clk.tradedoubler.com Open in urlscan Pro
18.199.49.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://v25.bvo8.com/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7414744442189381655&pub=26927&pid=26927-eca23d8z&c=0&app=unk...
Effective URL:
https://clk.tradedoubler.com/click?p=328374&a=3205862&g=25219194&epi=8d0d9ae6-f24f-4520-aeb5-a3fa99d3de42:e1e4bbc2c14c29b2dbe...
Submission: On September 15 via manual (September 15th 2024, 6:04:54 am UTC) from HK — Scanned from IT

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 11 domains to perform 18 HTTP transactions. The main IP is 18.199.49.32, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is clk.tradedoubler.com. The Cisco Umbrella rank of the primary domain is 136745.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 7th 2024. Valid for: a year.

This is the only time clk.tradedoubler.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.55.4.52 162.55.4.52	24940 (HETZNER-AS) (HETZNER-AS)
1 6	139.45.196.64 139.45.196.64	9002 (RETN-AS) (RETN-AS)
1	188.114.96.9 188.114.96.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.48.68.71 37.48.68.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1 1	104.18.22.222 104.18.22.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.186.250.143 35.186.250.143	15169 (GOOGLE) (GOOGLE)
1	172.217.16.219 172.217.16.219	15169 (GOOGLE) (GOOGLE)
1	18.199.49.32 18.199.49.32	16509 (AMAZON-02) (AMAZON-02)
18	8

1 162.55.4.52 (Mammelzen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.52.4.55.162.clients.your-server.de

v25.bvo8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.196.64 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

guornebeziya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.9 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdntechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.22.222 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

vurtaichu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.250.143 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 143.250.186.35.bc.googleusercontent.com

c2c82d5c7e.smapp.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.219 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f27.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.199.49.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-199-49-32.eu-central-1.compute.amazonaws.com

clk.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	guornebeziya.com 1 redirects guornebeziya.com	16 KB
2	smapp.work c2c82d5c7e.smapp.work	4 KB
1	tradedoubler.com clk.tradedoubler.com — Cisco Umbrella Rank: 136745 vht.tradedoubler.com Failed	5 KB
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 348	3 KB
1	vurtaichu.net vurtaichu.net — Cisco Umbrella Rank: 377742 Failed	1 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10183	492 B
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 54264	467 B
1	cdntechone.com cdntechone.com — Cisco Umbrella Rank: 47442	9 KB
1	bvo8.com 1 redirects v25.bvo8.com	617 B
0	google-analytics.com Failed www.google-analytics.com Failed
0	performyze.com Failed farm.performyze.com Failed
18	11

	Domain	Requested by
6	guornebeziya.com	1 redirects cdntechone.com guornebeziya.com
2	c2c82d5c7e.smapp.work	c2c82d5c7e.smapp.work
1	clk.tradedoubler.com	c2c82d5c7e.smapp.work
1	storage.googleapis.com	c2c82d5c7e.smapp.work
1	vurtaichu.net	guornebeziya.com
1	my.rtmark.net	guornebeziya.com
1	datatechone.com	cdntechone.com
1	cdntechone.com
1	v25.bvo8.com	1 redirects
0	vht.tradedoubler.com Failed	clk.tradedoubler.com
0	www.google-analytics.com Failed	c2c82d5c7e.smapp.work
0	farm.performyze.com Failed	storage.googleapis.com
18	12

This site contains no links.

Subject Issuer	Validity	Valid
cdntechone.com WE1	`2024-08-18` - `2024-11-16`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
guornebeziya.com R10	`2024-07-01` - `2024-09-29`	3 months	crt.sh
rtmark.net R11	`2024-08-30` - `2024-11-28`	3 months	crt.sh
*.smapp.work Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
storage.googleapis.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.tradedoubler.com Amazon RSA 2048 M02	`2024-08-07` - `2025-09-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://clk.tradedoubler.com/click?p=328374&a=3205862&g=25219194&epi=8d0d9ae6-f24f-4520-aeb5-a3fa99d3de42:e1e4bbc2c14c29b2dbe08ab65484db2f34270594
Frame ID: D4E55F3E850BA410CE08908473E1DDC6
Requests: 16 HTTP requests in this frame

