cpi-offers.com Open in urlscan Pro
18.195.77.111 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://cpi-offers.com/fantastic.html
Submission: On March 26 via manual (March 26th 2022, 12:56:30 am UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 21 domains to perform 43 HTTP transactions. The main IP is 18.195.77.111, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com. The Cisco Umbrella rank of the primary domain is 31501.

This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 7	18.195.77.111 18.195.77.111	16509 (AMAZON-02) (AMAZON-02)
11 20	188.40.120.131 188.40.120.131	24940 (HETZNER-AS) (HETZNER-AS)
7 7	213.227.156.19 213.227.156.19	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 6	104.111.243.137 104.111.243.137	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.33.87.146 185.33.87.146	202015 (HZ-US-AS) (HZ-US-AS)
4 6	213.227.134.202 213.227.134.202	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4 7	213.227.135.213 213.227.135.213	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 3	213.227.135.207 213.227.135.207	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
6 9	213.227.134.198 213.227.134.198	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	136.243.5.28 136.243.5.28	24940 (HETZNER-AS) (HETZNER-AS)
1 1	168.119.91.184 168.119.91.184	24940 (HETZNER-AS) (HETZNER-AS)
3	213.227.134.200 213.227.134.200	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	116.202.135.114 116.202.135.114	24940 (HETZNER-AS) (HETZNER-AS)
1 1	143.204.215.111 143.204.215.111	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.74 143.204.215.74	16509 (AMAZON-02) (AMAZON-02)
1	34.225.38.196 34.225.38.196	14618 (AMAZON-AES) (AMAZON-AES)
6 6	213.227.134.236 213.227.134.236	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	84.110.34.195 84.110.34.195	8551 (BEZEQ-INT...) (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone)
1	47.241.22.124 47.241.22.124	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
2 2	173.212.201.66 173.212.201.66	51167 (CONTABO) (CONTABO)
2	144.91.99.171 144.91.99.171	51167 (CONTABO) (CONTABO)
4 4	212.7.209.75 212.7.209.75	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.227.134.204 213.227.134.204	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	199.127.206.103 199.127.206.103	26120 (RHYTHMONE) (RHYTHMONE)
1 1	188.114.96.7 188.114.96.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
43	17

7 18.195.77.111 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-77-111.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 188.40.120.131 (Germany) 11 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.131.120.40.188.clients.your-server.de

md412.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.allontrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 213.227.156.19 (Netherlands) 7 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appad.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
greengrass.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nexamob.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
olamob.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mookomedia.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.243.137 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-243-137.deploy.static.akamaitechnologies.com

offer.alibaba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.87.146 (Ashburn, United States)

ASN202015 (HZ-US-AS, BG)

direct2.knmasdfsdgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.227.134.202 (Netherlands) 4 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

go2.lkjlkjkljsdflkjsdfklsfjklsd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 213.227.135.213 (Netherlands) 4 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

zildd.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.135.207 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

media.appm.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 213.227.134.198 (Netherlands) 6 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appalgo.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 136.243.5.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.5.243.136.clients.your-server.de

apts.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.91.184 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.184.91.119.168.clients.your-server.de

spyke.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.134.200 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

apply.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.135.114 (Falkenstein, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.114.135.202.116.clients.your-server.de

appme.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.111 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-111.fra53.r.cloudfront.net

www.zaful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-74.fra53.r.cloudfront.net

de.zaful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.38.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-38-196.compute-1.amazonaws.com

trk.ad-serving-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.227.134.236 (Netherlands) 6 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ad-experience.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.110.34.195 (Netanya, Israel) 1 redirects

ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL)
PTR: bzq-84-110-34-195.static-ip.bezeqint.net

rewardsctr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.241.22.124 (Singapore, Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

admatic.offerstrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.212.201.66 (Nuremberg, Germany) 2 redirects

ASN51167 (CONTABO, DE)
PTR: m10082.contaboserver.net

ila3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.91.99.171 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: m12971.contaboserver.net

il32.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.7.209.75 (Netherlands) 4 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

t.9696.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.134.204 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

lambadapp.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.206.103 (United States)

ASN26120 (RHYTHMONE, US)

clk.taptica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.7 (Medellín, Colombia) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zainzuri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	g2afse.com 23 redirects appad.g2afse.com — Cisco Umbrella Rank: 42170 greengrass.g2afse.com — Cisco Umbrella Rank: 63765 zildd.g2afse.com — Cisco Umbrella Rank: 38848 appalgo.g2afse.com — Cisco Umbrella Rank: 52188 apply.g2afse.com — Cisco Umbrella Rank: 71744 nexamob.g2afse.com — Cisco Umbrella Rank: 41495 ad-experience.g2afse.com — Cisco Umbrella Rank: 50735 olamob.g2afse.com — Cisco Umbrella Rank: 42740 mookomedia.g2afse.com — Cisco Umbrella Rank: 58554	5 KB
18	allontrk.com 9 redirects c.allontrk.com — Cisco Umbrella Rank: 34171	2 KB
7	trckswrm.com 4 redirects md412.trckswrm.com — Cisco Umbrella Rank: 63184 apts.trckswrm.com — Cisco Umbrella Rank: 31820 spyke.trckswrm.com — Cisco Umbrella Rank: 50838 appme.trckswrm.com — Cisco Umbrella Rank: 71434	1 KB
7	cpi-offers.com 5 redirects cpi-offers.com — Cisco Umbrella Rank: 31501	5 KB
6	lkjlkjkljsdflkjsdfklsfjklsd.com 4 redirects go2.lkjlkjkljsdflkjsdfklsfjklsd.com — Cisco Umbrella Rank: 46018	577 B
6	alibaba.com 3 redirects offer.alibaba.com — Cisco Umbrella Rank: 26559	4 KB
4	9696.me 4 redirects t.9696.me — Cisco Umbrella Rank: 42530	877 B
3	appm.app 2 redirects media.appm.app — Cisco Umbrella Rank: 37296	336 B
2	il32.co il32.co — Cisco Umbrella Rank: 56111
2	ila3.co 2 redirects ila3.co — Cisco Umbrella Rank: 38422	598 B
2	zaful.com 1 redirects www.zaful.com — Cisco Umbrella Rank: 171545 de.zaful.com	327 B
2	knmasdfsdgs.com direct2.knmasdfsdgs.com — Cisco Umbrella Rank: 50935	276 B
1	google.com www.google.com — Cisco Umbrella Rank: 2
1	zainzuri.com 1 redirects zainzuri.com — Cisco Umbrella Rank: 56237	522 B
1	taptica.com clk.taptica.com — Cisco Umbrella Rank: 73437
1	offerstrack.net admatic.offerstrack.net — Cisco Umbrella Rank: 94174
1	rewardsctr.com 1 redirects rewardsctr.com — Cisco Umbrella Rank: 78941	346 B
1	ad-serving-ads.com trk.ad-serving-ads.com — Cisco Umbrella Rank: 39342
1	go2affise.com ttmma.go2affise.com Failed lambadapp.go2affise.com — Cisco Umbrella Rank: 51386	436 B
0	appsdeku.com Failed 424nlnw.appsdeku.com Failed 9h6ha0y.appsdeku.com Failed
0	soldbyphonder.com Failed direct4.soldbyphonder.com Failed
43	21

