGyN-Qjb9AIW1p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0pJ5zHbXL8lFkdwZsTwaZNfQ-PlRHY8ha8S33aYyBWDD&ui=7BsrmHcakyKTjXt548WSd1Y37AsT2AewbdSiFG1VZzwytj75Ld-gJDhJCAA3y_FhohuRWaxo0ndgbS5c5G_gqjx0KeQ0oB4MmPkHZgtvRfdzsyeWOH70eg&si=1&oref=9d10d60a9a4330199f59471b06cb2fe0&optunit=S_gFrIiaMOO9LGYePjlWCA&rb=xZlwZvBqH8I&rr=1&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.117.247.211 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
d3.f7.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://btpnative.com
Referer
http://btpnative.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sat, 25 Mar 2023 06:50:39 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
date
Sat, 25 Mar 2023 06:50:38 GMT
location
https://beta.myckdom.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxnH0qyoiIqWgi1ayU7KT-UVx8ZvF4in8j_69cgphgWAr81lnPRAdJFyoTX__u2dmMkbM1QmxJ7k9h_XxP0KkeoJPYv00XJVcXnlDjvP4JXWiXaThdUnMclfyYWAdJYTdNo_cicwUPpFliM2FdQpyrGx134FAiJM5BWJWdAgaDFAOJTu6AXYz7K5L-AWsiJow45rGXQ_me1u9DvSwKO4ccdG_8kuyYEpbaaJHLvTNTQCc5Ri0__Bz8z0mYIJGi_TSUWTfxfs1Jb0VofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysQGyN-Qjb9AIW1p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0pJ5zHbXL8lFkdwZsTwaZNfQ-PlRHY8ha8S33aYyBWDD&ui=7BsrmHcakyKTjXt548WSd1Y37AsT2AewbdSiFG1VZzwytj75Ld-gJDhJCAA3y_FhohuRWaxo0ndgbS5c5G_gqjx0KeQ0oB4MmPkHZgtvRfdzsyeWOH70eg&si=1&oref=9d10d60a9a4330199f59471b06cb2fe0&optunit=S_gFrIiaMOO9LGYePjlWCA&rb=xZlwZvBqH8I&rr=1&abtg=0
server
nginx
Primary Request /
onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/
29 KB
14 KB
Document
General
Full URL
https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90151311081&sid=445272312&s=0.0041
Requested by
Host: beta.myckdom.com
URL: https://beta.myckdom.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxnH0qyoiIqWgi1ayU7KT-UVx8ZvF4in8j_69cgphgWAr81lnPRAdJFyoTX__u2dmMkbM1QmxJ7k9h_XxP0KkeoJPYv00XJVcXnlDjvP4JXWiXaThdUnMclfyYWAdJYTdNo_cicwUPpFliM2FdQpyrGx134FAiJM5BWJWdAgaDFAOJTu6AXYz7K5L-AWsiJow45rGXQ_me1u9DvSwKO4ccdG_8kuyYEpbaaJHLvTNTQCc5Ri0__Bz8z0mYIJGi_TSUWTfxfs1Jb0VofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysQGyN-Qjb9AIW1p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0pJ5zHbXL8lFkdwZsTwaZNfQ-PlRHY8ha8S33aYyBWDD&ui=7BsrmHcakyKTjXt548WSd1Y37AsT2AewbdSiFG1VZzwytj75Ld-gJDhJCAA3y_FhohuRWaxo0ndgbS5c5G_gqjx0KeQ0oB4MmPkHZgtvRfdzsyeWOH70eg&si=1&oref=9d10d60a9a4330199f59471b06cb2fe0&optunit=S_gFrIiaMOO9LGYePjlWCA&rb=xZlwZvBqH8I&rr=1&abtg=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d818 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d66033beb7dc8ace3a6a2293efd6a49c8df3e3f6f31d92ec58fa5e96e5861c51