Frame: https://storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIklUIiwgImNsaWNrX2lkIjogIjhkMGQ5YWU2LWYyNGYtNDUyMC1hZWI1LWEzZmE5OWQzZGU0MjplMWU0YmJjMmMxNGMyOWIyZGJlMDhhYjY1NDg0ZGIyZjM0MjcwNTk0In0=
Frame ID: FFFD6AA7ADA80978E8D7978E32373C64
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://v25.bvo8.com/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7414744442189381655&pub=26927&pid=26927-... HTTP 302
https://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf HTTP 302
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=26... Page URL
http://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf&acb=proxy-smart-link... HTTP 307
https://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf&acb=proxy-smart-link... Page URL
https://vurtaichu.net/?z=7252353&syncedCookie=true&rhd=false HTTP 302
https://c2c82d5c7e.smapp.work/trkclk/?pid=3143&cid=3269776&nofw&custom1=859063772160204817&custom3=&aff_su... Page URL
https://clk.tradedoubler.com/click?p=328374&a=3205862&g=25219194&epi=8d0d9ae6-f24f-4520-aeb5-a3fa99d3de42... Page URL

Page Statistics

18
Requests

67 %
HTTPS

0 %
IPv6

11
Domains

12
Subdomains

8
IPs

5
Countries

36 kB
Transfer

61 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://v25.bvo8.com/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7414744442189381655&pub=26927&pid=26927-eca23d8z&c=0&app=unknown&br=Chrome&os=[[os]]&d=Google+Chrome&ca=DZ+WiFi&a=0 HTTP 302
https://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf HTTP 302
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=26927-eca23d8z&clid={ymid}&r=http%3A%2F%2Fguornebeziya.com%2Flink%3Fz%3D7252352%26var%3D26927-eca23d8z%26ymid%3D6291cxs6jg6y9ebf%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628 Page URL
http://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628 HTTP 307
https://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628 Page URL
https://vurtaichu.net/?z=7252353&syncedCookie=true&rhd=false HTTP 302
https://c2c82d5c7e.smapp.work/trkclk/?pid=3143&cid=3269776&nofw&custom1=859063772160204817&custom3=&aff_sub_id=7252353&fw1=8623689 Page URL
https://clk.tradedoubler.com/click?p=328374&a=3205862&g=25219194&epi=8d0d9ae6-f24f-4520-aeb5-a3fa99d3de42:e1e4bbc2c14c29b2dbe08ab65484db2f34270594 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://v25.bvo8.com/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7414744442189381655&pub=26927&pid=26927-eca23d8z&c=0&app=unknown&br=Chrome&os=[[os]]&d=Google+Chrome&ca=DZ+WiFi&a=0 HTTP 302
https://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf HTTP 302
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=26927-eca23d8z&clid={ymid}&r=http%3A%2F%2Fguornebeziya.com%2Flink%3Fz%3D7252352%26var%3D26927-eca23d8z%26ymid%3D6291cxs6jg6y9ebf%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628

Request Chain 2

http://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628 HTTP 307
https://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628

Request Chain 8

https://vurtaichu.net/?z=7252353&syncedCookie=true&rhd=false HTTP 302
https://c2c82d5c7e.smapp.work/trkclk/?pid=3143&cid=3269776&nofw&custom1=859063772160204817&custom3=&aff_sub_id=7252353&fw1=8623689

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

r.html Show response
cdntechone.com/
Redirect Chain

https://v25.bvo8.com/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7414744442189381655&pub=26927&pid=26927-eca23d8z&c=0&app=unknown&br=Chrome&os=[[os]]&d=Google+Chrome&ca=DZ+WiFi&a=0
https://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=26927-eca23d8z&clid={ymid}&r=http%3A%2F%2Fguornebeziya.com%2Flink%3Fz%3D7252352%26var%3D26927-eca23d...

20 KB
9 KB

582ms
110ms

Document
text/html

188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=26927-eca23d8z&clid={ymid}&r=http%3A%2F%2Fguornebeziya.com%2Flink%3Fz%3D7252352%26var%3D26927-eca23d8z%26ymid%3D6291cxs6jg6y9ebf%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5f8b540ccf7bfb15d7c172f7b1c08124a65059ecf81430298b2075a8b733a63