	Domain	Requested by
18	c.allontrk.com	9 redirects cpi-offers.com
9	appalgo.g2afse.com	6 redirects cpi-offers.com
7	zildd.g2afse.com	4 redirects cpi-offers.com
7	cpi-offers.com	5 redirects cpi-offers.com
6	ad-experience.g2afse.com	6 redirects
6	go2.lkjlkjkljsdflkjsdfklsfjklsd.com	4 redirects cpi-offers.com
6	offer.alibaba.com	3 redirects cpi-offers.com
4	t.9696.me	4 redirects
3	apply.g2afse.com	cpi-offers.com
3	apts.trckswrm.com	cpi-offers.com
3	media.appm.app	2 redirects cpi-offers.com
2	olamob.g2afse.com	2 redirects
2	il32.co	cpi-offers.com
2	ila3.co	2 redirects
2	direct2.knmasdfsdgs.com	cpi-offers.com
2	greengrass.g2afse.com	2 redirects
2	md412.trckswrm.com	2 redirects
1	www.google.com	cpi-offers.com
1	zainzuri.com	1 redirects
1	mookomedia.g2afse.com	1 redirects
1	clk.taptica.com	cpi-offers.com
1	lambadapp.go2affise.com	1 redirects
1	admatic.offerstrack.net	cpi-offers.com
1	rewardsctr.com	1 redirects
1	trk.ad-serving-ads.com	cpi-offers.com
1	nexamob.g2afse.com	1 redirects
1	de.zaful.com	cpi-offers.com
1	www.zaful.com	1 redirects
1	appme.trckswrm.com	1 redirects
1	spyke.trckswrm.com	1 redirects
1	appad.g2afse.com	1 redirects
0	9h6ha0y.appsdeku.com Failed	cpi-offers.com
0	424nlnw.appsdeku.com Failed	cpi-offers.com
0	ttmma.go2affise.com Failed	cpi-offers.com
0	direct4.soldbyphonder.com Failed	cpi-offers.com
43	35

This site contains no links.

Subject Issuer	Validity	Valid
*.knmasdfsdgs.com Go Daddy Secure Certificate Authority - G2	`2021-07-14` - `2022-08-15`	a year	crt.sh
apts.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2022-02-15` - `2022-05-16`	3 months	crt.sh
*.go2affise.com Go Daddy Secure Certificate Authority - G2	`2021-10-09` - `2022-11-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://cpi-offers.com/fantastic.html
Frame ID: 3421CEFD1C74FD12A0F950DE4D3E0410
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

43
Requests

12 %
HTTPS

4 %
IPv6

21
Domains

35
Subdomains

17
IPs

6
Countries

4 kB
Transfer

12 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://md412.trckswrm.com/click?offer_id=111482&pub_id=10&pub_click_id=NCT_iphone_de_ofid12989734_pidundefined_sub1,_sub2,_sub3,_nat1_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
https://appad.g2afse.com/click?pid=38&offer_id=423389&sub1=Aj6fBmMAAAF_w7kQFQADpPEAAAAsAAAABQ&sub2=44_10&sub6=&sub4=&sub7={publisher.app&sub8=2LpSlXNL4jSLgyBe8Aj1Ad__28_, HTTP 302
https://greengrass.g2afse.com/click?pid=256&offer_id=14316&sub1=623e649f4f0f7c0001d1ae4a&sub2=44_10&sub5= HTTP 302
https://offer.alibaba.com/cps/nnvonvi6?bm=cps&src=saf&tp1=623e649f29c8f60001aad92b&pid=256&tp2=623e649f4f0f7c0001d1ae4a&tp3=44_10 HTTP 302
https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=nnvonvi6&e=6

Request Chain 4

https://kuno-gae.com/com.id1274972321?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd HTTP 302
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=80a1fd04-ac9f-11ec-b046-0a550bb61e8d

Request Chain 5

https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=12789778&sub1=,&sub2=,&sub3=,_nat5&sub4=A53C8BE8-3D1F-4902-8FC4-BD6DFF9A035A&sub5=id1274972321&sub6=123820 HTTP 302
http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html

Request Chain 6

https://track.gowithads.com/click?pid=141&offer_id=2343482&sub1=NCT_iphone_de_ofid13266456_pidundefined_sub1,_sub2,_sub3,_nat6_sub4_sub5&sub2=123820undefined_,&sub4=id1274972321 HTTP 302
https://ttmma.go2affise.com/click?pid=224&offer_id=549261&sub1=623e649f81862200014f0eee&sub2=141_123820undefined_,&sub3=&sub4=&sub5=id1274972321&sub6=id1274972321&sub8=|2343482,141

Request Chain 7

https://zildd.g2afse.com/click?pid=35&offer_id=3312508&sub1=NCT_iphone_de_ofid12826310_pidundefined_sub1,_sub2,_sub3,_nat7_sub4_sub5&sub2=123820undefined_,&sub3=id1274972321&sub4=A53C8BE8-3D1F-4902-8FC4-BD6DFF9A035A HTTP 302
http://zildd.g2afse.com/disabled.html