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ad5388b7fe19b49-FRA
content-encoding
br
content-type
text/html
date
Sat, 25 Mar 2023 06:50:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTqk7i0uOrZDbEn3J8oEoiTkxillBX8jCtYw9cxBmvQJW%2F3KpAK7jxx%2BoXSqb5bey4QTWZCG2GuyW3hBgZx1dYB7SUrMvnabCKng5xZtd5p%2BfUb7wSd7yTl7hfqfsUx8xAQ9UtEyCdRiegCwtk7qtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
AFU1kAAPatM
feed.cn-rtb.com/v1/native/
663 B
864 B
Fetch
General
Full URL
https://feed.cn-rtb.com/v1/native/AFU1kAAPatM?subid=62930&uid=653e8b0a-cb5f-4f03-91c0-714890443ecd&kw=download%20install
Requested by
Host: onegadsdesign.com
URL: https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90151311081&sid=445272312&s=0.0041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d0796205d13372e655ad437014f683be5e357c6855abd535588b30ef43c6d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onegadsdesign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 06:50:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
model
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIQ2ksUR2TY6eDM%2FX8SgFj6t%2FdQPf0KM86%2FDns8xt1BDrDtNpDcWHLcDPUyVxc0ifrE4sfSONxMCo%2BI%2BgQ9smowSatm7Hae8vcaNA3AGjLXfv%2FPrvv8mSQybFKV59tTRNgY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7ad5388cf98a085b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
conf.json
onegadsdesign.com/hood/b25lZ2Fkc2Rlc2lnbi5jb20=/
49 B
415 B
Fetch
General
Full URL
https://onegadsdesign.com/hood/b25lZ2Fkc2Rlc2lnbi5jb20=/conf.json
Requested by
Host: onegadsdesign.com
URL: https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90151311081&sid=445272312&s=0.0041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d818 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2a8bfbdb86407809072fa664ba652957f4397d1c98ce2279b0dbb1359b7fb8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90151311081&sid=445272312&s=0.0041
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 06:50:39 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sat, 25 Mar 2023 06:41:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"641e977f-31"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fysbi7%2ByjS1D0mUWGkTb7HK9ie6s5hH4C9gJ9qvZ02opjtFxP7ef1cQ9t7liDaqwPQvFQQpND0xizUsjhyqk34%2BeT%2FpRvn03oitENLR%2BXkZW%2BRQCm2HXnRPvZJ5EXzXzx%2FceCjhWgW0ZbaCXEuR2Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
7ad5388cc97d9b49-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/
748 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
ht.js
sdk.ocmhood.com/sdk/
30 KB
12 KB
Script
General
Full URL
https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl
Requested by
Host: onegadsdesign.com
URL: https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90151311081&sid=445272312&s=0.0041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70ca645441ebfae7bb9653172c781bd55e9bcf45e3c0d49fe2bbce6c8a83da25

Request headers

Referer
https://onegadsdesign.com/
Origin
https://onegadsdesign.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 06:50:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2393
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
service-worker-allowed
/
last-modified
Mon, 13 Feb 2023 09:58:42 GMT
server
cloudflare
etag
W/"63ea09d2-2e94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIBOO%2BXaBCD1goU0bysyKw8iQevZ%2B6GSZ1WVVAS1pt7xXt6prloK3lRNWUEV1ASfoxkcEXKUBLwyPxRc1Fg9Jar%2BPbLGlS8XF7so0x9d4kiKErk6upt2Dbcrim5Gxx4nPZdtGqbFqQTUlI3skA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7ad5388e2b833604-FRA
NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl.js
cdn.ocmhood.com/tag/
191 B
720 B
Script
General
Full URL
https://cdn.ocmhood.com/tag/NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl.js
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52ab4af643bc4aab5c955ce99d8779d3804217c85a695bfb5c41bb8f90a33036