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8c366bb059720d66-MXP
content-encoding: br
content-type: text/html
date: Sun, 15 Sep 2024 06:04:40 GMT
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8O%2FsJmywG2Miiv9efG%2B1Hc%2FyZAyn%2FVq7VpdvjggyEAQqFUKjzcN0WunPeLYTgD%2Fr%2FDo4sKpdafiJpKO86u3v1MFW8SYHOGJai0XOXEPgipA5et4T9yOW7x7nobLmKwZWuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Sun, 15 Sep 2024 06:04:39 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://cdntechone.com>; rel="dns-prefetch preconnect"
location: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=26927-eca23d8z&clid={ymid}&r=http%3A%2F%2Fguornebeziya.com%2Flink%3Fz%3D7252352%26var%3D26927-eca23d8z%26ymid%3D6291cxs6jg6y9ebf%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
x-content-type-options: nosniff

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
467 B 350ms
62ms XHR
text/plain 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853&ruid=d050af35-95bb-4ba7-907e-ce511335caf0
Requested by: Host: cdntechone.com
URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=26927-eca23d8z&clid={ymid}&r=http%3A%2F%2Fguornebeziya.com%2Flink%3Fz%3D7252352%26var%3D26927-eca23d8z%26ymid%3D6291cxs6jg6y9ebf%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Referer: https://cdntechone.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 15 Sep 2024 06:04:40 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://cdntechone.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

link Show response
guornebeziya.com/
Redirect Chain

http://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
https://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628

29 KB
14 KB

1140ms
1138ms

Document
text/html

139.45.196.64
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628

Requested by

Host: cdntechone.com
URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=26927-eca23d8z&clid={ymid}&r=http%3A%2F%2Fguornebeziya.com%2Flink%3Fz%3D7252352%26var%3D26927-eca23d8z%26ymid%3D6291cxs6jg6y9ebf%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c3680211a233f32dfd63ed09bca9abd99a89ab25ec64e23c779dafe6d7bbd35b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7252352&axcusid1=26927-eca23d8z&clid={ymid}&r=http%3A%2F%2Fguornebeziya.com%2Flink%3Fz%3D7252352%26var%3D26927-eca23d8z%26ymid%3D6291cxs6jg6y9ebf%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sun, 15 Sep 2024 06:04:40 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 0d30d46be0b6c68e8ec9c1ad5ea1ac8f

Redirect headers

Location: https://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 img.gif
my.rtmark.net/ 43 B
492 B 367ms
74ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0480d89c3c344fa9ebd91d2f973afd78&z=7252353&p_rid=93ca935a-7513-47be-94bc-d664b67f7acd&p_src=sf

Requested by

Host: guornebeziya.com
URL: https://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://guornebeziya.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 15 Sep 2024 06:04:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET sftouch
vurtaichu.net/ 0
0

POST
H2 200 add Show response
guornebeziya.com/log/ 12 B
386 B 117ms
115ms XHR
application/json 139.45.196.64
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://guornebeziya.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=93ca935a-7513-47be-94bc-d664b67f7acd

Requested by

Host: guornebeziya.com
URL: https://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 15 Sep 2024 06:04:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://guornebeziya.com
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length: 12

POST
H2 200 add Show response
guornebeziya.com/async_log/ 0
340 B 171ms
169ms XHR
text/plain 139.45.196.64
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://guornebeziya.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=93ca935a-7513-47be-94bc-d664b67f7acd

Requested by

Host: guornebeziya.com
URL: https://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 15 Sep 2024 06:04:42 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://guornebeziya.com
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length: 0

GET
H2 204 favicon.ico
guornebeziya.com/ 0
150 B 64ms
63ms Other
text/plain 139.45.196.64
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://guornebeziya.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://guornebeziya.com/link?z=7252352&var=26927-eca23d8z&ymid=6291cxs6jg6y9ebf&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=11628
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: public
date: Sun, 15 Sep 2024 06:04:42 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

/ Show response
c2c82d5c7e.smapp.work/trkclk/
Redirect Chain

https://vurtaichu.net/?z=7252353&syncedCookie=true&rhd=false
https://c2c82d5c7e.smapp.work/trkclk/?pid=3143&cid=3269776&nofw&custom1=859063772160204817&custom3=&aff_sub_id=7252353&fw1=8623689

4 KB
4 KB

364ms
201ms

Document
text/html

35.186.250.143
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c2c82d5c7e.smapp.work/trkclk/?pid=3143&cid=3269776&nofw&custom1=859063772160204817&custom3=&aff_sub_id=7252353&fw1=8623689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.250.143 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