Request Chain 8

https://c.allontrk.com/click?offer_id=209494&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070231_pidundefined_sub1,_sub2,_sub3,_nat8_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 9

https://media.appm.app/click?pid=185&offer_id=78451&sub1=NCT_iphone_de_ofid13200338_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&sub2=123820undefined&sub3=id1274972321&sub4=, HTTP 302
https://media.appm.app/sl?id=5c13c0a659b8ac00406bd7d4&pid=6&sub1=NCT_iphone_de_ofid13200338_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&sub2=185_123820undefined&sub3=id1274972321&sub5= HTTP 302
http://media.appm.app/disabled.html HTTP 307
https://media.appm.app/disabled.html

Request Chain 10

https://appalgo.g2afse.com/click?pid=76&offer_id=98063&sub1=NCT_iphone_de_ofid13287581_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&sub2=123820undefined_,&sub5=id1274972321 HTTP 302
http://appalgo.g2afse.com/disabled.html HTTP 302
https://appalgo.g2afse.com/disabled.html

Request Chain 12

https://spyke.trckswrm.com/click?offer_id=10892&pub_id=67&pub_click_id=NCT_iphone_de_ofid13245682_pidundefined_sub1,_sub2,_sub3,_nat12_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1003&cid=AjbkpUQAAAF_w7kQFAAAKowAAABDAAAAAA&sid=3&udid=&name=&info=SpykeSL&blockTime=0 HTTP 302
https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13206409&sub1=AjbkpUQAAAF_w7kQFAAAKowAAABDAAAAAA&sub2=3&sub3=SpykeSL_nat8&sub4=1B0DF068-EA70-4E0D-85C2-CC5ADE1B8EDA&sub5=id500963785&sub6=123820 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=12789778&sub1=&sub2=&sub3=TbLabq_nat5&sub4=DA5A8891-413E-434E-8FAE-718725D9B446&sub5=id1413942319&sub6=123820 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://zildd.g2afse.com/click?pid=35&offer_id=3418973&sub1=NCT_iphone_de_ofid13063120_pid616_sub1_sub2_sub3TbLabq_nat9_sub4_sub5&sub2=123820616_&sub3=id500963785 HTTP 302
http://zildd.g2afse.com/disabled.html

Request Chain 14

https://md412.trckswrm.com/click?offer_id=237277&pub_id=10&pub_click_id=NCT_iphone_de_ofid13243401_pidundefined_sub1,_sub2,_sub3,_nat14_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
https://appme.trckswrm.com/click?offer_id=12600&pub_id=5&pub_click_id=AsGSw1gAAAF_w7kQFAADilkAAAAsAAAABQ&pub_sub_id=44_10&pub_sub_sub_id=10&app_store_id=&gaid=&idfa=&app=id1274972321 HTTP 302
https://greengrass.g2afse.com/click?pid=346&offer_id=771&sub1=Aqa1s4YAAAF_w7kQSgAAMTgAAAAFAAAAAA&sub2=5&sub5=&sub6=id1274972321 HTTP 302
https://www.zaful.com/?lkid=82490100?cid=623e649fb64a9f000152ad80&subid=346_5 HTTP 301
https://de.zaful.com/?admitad_uid=70bf0b5e26d195d22b583269abae7a71&utm_source=admitad&tagtag_uid=70bf0b5e26d195d22b583269abae7a71

Request Chain 16

https://nexamob.g2afse.com/click?pid=15&offer_id=254156&sub1=NCT_iphone_de_ofid13251124_pidundefined_sub1,_sub2,_sub3,_nat16_sub4_sub5&sub2=123820undefined_,&sub3=id1274972321&sub5=id1274972321 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01

Request Chain 17

https://ad-experience.g2afse.com/click?pid=2&offer_id=670664&sub1=NCT_iphone_de_ofid12833536_pidundefined_sub1,_sub2,_sub3,_nat17_sub4_sub5&sub2=123820undefined_,&sub5=id1274972321 HTTP 302
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=670664&sub3=2 HTTP 302
https://rewardsctr.com/t/952530?A1=623e649f1a33cb00012a16dd&A5=1_670664&A4=&A3=2_&A2=2_&pip=138.199.38.134&plang=DE&pua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F99.0.4844.51+Safari%2F537.36 HTTP 302
http://admatic.offerstrack.net/index.php?offer_id=1329&aff_id=1062&aff_sub1=11ecac9f80af4370bc9b951d0832493d_952530_73119&aff_sub2=2079_1_670664&aff_sub3=

Request Chain 18

https://ila3.co/o/252335?p=17&aff_clickid=NCT_iphone_de_ofid13288110_pidundefined_sub1,_sub2,_sub3,_nat18_sub4_sub5&sub1=123820undefined&sub2=,&app_name=id1274972321&bundle_id=id1274972321 HTTP 302
https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=17_123820undefined&target=1440147115

Request Chain 19

https://ad-experience.g2afse.com/click?pid=2&offer_id=700268&sub1=NCT_iphone_de_ofid13268569_pidundefined_sub1,_sub2,_sub3,_nat19_sub4_sub5&sub2=123820undefined_,&sub5=id1274972321 HTTP 302
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=700268&sub3=2 HTTP 302
https://olamob.g2afse.com/click?pid=38&offer_id=976424&sub1=623e649f0ebe230001075017&sub2=1_700268&sub3=2&sub4=&sub8=|668500,1 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://appalgo.g2afse.com/click?pid=76&offer_id=98063&sub1=NCT_iphone_de_ofid13287581_pid616_sub1_sub238_sub3OlaMobSL_nat10_sub4_sub5&sub2=123820616_38&sub5=id339532909 HTTP 302
http://appalgo.g2afse.com/disabled.html HTTP 302
https://appalgo.g2afse.com/disabled.html

Request Chain 20

https://zildd.g2afse.com/click?pid=35&offer_id=3474387&sub1=NCT_iphone_de_ofid13293241_pidundefined_sub1,_sub2,_sub3,_nat20_sub4_sub5&sub2=123820undefined_,&sub3=id1274972321 HTTP 302
http://zildd.g2afse.com/disabled.html

Request Chain 21

https://mookomedia.g2afse.com/click?pid=42&offer_id=260469&sub1=NCT_iphone_de_ofid12699272_pidundefined_sub1,_sub2,_sub3,_nat21_sub4_sub5&sub4=123820undefined_,&sub5=id1274972321 HTTP 302
https://424nlnw.appsdeku.com/424nlnw?p=42_123820undefined_,&sid=623e649ff5ab980001df15a6&android_id=&android_a_id=&idfa=&app_id=id1274972321&param1=