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onegadsdesign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 06:50:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1231
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
service-worker-allowed
/
last-modified
Tue, 13 Dec 2022 16:12:01 GMT
server
cloudflare
etag
W/"6398a451-bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjNjCysJuYI1BsLuCqCn59w0Sq9oKCmnROZrkQuw6GGxG%2BE%2F4sp1CfW70FsmmmnI%2FktvIK%2FNz83Jx%2BNWzu4PYtvP%2Bq%2BnociEVVt3HtGD1VO5PnBdc0jO0hu1EprTapJm%2FwOzznW2aekaRYIu%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=300
cf-ray
7ad5388e8c6e9b86-FRA
imp
t.cn-rtb.com/
0
0
Fetch
General
Full URL
https://t.cn-rtb.com/imp?l2=pzaZTqw_HvPLHHgU17dPoRvB1zS_vEdDAWnXYopE1pdufWAJAP2_zO3bVrzVvyvAdgqMEo0dH3_YJyFXki_IFP4A9Ds_BhpaJiN_yw_rrAAgN7G3M29qAyI4f5ZBohfW0yxvPGyOZAtZWpm_xt8SwvvOs33rZVj02Rvt5aTd9GWDxbi-DdkMGaLYjP34ctN6
Requested by
Host: onegadsdesign.com
URL: https://onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI/?cid=90151311081&sid=445272312&s=0.0041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onegadsdesign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 06:50:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8mpS7gp3s8RTpR5A%2FZb5Q1gA0LeTxkar5DKo3fs%2F1mB3wkfNfFEfMiwyMW4NSE5j5BrQt1zA%2BPLZQGanJ8fSYgzCilLFKpliRI1%2BiSULl46sqJ31SZ4dlV7St1yxE4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7ad5388e6b04085b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
activity
t.ocmhood.com/v2/
0
263 B
Ping
General
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onegadsdesign.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 25 Mar 2023 06:50:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=leBVvd9DV%2FKbJeHai8syO1lKkCNdQfnGxMWe6XHWZYJGhWBdNNGrPxSneQ3JjzbhPjdvEy3fUWEDiC34ZuAX26HV52HD7Yodp3GSjkwQ7qIi8UozModbGBJctw9EsZmhEqSdhe8rxm36X9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
7ad5388ebca19b86-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
activity
t.ocmhood.com/v2/
0
300 B
Ping
General
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onegadsdesign.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 25 Mar 2023 06:50:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5lmVD413grAUziF%2FYk8LvAv5dOP98W6JBE%2FVtjimhBhcwhpnC38kIuiVQ85KU6bisBo5ugdf4KzpTzbx8mv4%2FCfaWrlFW1czp1i5Mp6qDNJUjt%2BQBt0FTMX0CpsQoFAYjjpEnlU49Vy2Rc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
7ad5388ebca49b86-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| qs string| lwp function| importOmpServiceWorker function| initOmpServiceWorker function| clearSession function| getLpType function| fetchAd function| getOCP function| popme function| pbcid function| finalRedirect function| goNextStep function| goToRedirectonAllow function| goToRedirectSmart2 function| isPushApiSupported function| uuidv4 function| initLpPush function| startOmpWorker function| getLpIdParamIfSet function| getSourcePrefix object| ad number| cpc number| o_eid string| o_ocid string| source_prefix string| fallback_url function| before_redirect_block function| Hood function| NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl

7 Cookies

Domain/Path Name / Value
onegadsdesign.com/_6izQ1_Ul6OLA9Qa-vXzMxXtBumChTjYusxjVHZtMXI Name: session
Value: I7EIuW0gg2H0Tx1SU6jl6jACc8PBiNNU
.learnninjio.com/ Name: sid
Value: 5990fc1c-cad9-11ed-92f8-f23209613cea
btpnative.com/ Name: NMCTcFpbCYYSMWo
Value: NMCTcFpbCYYSMWo
.myckdom.com/ Name: rhid
Value: 83015096379
.myckdom.com/ Name: loi
Value: ad_1429240_off_872129_aff_840_cid_274639-583332698-LEARNNINJIO.COM_ts_1679727039
.onegadsdesign.com/ Name: _ht_v
Value: 1679727039.8746358875
.onegadsdesign.com/ Name: _ht_s
Value: 1679727039.2