143.250.186.35.bc.googleusercontent.com

Software

TornadoServer/5.1.1 /

Resource Hash

1aafc95c79d49a89837b7175d677ca138f1252a31ba5c058ed1a36d50b366dea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://guornebeziya.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
clickid: 8d0d9ae6-f24f-4520-aeb5-a3fa99d3de42:e1e4bbc2c14c29b2dbe08ab65484db2f34270594
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 15 Sep 2024 06:04:43 GMT
etag: W/"3722627df9a7cef306a9d31f07e77519c8148e18"
server: TornadoServer/5.1.1
via: 1.1 google
x-frame-options: SAMEORIGIN
x-service-version: 2.0.1

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://guornebeziya.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8c366bbeabd03757-MXP
content-length: 0
date: Sun, 15 Sep 2024 06:04:42 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://c2c82d5c7e.smapp.work>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://c2c82d5c7e.smapp.work/trkclk/?pid=3143&cid=3269776&nofw&custom1=859063772160204817&custom3=&aff_sub_id=7252353&fw1=8623689
pragma: no-cache
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 60db49dd3249f16e85e3ec63a94dcf3f

GET
H2 204 favicon.ico
guornebeziya.com/ 0
0 25ms
24ms Other
text/plain 139.45.196.64
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://guornebeziya.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://guornebeziya.com/afu.php?zoneid=7252353&var=7252353&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=1316100&sf=1&is_mobile=false
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: public
date: Sun, 15 Sep 2024 06:04:42 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.js Show response
storage.googleapis.com/performyze-conversion-farm/hank/ 3 KB
3 KB 547ms
40ms Script
application/javascript 172.217.16.219
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/performyze-conversion-farm/hank/main.js
Requested by: Host: c2c82d5c7e.smapp.work
URL: https://c2c82d5c7e.smapp.work/trkclk/?pid=3143&cid=3269776&nofw&custom1=859063772160204817&custom3=&aff_sub_id=7252353&fw1=8623689
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.219 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f27.1e100.net
Software: UploadServer /
Resource Hash: 29c778329e3f8015292955fc490e21c5de2e910f17e3d38faaca3193759f5935

Request headers

Referer: https://c2c82d5c7e.smapp.work/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 15 Sep 2024 05:26:32 GMT
age: 2291
x-guploader-uploadid: AD-8ljshICoxHFzZZax5BRWkn_j9ZxgoYX3voXRb0KZPL5qtY9jF3lI7vkaqQ1Pb9k8DxOIyQgeI4x-L7A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2731
last-modified: Thu, 12 Sep 2024 09:07:07 GMT
server: UploadServer
etag: "b4fe2da83f0fd2ea375d38dd50b7d5ce"
x-goog-generation: 1724615530303234
x-goog-hash: crc32c=grROfw==, md5=tP4tqD8P0uo3XTjdULfVzg==
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 2731
accept-ranges: bytes
expires: Sun, 15 Sep 2024 06:26:32 GMT