Request Chain 22

https://mookomedia.g2afse.com/click?pid=42&offer_id=260470&sub1=NCT_iphone_de_ofid12699274_pidundefined_sub1,_sub2,_sub3,_nat22_sub4_sub5&sub4=123820undefined_,&sub5=id1274972321 HTTP 302
https://9h6ha0y.appsdeku.com/9h6ha0y?p=42_123820undefined_,&sid=623e649f447f4000014de00d&android_id=&android_a_id=&idfa=&app_id=id1274972321&param1=

Request Chain 23

https://c.allontrk.com/click?offer_id=210803&pub_id=646&pub_click_id=NCT_iphone_de_ofid13069388_pidundefined_sub1,_sub2,_sub3,_nat23_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 25

https://zildd.g2afse.com/click?pid=35&offer_id=2482829&sub1=NCT_iphone_de_ofid12900114_pidundefined_sub1,_sub2,_sub3,_nat25_sub4_sub5&sub2=123820undefined_,&sub3=id1274972321 HTTP 302
https://ila3.co/o/15702?p=3&aff_clickid=623e649fcead3b0001a4889a&sub2=123820undefined_,&sub1=35_123820undefined_,&app_name=id1274972321&idfa=&gaid= HTTP 302
https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_z2uc21an6ud7v8&target=1014949597

Request Chain 26

https://ad-experience.g2afse.com/click?pid=2&offer_id=689888&sub1=NCT_iphone_de_ofid13221330_pidundefined_sub1,_sub2,_sub3,_nat26_sub4_sub5&sub2=123820undefined_,&sub5=id1274972321 HTTP 302
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=689888&sub3=2 HTTP 302
https://olamob.g2afse.com/click?pid=38&offer_id=1148806&sub1=623e649fd31e150001402767&sub2=1_689888&sub3=2&sub4=&sub8=|683470,1 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://c.allontrk.com/click?offer_id=208177&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070314_pid616_sub1_sub238_sub3OlaMobSL_nat14_sub4_sub5&pub_sub_id=123820616&pub_sub_sub_id=38&app=id1360098321 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 27

https://t.9696.me/click?pid=868&offer_id=146523&sub4=NCT_iphone_de_ofid13218334_pidundefined_sub1,_sub2,_sub3,_nat27_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id1274972321 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1274972321&sub1=868_4850undefined&sub2=868_4850undefined_, HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=623e649fcca7ec00013aeb9c&pid=868_4850undefined&adid= HTTP 302
http://offer.alibaba.com/product/w404 HTTP 307
https://offer.alibaba.com/product/w404

Request Chain 28

https://c.allontrk.com/click?offer_id=180272&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid12802107_pidundefined_sub1,_sub2,_sub3,_nat28_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 30

https://t.9696.me/click?pid=868&offer_id=147249&sub4=NCT_iphone_de_ofid13288678_pidundefined_sub1,_sub2,_sub3,_nat30_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id1274972321 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1274972321&sub1=868_4850undefined&sub2=868_4850undefined_, HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=623e649f5614270001893c75&pid=868_4850undefined&adid= HTTP 302
http://offer.alibaba.com/product/w404 HTTP 307
https://offer.alibaba.com/product/w404

Request Chain 31

https://c.allontrk.com/click?offer_id=158605&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13075001_pidundefined_sub1,_sub2,_sub3,_nat31_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 32

https://ad-experience.g2afse.com/click?pid=2&offer_id=703552&sub1=NCT_iphone_de_ofid13289166_pidundefined_sub1,_sub2,_sub3,_nat32_sub4_sub5&sub2=123820undefined_,&sub5=id1274972321 HTTP 302
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=703552&sub3=2 HTTP 302
https://olamob.g2afse.com/click?pid=38&offer_id=1157962&sub1=623e649fd31e150001402768&sub2=1_703552&sub3=2&sub4=&sub8=|683818,1 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://kuno-gae.com/com.id1360098321?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd HTTP 302
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=80a1fd04-ac9f-11ec-bbbb-0ab08a1544e1

Request Chain 34

https://lambadapp.go2affise.com/click?pid=46&offer_id=4143960&sub1=NCT_iphone_de_ofid13289449_pidundefined_sub1,_sub2,_sub3,_nat34_sub4_sub5&sub2=123820undefined_,&sub3=id1274972321 HTTP 302
https://clk.taptica.com/aff_c?ver=bulk&tt_ls=b&offer_id=36672277&tt_appid=1535455615&aff_id=2236286&tt_bannerid=&tt_aff_clickid=623e649f50f6b100017db7d6&tt_sub_aff=46_123820undefined_,&tt_idfa=&tt_advertising_id=&tt_app_name=id1274972321

Request Chain 35

https://c.allontrk.com/click?offer_id=164938&pub_id=646&pub_click_id=NCT_iphone_de_ofid13074409_pidundefined_sub1,_sub2,_sub3,_nat35_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 36

https://c.allontrk.com/click?offer_id=210720&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13074236_pidundefined_sub1,_sub2,_sub3,_nat36_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 37

https://mookomedia.g2afse.com/click?pid=42&offer_id=260213&sub1=NCT_iphone_de_ofid12685080_pidundefined_sub1,_sub2,_sub3,_nat37_sub4_sub5&sub4=123820undefined_,&sub5=id1274972321 HTTP 302
https://appalgo.g2afse.com/click?pid=304&offer_id=91836&sub1=623e649ff4429a0001d1de9c&sub2=42_123820undefined_,&sub3=&sub4=&sub5=id1274972321 HTTP 302
http://appalgo.g2afse.com/disabled.html HTTP 302
https://appalgo.g2afse.com/disabled.html

Request Chain 38

https://c.allontrk.com/click?offer_id=203745&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070488_pidundefined_sub1,_sub2,_sub3,_nat38_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 39

https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=13270325&sub1=,&sub2=,&sub3=,_nat39&sub4=A53C8BE8-3D1F-4902-8FC4-BD6DFF9A035A&sub5=id1274972321&sub6=123820 HTTP 302
http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html