GET
H2 200 confirm.js Show response
c2c82d5c7e.smapp.work/api/v1/click/ 0
102 B 172ms
171ms Script
application/javascript 35.186.250.143
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c2c82d5c7e.smapp.work/api/v1/click/confirm.js?data=gAAAAABm5nj7zIUaTNAZ2-OQsVhsxgqwgnWtCrFGMdvQ5ggBt9V5ie8l6dtDPZuP_p0hbOwKsnk9aqldGzZ7fFjemyHk88PSHlvOlBMb2TwgqvQyLl6Caxi5AEwHQR128Fae_kVxDs94sx0_D1EFSzUzUCgYUTfAVYTVH4idobLymiQvRFn1rCneMFtbVw_4FCW1Vk4OQJb7rHzLFyzfwHk8DuvE7L6-M0gnNOiaegry7k0zVc1ulBi9B0Ss5jdxU9eCKncjU5dLD2qLS7HMLDRVtMZJJKv6FUY9D-uFnStpvfdhIkol2pUerb5PAaXImAUtMieemLkR7kiqqaNHDQLlH94CPMokvalas3fA0NJl077Vzjy5uBT7YUjaldNFIVPC-nEFTH6ZAYRncPPSpKcVOWCmMZKT_Dmq4fnxBPI_d0Q6Hdpcg3fMItdr2Au3WSpIKEcD4UkdGUj9kRoKULkgxpVrdP8mmjTVs2CgRyz-gX3TAISDgYZREA3JR6IUwgCEApdhvd1gy_lGrP12XXBDH13A3ffuLimnFTJp3XMwVXy9CIxwvZQ56IwAWdR1CYpDwFNMccw3bmxVzPhpHgDh9ZRyObdLj2LvKnMew7MknC8Mq35Q7XgeYlewd0hiRoEizIWLUOYSi2_nsm2QD4xVjorFgl9jIY_ZFCkkCKOn9ThxbOHVEZoxkjkIb5wBJWJjeNe26sc_nGX2M3vfX6ibu3lenCuAsDxzzwxJuk-SbeX-yZbp2L6SNWZ7uXuJCT5b0YGcPZgdrxUYmuoA1rjvTB5Lb7J0W1Db9MhAY-e-nJuMAOEGDbZw4-GQybigy1Z_WDg9uCNr0hV5U3946Q2QLjBRx_CuELat33eIvjRNkgCrLIXXgMetqulRS-01cENg3cy4mlriIlmbk4XgWayOxUIj4NuswKW1RZUXuY0fZwVFVzQScsQuTIP7uR1nAilmCdgQ1_8BJTtoMU_F3GvdEnrrX-2bYbOx_aIHqqZG6nHvDPjv0ud2dD1ygvUSbJQ7XwNN8u2V-ttrnr7kPBP29Cth5fQYUu_AzyhSDYSEInUIk7Px4GJ92sIrdkJAtoHrd4F5wiSMxiMCq_hOqPG9zg7ntB3r23x4fyfsZCEZxMJLiKBEb-wzsWsZFU13B-yCLOnY4lFVMnuqz2Y15Ekrmd_q3esboStMy_UviUxb0FmGSMzJFvw-kVVVLu7jyCUTHLSeKov0k-VgbzlNn1iVhLKMILkBl6S-3BKqpyHaJrvkaRquHMLfY0wK0Vo0QaPMsY3cB1LDDewxRuAeMCozQCs3zKG8wYpMKBPQEHO79obMe13KwS6k0fpM-0nlFgqnXYrSRg-nyba_biONgMd6SA51IwwedAaB72QT864ZVD5Fc3Dj-CJI_0zIpo_URQdybNcjzWwZSPhSOvM44gnNFDISmkOB0V65J9PhaIub6_qf0ug93qROgqb0FCjqDP_7hQyO3nbjk0IKfnupWoXleAvuwKjeaaFHGxZ8ILzh9veimL4ZdrnOPLiDOxmjY-fNWLkarX-fwYPg94TI8DVaxiPzvZ2ySR66x0rV0Fh15HUtIpMgKYDR924JibTjCQBrdOtFOHoPdJXbkO_hskn5UdjwbklYPK7lS6TycHugvkVx2P_uBDd1XY-wBmb6MxjQEbGspvDTXL1ADfUNC0h-vb6FaR_FuL49reSgieObEg34dsSJRHr0MaT1ZzOC5d6VhRV5ylUY9Jne-IeXzPwVEfuCztU6KhDLApc52ISwU_EkWyqboCiD3Bsx4-Cf8hTRBBUTIRpsMBNyVBeIKDaxaNrx4iKNPsCo40km0Br5ygPzFJPHy0oWrHduIfpPrN9iWsIvEgftyCxOb7Q0uh7J-U33Z9nKX_m2MYrGKPgJOJttulRV2zqz6HN6rY_L2OA_VlP6JFPHCucbKk5Ms9-y0S0YkQXjr1gBc9Ap63YIgnSbPm85FXCZUGsLUzCFnvshoft2Drb5V5ZnU407x-C-HpjnSS-dyu3ztbYm0ldXF9rCQST5mh7HCvphC7Z1KP7jWCxGZD6WHxv2MywdoIL_hXudESv9_UYiqnOJ3tSfwZmDzyaOTJdazEFyTDENRkOg7G5w3jJrU2DHA9NWWGWlRpCPN_7Chb8GLuPSpnbPqFXoFL18oNINoZv9jYzEpccs2iL2QcH-Y7AavbojH1IsBY3WT4-nYtejdTCUdhwusDjq6vuXjqpuOgxg6b2-YmUbrwwql5EYwjvUQha-9nlx4wUzP-e9NqEubWKWqxMLzKhRVVnbO4vZRXqXakKKuuCTPmQbKrd1ynRxX0MePZwRK7XI5NufweC_dL0VDZa1PPyZqVmPSauP5aoIsF5kg1AHafgqEzA8o7NhQmPE_vMTutkxNcu2JIf1dvOeAEtq099anp9npL7zO1y7YYTfh7appQllTrOTRUj9qCZXzkrHUZwujWJnFu9Q-mxMX5yWuPf92YakxRM24zmblznn-5dHikRuJh7MuqzMGU0rJEWcay8sRsP8k_rlQ07DEjQpoVDYcNA9J_Hb70v94_Mr123ShEMB-s3wtLno4ylcUE88K9qWVMgFvb5QWIrQ0KeWU0VPDc2OwFl2Ko7oNV4_i34YkyYqJFJTbzo1WtzrHI_0F19v5L9djw%3D%3D
Requested by: Host: c2c82d5c7e.smapp.work
URL: https://c2c82d5c7e.smapp.work/trkclk/?pid=3143&cid=3269776&nofw&custom1=859063772160204817&custom3=&aff_sub_id=7252353&fw1=8623689
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.250.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.250.186.35.bc.googleusercontent.com
Software: TornadoServer/5.1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c2c82d5c7e.smapp.work/trkclk/?pid=3143&cid=3269776&nofw&custom1=859063772160204817&custom3=&aff_sub_id=7252353&fw1=8623689
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 15 Sep 2024 06:04:43 GMT
via: 1.1 google
server: TornadoServer/5.1.1
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/javascript; charset=utf-8