Request Chain 40

https://c.allontrk.com/click?offer_id=207764&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071022_pidundefined_sub1,_sub2,_sub3,_nat40_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 41

https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
https://www.google.com/

43 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request fantastic.html Show response cpi-offers.com/	9 KB 2 KB	23ms 10ms	Document text/html	18.195.77.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 18.195.77.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-77-111.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `ec9cde82b67a8c70b2c9bc38e5e4a7c970615c497d4cb9df9428c9af2e84dc41` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Sat, 26 Mar 2022 00:55:59 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Server nginx/1.14.1 X-Powered-By Express Access-Control-Allow-Origin * ETag W/"2450-vb3epa17UD/CuZIHY14HK9Ol1iE" Vary Accept-Encoding Content-Encoding gzip
GET H/1.1	200 OK	main.js Show response cpi-offers.com/jsf/	3 KB 1 KB	8ms 8ms	Script application/javascript	18.195.77.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cpi-offers.com/jsf/main.js Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 18.195.77.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-77-111.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 00:55:59 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Thu, 24 Mar 2022 09:51:10 GMT Server nginx/1.14.1 X-Powered-By Express Etag "289122-2720-1648115470000" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin * cache-control max-age=3600 Connection keep-alive
GET H2	200	/ offer.alibaba.com/ Redirect Chain https://md412.trckswrm.com/click?offer_id=111482&pub_id=10&pub_click_id=NCT_iphone_de_ofid12989734_pidundefined_sub1,_sub2,_sub3,_nat1_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id12... https://appad.g2afse.com/click?pid=38&offer_id=423389&sub1=Aj6fBmMAAAF_w7kQFQADpPEAAAAsAAAABQ&sub2=44_10&sub6=&sub4=&sub7={publisher.app&sub8=2LpSlXNL4jSLgyBe8Aj1Ad__28_, https://greengrass.g2afse.com/click?pid=256&offer_id=14316&sub1=623e649f4f0f7c0001d1ae4a&sub2=44_10&sub5= https://offer.alibaba.com/cps/nnvonvi6?bm=cps&src=saf&tp1=623e649f29c8f60001aad92b&pid=256&tp2=623e649f4f0f7c0001d1ae4a&tp3=44_10 https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=nnvonvi6&e=6	0 0	151ms 151ms	Stylesheet text/html	104.111.243.137 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=nnvonvi6&e=6 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-137.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers strict-transport-security max-age=31536000 ; includeSubDomains, max-age=31536000 x-content-type-options nosniff timing-allow-origin * p3p CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' server-timing rt;dur=0.022,eagleid;desc=2101e37e16482561599634758edf74 content-length 10 x-xss-protection 1; mode=block x-application-context arcadia:7001 havana_s_tag 285873024335988\|134217728^\|^^ referrer-policy unsafe-url havana_s_v 4.0.2.6 x-frame-options DENY date Sat, 26 Mar 2022 00:56:00 GMT havana_s_ip 45707956496f436e6d455a58722b466e location https://offer.alibaba.com?bm=cps&src=saf&cps_sk=nnvonvi6&e=6 havana_s_group havana-session content-language de-DE pragma no-cache havana_s_tid 2101e37e16482561599634758edf74 havana_s_status STATUS_NOT_EXISTED cache-control max-age=0, no-cache, no-store edge-type akamai content-type text/html;charset=UTF-8 eagleid 2101e37e16482561599634758edf74 havana_s_ucode USEAST:USEAST expires Sat, 26 Mar 2022 00:56:00 GMT
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	319ms 115ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=123820undefined&q= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 00:55:59 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	393ms 189ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=123820undefined&q= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 00:55:59 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET		redirect direct4.soldbyphonder.com/ Redirect Chain https://kuno-gae.com/com.id1274972321?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=80a1fd04-ac9f-11ec-b046-0a550bb61e8d	0 0

GET H/1.1	200 OK	disabled.html go2.lkjlkjkljsdflkjsdfklsfjklsd.com/ Redirect Chain https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=12789778&sub1=,&sub2=,&sub3=,_nat5&sub4=A53C8BE8-3D1F-4902-8FC4-BD6DFF9A035A&sub5=id1274972321&sub6=123820 http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html	0 0	25ms 13ms	Stylesheet text/html	213.227.134.202 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 213.227.134.202 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers location http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html date Sat, 26 Mar 2022 00:55:59 GMT server nginx access-control-allow-origin * content-length 0
GET		click ttmma.go2affise.com/ Redirect Chain https://track.gowithads.com/click?pid=141&offer_id=2343482&sub1=NCT_iphone_de_ofid13266456_pidundefined_sub1,_sub2,_sub3,_nat6_sub4_sub5&sub2=123820undefined_,&sub4=id1274972321 https://ttmma.go2affise.com/click?pid=224&offer_id=549261&sub1=623e649f81862200014f0eee&sub2=141_123820undefined_,&sub3=&sub4=&sub5=id1274972321&sub6=id1274972321&sub8=\|2343482,141	0 0

GET H/1.1	200 OK	disabled.html zildd.g2afse.com/ Redirect Chain https://zildd.g2afse.com/click?pid=35&offer_id=3312508&sub1=NCT_iphone_de_ofid12826310_pidundefined_sub1,_sub2,_sub3,_nat7_sub4_sub5&sub2=123820undefined_,&sub3=id1274972321&sub4=A53C8BE8-3D1F-4902... http://zildd.g2afse.com/disabled.html	0 0	28ms 14ms	Stylesheet text/html	213.227.135.213 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://zildd.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 213.227.135.213 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers location http://zildd.g2afse.com/disabled.html date Sat, 26 Mar 2022 00:55:59 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=209494&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070231_pidundefined_sub1,_sub2,_sub3,_nat8_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id12749... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	23ms 12ms	Stylesheet text/plain	188.40.120.131 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.131.120.40.188.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 00:55:59 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Sat, 26 Mar 2022 00:55:59 GMT referrer-policy no-referrer content-length 0
GET H2	200	disabled.html media.appm.app/ Redirect Chain https://media.appm.app/click?pid=185&offer_id=78451&sub1=NCT_iphone_de_ofid13200338_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&sub2=123820undefined&sub3=id1274972321&sub4=, https://media.appm.app/sl?id=5c13c0a659b8ac00406bd7d4&pid=6&sub1=NCT_iphone_de_ofid13200338_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&sub2=185_123820undefined&sub3=id1274972321&sub5= http://media.appm.app/disabled.html https://media.appm.app/disabled.html	0 0	13ms 13ms	Stylesheet text/html	213.227.135.207 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://media.appm.app/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 213.227.135.207 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers Location https://media.appm.app/disabled.html Non-Authoritative-Reason HSTS Cross-Origin-Resource-Policy Cross-Origin
GET H2	200	disabled.html appalgo.g2afse.com/ Redirect Chain https://appalgo.g2afse.com/click?pid=76&offer_id=98063&sub1=NCT_iphone_de_ofid13287581_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&sub2=123820undefined_,&sub5=id1274972321 http://appalgo.g2afse.com/disabled.html https://appalgo.g2afse.com/disabled.html	0 0	13ms 13ms	Stylesheet text/html	213.227.134.198 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://appalgo.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 213.227.134.198 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers Location https://appalgo.g2afse.com/disabled.html Date Sat, 26 Mar 2022 00:55:59 GMT Server nginx Connection keep-alive Content-Length 138 Content-Type text/html
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	60ms 14ms	Stylesheet text/plain	136.243.5.28 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=735313&pub_id=9&pub_click_id=NCT_iphone_de_ofid13255392_pidundefined_sub1,_sub2,_sub3,_nat11_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.243.5.28 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.28.5.243.136.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 00:55:59 GMT content-length 0
GET H/1.1	200 OK	disabled.html zildd.g2afse.com/ Redirect Chain https://spyke.trckswrm.com/click?offer_id=10892&pub_id=67&pub_click_id=NCT_iphone_de_ofid13245682_pidundefined_sub1,_sub2,_sub3,_nat12_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id12... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1003&cid=AjbkpUQAAAF_w7kQFAAAKowAAABDAAAAAA&sid=3&udid=&name=&info=SpykeSL&blockTime=0 https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13206409&sub1=AjbkpUQAAAF_w7kQFAAAKowAAABDAAAAAA&sub2=3&sub3=SpykeSL_nat8&sub4=1B0DF068-EA70-4E0D-85C2-CC5ADE1B8EDA&sub5=id5009637... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=12789778&sub1=&sub2=&sub3=TbLabq_nat5&sub4=DA5A8891-413E-434E-8FAE-718725D9B446&sub5=id1413942319&sub6=123820 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://zildd.g2afse.com/click?pid=35&offer_id=3418973&sub1=NCT_iphone_de_ofid13063120_pid616_sub1_sub2_sub3TbLabq_nat9_sub4_sub5&sub2=123820616_&sub3=id500963785 http://zildd.g2afse.com/disabled.html	0 0	26ms 13ms	Stylesheet text/html	213.227.135.213 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://zildd.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 213.227.135.213 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers location http://zildd.g2afse.com/disabled.html date Sat, 26 Mar 2022 00:55:59 GMT server nginx access-control-allow-origin * content-length 0
GET H2	404	click apply.g2afse.com/	0 0	58ms 12ms	Stylesheet text/html	213.227.134.200 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apply.g2afse.com/click?pid=3&offer_id=92161&sub1=NCT_iphone_de_ofid12622676_pidundefined_sub1,_sub2,_sub3,_nat13_sub4_sub5&sub4=id1274972321&sub2=123820undefined_, Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.134.200 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H2	200	/ de.zaful.com/ Redirect Chain https://md412.trckswrm.com/click?offer_id=237277&pub_id=10&pub_click_id=NCT_iphone_de_ofid13243401_pidundefined_sub1,_sub2,_sub3,_nat14_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1... https://appme.trckswrm.com/click?offer_id=12600&pub_id=5&pub_click_id=AsGSw1gAAAF_w7kQFAADilkAAAAsAAAABQ&pub_sub_id=44_10&pub_sub_sub_id=10&app_store_id=&gaid=&idfa=&app=id1274972321 https://greengrass.g2afse.com/click?pid=346&offer_id=771&sub1=Aqa1s4YAAAF_w7kQSgAAMTgAAAAFAAAAAA&sub2=5&sub5=&sub6=id1274972321 https://www.zaful.com/?lkid=82490100?cid=623e649fb64a9f000152ad80&subid=346_5 https://de.zaful.com/?admitad_uid=70bf0b5e26d195d22b583269abae7a71&utm_source=admitad&tagtag_uid=70bf0b5e26d195d22b583269abae7a71	0 0	87ms 24ms	Stylesheet text/html	143.204.215.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://de.zaful.com/?admitad_uid=70bf0b5e26d195d22b583269abae7a71&utm_source=admitad&tagtag_uid=70bf0b5e26d195d22b583269abae7a71 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 143.204.215.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-74.fra53.r.cloudfront.net Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers date Thu, 24 Mar 2022 11:17:44 GMT via 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront) server CloudFront age 135495 x-cache Hit from cloudfront content-type text/html location https://de.zaful.com/?admitad_uid=70bf0b5e26d195d22b583269abae7a71&utm_source=admitad&tagtag_uid=70bf0b5e26d195d22b583269abae7a71 x-amz-cf-pop FRA53-C1 content-length 216 x-amz-cf-id 95xxx9dnuJOA3gRwBtnoOKhs4VgrnVZAxjjOhLKKn--rPShQmsupaA==