POST collect
farm.performyze.com/api/hank/browserinfo/ 0
0

OPTIONS collect
farm.performyze.com/api/hank/browserinfo/ Frame 0
0

GET impressions.html
storage.googleapis.com/tmp-static/instal-impressions/ Frame FFFD 0
0

GET analytics.js
www.google-analytics.com/ 0
0

GET
H2 200 Primary Request click Show response
clk.tradedoubler.com/ 5 KB
5 KB 161ms
40ms Document
text/html 18.199.49.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.tradedoubler.com/click?p=328374&a=3205862&g=25219194&epi=8d0d9ae6-f24f-4520-aeb5-a3fa99d3de42:e1e4bbc2c14c29b2dbe08ab65484db2f34270594
Requested by: Host: c2c82d5c7e.smapp.work
URL: https://c2c82d5c7e.smapp.work/trkclk/?pid=3143&cid=3269776&nofw&custom1=859063772160204817&custom3=&aff_sub_id=7252353&fw1=8623689
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.199.49.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-199-49-32.eu-central-1.compute.amazonaws.com
Software: TXServerHttp /
Resource Hash: ded1b05d7c96f408bf8d296801d8282f28a5f3fea3c3f4ab5e4fbf15321a3889

Request headers

Referer: https://c2c82d5c7e.smapp.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Form-Factor, Sec-CH-UA-Model, Sec-CH-UA-WoW64
access-control-allow-credentials: true
access-control-allow-origin: https://c2c82d5c7e.smapp.work
cache-control: private, max-age=0
content-length: 4622
content-type: text/html; charset=ISO-8859-1
date: Sun, 15 Sep 2024 06:04:43 GMT
pragma: no-cache
referrer-policy: origin
server: TXServerHttp
vary: Origin

GET fpjs.js
vht.tradedoubler.com/fp/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vurtaichu.net
URL: https://vurtaichu.net/sftouch?userId=0480d89c3c344fa9ebd91d2f973afd78&z=7252353&p_rid=93ca935a-7513-47be-94bc-d664b67f7acd&p_src=sf&branchId=1316100&rb=E3u3T2uWpwAZMZV5IQQOXL4k_k4NuoCGG09IkY5pkAqKsdEcPPFyHEhBvad8_MyGEOuRfzgPn3sIpbawAHWM0NyQtM-MCc-6sO9ZOg6zgidIOI2_1UtjwU9DYpEewyQWqN4XV-hhsVoUslzlQCe5u3PlE0dNiYTOaNXcff-b5DdzfyBMUgt6An4fGG2kUHSbtzQLyXsrJFNZggbKIyjGPsZra5noiyedcx3mHYEY9F6dd3v2vxAXlKMdtaYIZBx4mXc9I7iMdPUovRTvTbMx35SBNB1-9UhKqEnfFg0qbfU1USq8RPHVELuZhEIxEzvQLRJg_QZ8yZUoLPzadJfOOHHaRCCOGf6R