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	57ms 12ms	Stylesheet text/plain	136.243.5.28 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=767953&pub_id=55&pub_click_id=NCT_iphone_de_ofid13293325_pidundefined_sub1,_sub2,_sub3,_nat15_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.243.5.28 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.28.5.243.136.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 00:55:59 GMT content-length 0
GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://nexamob.g2afse.com/click?pid=15&offer_id=254156&sub1=NCT_iphone_de_ofid13251124_pidundefined_sub1,_sub2,_sub3,_nat16_sub4_sub5&sub2=123820undefined_,&sub3=id1274972321&sub5=id1274972321 https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01	0 0	318ms 100ms	Stylesheet text/html	34.225.38.196 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 34.225.38.196 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-225-38-196.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 00:56:00 GMT content-length 13 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 date Sat, 26 Mar 2022 00:55:59 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	index.php admatic.offerstrack.net/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=670664&sub1=NCT_iphone_de_ofid12833536_pidundefined_sub1,_sub2,_sub3,_nat17_sub4_sub5&sub2=123820undefined_,&sub5=id1274972321 http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=670664&sub3=2 https://rewardsctr.com/t/952530?A1=623e649f1a33cb00012a16dd&A5=1_670664&A4=&A3=2_&A2=2_&pip=138.199.38.134&plang=DE&pua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28K... http://admatic.offerstrack.net/index.php?offer_id=1329&aff_id=1062&aff_sub1=11ecac9f80af4370bc9b951d0832493d_952530_73119&aff_sub2=2079_1_670664&aff_sub3=	0 0	1542ms 328ms	Stylesheet text/html	47.241.22.124 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL http://admatic.offerstrack.net/index.php?offer_id=1329&aff_id=1062&aff_sub1=11ecac9f80af4370bc9b951d0832493d_952530_73119&aff_sub2=2079_1_670664&aff_sub3= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 47.241.22.124 Singapore, Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers Location http://admatic.offerstrack.net/index.php?offer_id=1329&aff_id=1062&aff_sub1=11ecac9f80af4370bc9b951d0832493d_952530_73119&aff_sub2=2079_1_670664&aff_sub3= Date Sat, 26 Mar 2022 00:56:00 GMT Content-Length 850 Vary Accept-Encoding Content-Type text/html; charset=utf-8
GET H/1.1	404 Not Found	ps il32.co/ Redirect Chain https://ila3.co/o/252335?p=17&aff_clickid=NCT_iphone_de_ofid13288110_pidundefined_sub1,_sub2,_sub3,_nat18_sub4_sub5&sub1=123820undefined&sub2=,&app_name=id1274972321&bundle_id=id1274972321 https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=17_123820undefined&target=1440147115	0 0	3468ms 10ms	Stylesheet text/html	144.91.99.171 CONTABO
General Check archive.org Show headers Download Go to Full URL https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=17_123820undefined&target=1440147115 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 144.91.99.171 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS m12971.contaboserver.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers Location https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=17_123820undefined&target=1440147115 Pragma no-cache Date Sat, 26 Mar 2022 00:55:59 GMT Cache-Control no-store, no-cache, must-revalidate Expires 0 Content-Length 0 Content-Type text/html; charset=utf-8
GET H2	200	disabled.html appalgo.g2afse.com/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=700268&sub1=NCT_iphone_de_ofid13268569_pidundefined_sub1,_sub2,_sub3,_nat19_sub4_sub5&sub2=123820undefined_,&sub5=id1274972321 http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=700268&sub3=2 https://olamob.g2afse.com/click?pid=38&offer_id=976424&sub1=623e649f0ebe230001075017&sub2=1_700268&sub3=2&sub4=&sub8=\|668500,1 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 https://appalgo.g2afse.com/click?pid=76&offer_id=98063&sub1=NCT_iphone_de_ofid13287581_pid616_sub1_sub238_sub3OlaMobSL_nat10_sub4_sub5&sub2=123820616_38&sub5=id339532909 http://appalgo.g2afse.com/disabled.html https://appalgo.g2afse.com/disabled.html	0 0	13ms 13ms	Stylesheet text/html	213.227.134.198 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://appalgo.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 213.227.134.198 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers Location https://appalgo.g2afse.com/disabled.html Date Sat, 26 Mar 2022 00:55:59 GMT Server nginx Connection keep-alive Content-Length 138 Content-Type text/html
GET H/1.1	200 OK	disabled.html zildd.g2afse.com/ Redirect Chain https://zildd.g2afse.com/click?pid=35&offer_id=3474387&sub1=NCT_iphone_de_ofid13293241_pidundefined_sub1,_sub2,_sub3,_nat20_sub4_sub5&sub2=123820undefined_,&sub3=id1274972321 http://zildd.g2afse.com/disabled.html	0 0	27ms 13ms	Stylesheet text/html	213.227.135.213 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://zildd.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 213.227.135.213 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers location http://zildd.g2afse.com/disabled.html date Sat, 26 Mar 2022 00:55:59 GMT server nginx access-control-allow-origin * content-length 0
GET		424nlnw 424nlnw.appsdeku.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=260469&sub1=NCT_iphone_de_ofid12699272_pidundefined_sub1,_sub2,_sub3,_nat21_sub4_sub5&sub4=123820undefined_,&sub5=id1274972321 https://424nlnw.appsdeku.com/424nlnw?p=42_123820undefined_,&sid=623e649ff5ab980001df15a6&android_id=&android_a_id=&idfa=&app_id=id1274972321&param1=	0 0