Domain: farm.performyze.com
URL: https://farm.performyze.com/api/hank/browserinfo/collect

Domain: farm.performyze.com
URL: https://farm.performyze.com/api/hank/browserinfo/collect

Domain: storage.googleapis.com
URL: https://storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIklUIiwgImNsaWNrX2lkIjogIjhkMGQ5YWU2LWYyNGYtNDUyMC1hZWI1LWEzZmE5OWQzZGU0MjplMWU0YmJjMmMxNGMyOWIyZGJlMDhhYjY1NDg0ZGIyZjM0MjcwNTk0In0=

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/fpjs.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
v25.bvo8.com/	1970-01-20 23:34:26	Name: uclick Value: xs6jg6y9
v25.bvo8.com/	1970-01-20 23:34:26	Name: uclickhash Value: xs6jg6y9-xs6jg6y9-52bl-myoc-syj6-ghktbl-ghkt8n-af3854
guornebeziya.com/	1970-01-21 08:18:36	Name: OAID Value: 0480d89c3c344fa9ebd91d2f973afd78
guornebeziya.com/	1970-01-21 08:18:36	Name: oaidts Value: 1726380279
guornebeziya.com/	1970-01-20 23:34:26	Name: phpckd7252352 Value: true
guornebeziya.com/	1970-01-21 08:18:36	Name: allcnt Value: 1
my.rtmark.net/	1970-01-21 08:18:36	Name: ID Value: 0480d89c3c344fa9ebd91d2f973afd78
vurtaichu.net/	1970-01-21 08:18:36	Name: OAID Value: 0080d8f7b59f42bdea130beba3394ecc
vurtaichu.net/	1970-01-21 08:18:36	Name: oaidts Value: 1726380282
c2c82d5c7e.smapp.work/	1970-01-21 09:09:00	Name: cx_ntsl_i Value: 262a87ed-b4dc-4324-a335-92f36b5e2165
c2c82d5c7e.smapp.work/	1970-01-21 00:16:12	Name: instal-cookie Value: "2\|1:0\|10:1726380283\|13:instal-cookie\|124:eyIzMjY5Nzc2IjogIjhkMGQ5YWU2LWYyNGYtNDUyMC1hZWI1LWEzZmE5OWQzZGU0MjplMWU0YmJjMmMxNGMyOWIyZGJlMDhhYjY1NDg0ZGIyZjM0MjcwNTk0In0=\|5bf607af7ef9ca6266504dc634663b512bb022185c38ab7e5d2d55fbd27b2f03"
.tradedoubler.com/	1970-01-21 08:18:36	Name: GUID Value: 1z11zz195z1A4jRvzb84d0c53c53c5625a57fc7771f08e096

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c2c82d5c7e.smapp.work
cdntechone.com
clk.tradedoubler.com
datatechone.com
farm.performyze.com
guornebeziya.com
my.rtmark.net
storage.googleapis.com
v25.bvo8.com
vht.tradedoubler.com
vurtaichu.net
www.google-analytics.com
farm.performyze.com
storage.googleapis.com
vht.tradedoubler.com
vurtaichu.net
www.google-analytics.com
104.18.22.222
139.45.195.8
139.45.196.64
162.55.4.52
172.217.16.219
18.199.49.32
188.114.96.9
35.186.250.143
37.48.68.71
1aafc95c79d49a89837b7175d677ca138f1252a31ba5c058ed1a36d50b366dea
29c778329e3f8015292955fc490e21c5de2e910f17e3d38faaca3193759f5935
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
c3680211a233f32dfd63ed09bca9abd99a89ab25ec64e23c779dafe6d7bbd35b
d5f8b540ccf7bfb15d7c172f7b1c08124a65059ecf81430298b2075a8b733a63
ded1b05d7c96f408bf8d296801d8282f28a5f3fea3c3f4ab5e4fbf15321a3889
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

clk.tradedoubler.com Open in urlscan Pro 18.199.49.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

18 Requests

67 %HTTPS

0 %IPv6

11 Domains

12 Subdomains

8 IPs

5 Countries

36 kBTransfer

61 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

12 Cookies

Indicators

clk.tradedoubler.com Open in urlscan Pro
18.199.49.32 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

67 %
HTTPS

0 %
IPv6

11
Domains

12
Subdomains

8
IPs

5
Countries

36 kB
Transfer

61 kB
Size

12
Cookies

18 HTTP transactions
0 data transactions