GET		9h6ha0y 9h6ha0y.appsdeku.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=260470&sub1=NCT_iphone_de_ofid12699274_pidundefined_sub1,_sub2,_sub3,_nat22_sub4_sub5&sub4=123820undefined_,&sub5=id1274972321 https://9h6ha0y.appsdeku.com/9h6ha0y?p=42_123820undefined_,&sid=623e649f447f4000014de00d&android_id=&android_a_id=&idfa=&app_id=id1274972321&param1=	0 0

GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=210803&pub_id=646&pub_click_id=NCT_iphone_de_ofid13069388_pidundefined_sub1,_sub2,_sub3,_nat23_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	24ms 12ms	Stylesheet text/plain	188.40.120.131 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.131.120.40.188.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 00:55:59 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Sat, 26 Mar 2022 00:55:59 GMT referrer-policy no-referrer content-length 0
GET H2	404	click apply.g2afse.com/	0 0	57ms 13ms	Stylesheet text/html	213.227.134.200 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apply.g2afse.com/click?pid=3&offer_id=14467&sub1=NCT_iphone_de_ofid12667047_pidundefined_sub1,_sub2,_sub3,_nat24_sub4_sub5&sub4=id1274972321&sub2=123820undefined_, Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.134.200 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H/1.1	404 Not Found	ps il32.co/ Redirect Chain https://zildd.g2afse.com/click?pid=35&offer_id=2482829&sub1=NCT_iphone_de_ofid12900114_pidundefined_sub1,_sub2,_sub3,_nat25_sub4_sub5&sub2=123820undefined_,&sub3=id1274972321 https://ila3.co/o/15702?p=3&aff_clickid=623e649fcead3b0001a4889a&sub2=123820undefined_,&sub1=35_123820undefined_,&app_name=id1274972321&idfa=&gaid= https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_z2uc21an6ud7v8&target=1014949597	0 0	3439ms 11ms	Stylesheet text/html	144.91.99.171 CONTABO
General Check archive.org Show headers Download Go to Full URL https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_z2uc21an6ud7v8&target=1014949597 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 144.91.99.171 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS m12971.contaboserver.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers Location https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_z2uc21an6ud7v8&target=1014949597 Pragma no-cache Date Sat, 26 Mar 2022 00:55:59 GMT Cache-Control no-store, no-cache, must-revalidate Expires 0 Content-Length 0 Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=689888&sub1=NCT_iphone_de_ofid13221330_pidundefined_sub1,_sub2,_sub3,_nat26_sub4_sub5&sub2=123820undefined_,&sub5=id1274972321 http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=689888&sub3=2 https://olamob.g2afse.com/click?pid=38&offer_id=1148806&sub1=623e649fd31e150001402767&sub2=1_689888&sub3=2&sub4=&sub8=\|683470,1 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 https://c.allontrk.com/click?offer_id=208177&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070314_pid616_sub1_sub238_sub3OlaMobSL_nat14_sub4_sub5&pub_sub_id=123820616&pub_sub_sub_id=38&app... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	12ms 12ms	Stylesheet text/plain	188.40.120.131 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.131.120.40.188.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 00:55:59 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Sat, 26 Mar 2022 00:55:59 GMT referrer-policy no-referrer content-length 0
GET H2	200	w404 offer.alibaba.com/product/ Redirect Chain https://t.9696.me/click?pid=868&offer_id=146523&sub4=NCT_iphone_de_ofid13218334_pidundefined_sub1,_sub2,_sub3,_nat27_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id1274972321 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1274972321&sub1=868_4850undefined&sub2=868_4850undefined_, https://offer.alibaba.com/cps/rq9rg325?tp1=623e649fcca7ec00013aeb9c&pid=868_4850undefined&adid= http://offer.alibaba.com/product/w404 https://offer.alibaba.com/product/w404	0 0	131ms 131ms	Stylesheet text/html	104.111.243.137 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/product/w404 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-137.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers Location https://offer.alibaba.com/product/w404 Non-Authoritative-Reason HSTS Cross-Origin-Resource-Policy Cross-Origin
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=180272&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid12802107_pidundefined_sub1,_sub2,_sub3,_nat28_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	25ms 13ms	Stylesheet text/plain	188.40.120.131 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.131.120.40.188.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 00:55:59 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Sat, 26 Mar 2022 00:55:59 GMT referrer-policy no-referrer content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	58ms 14ms	Stylesheet text/plain	136.243.5.28 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=692179&pub_id=9&pub_click_id=NCT_iphone_de_ofid13258369_pidundefined_sub1,_sub2,_sub3,_nat29_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.243.5.28 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.28.5.243.136.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 00:55:59 GMT content-length 0
GET H2	200	w404 offer.alibaba.com/product/ Redirect Chain https://t.9696.me/click?pid=868&offer_id=147249&sub4=NCT_iphone_de_ofid13288678_pidundefined_sub1,_sub2,_sub3,_nat30_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id1274972321 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1274972321&sub1=868_4850undefined&sub2=868_4850undefined_, https://offer.alibaba.com/cps/rq9rg325?tp1=623e649f5614270001893c75&pid=868_4850undefined&adid= http://offer.alibaba.com/product/w404 https://offer.alibaba.com/product/w404	0 0	293ms 293ms	Stylesheet text/html	104.111.243.137 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/product/w404 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-137.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers Location https://offer.alibaba.com/product/w404 Non-Authoritative-Reason HSTS Cross-Origin-Resource-Policy Cross-Origin
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=158605&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13075001_pidundefined_sub1,_sub2,_sub3,_nat31_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	24ms 13ms	Stylesheet text/plain	188.40.120.131 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.131.120.40.188.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 00:55:59 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Sat, 26 Mar 2022 00:55:59 GMT referrer-policy no-referrer content-length 0
GET		redirect direct4.soldbyphonder.com/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=703552&sub1=NCT_iphone_de_ofid13289166_pidundefined_sub1,_sub2,_sub3,_nat32_sub4_sub5&sub2=123820undefined_,&sub5=id1274972321 http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=703552&sub3=2 https://olamob.g2afse.com/click?pid=38&offer_id=1157962&sub1=623e649fd31e150001402768&sub2=1_703552&sub3=2&sub4=&sub8=\|683818,1 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 https://kuno-gae.com/com.id1360098321?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=80a1fd04-ac9f-11ec-bbbb-0ab08a1544e1	0 0

GET H2	404	click apply.g2afse.com/	0 0	56ms 13ms	Stylesheet text/html	213.227.134.200 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apply.g2afse.com/click?pid=3&offer_id=20536&sub1=NCT_iphone_de_ofid10981693_pidundefined_sub1,_sub2,_sub3,_nat33_sub4_sub5&sub4=id1274972321&sub2=123820undefined_, Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.134.200 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H2	200	aff_c clk.taptica.com/ Redirect Chain https://lambadapp.go2affise.com/click?pid=46&offer_id=4143960&sub1=NCT_iphone_de_ofid13289449_pidundefined_sub1,_sub2,_sub3,_nat34_sub4_sub5&sub2=123820undefined_,&sub3=id1274972321 https://clk.taptica.com/aff_c?ver=bulk&tt_ls=b&offer_id=36672277&tt_appid=1535455615&aff_id=2236286&tt_bannerid=&tt_aff_clickid=623e649f50f6b100017db7d6&tt_sub_aff=46_123820undefined_,&tt_idfa=&tt_...	0 0	307ms 95ms	Stylesheet text/html	199.127.206.103 RHYTHMONE
General Check archive.org Show headers Download Go to Full URL https://clk.taptica.com/aff_c?ver=bulk&tt_ls=b&offer_id=36672277&tt_appid=1535455615&aff_id=2236286&tt_bannerid=&tt_aff_clickid=623e649f50f6b100017db7d6&tt_sub_aff=46_123820undefined_,&tt_idfa=&tt_advertising_id=&tt_app_name=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 199.127.206.103 , United States, ASN26120 (RHYTHMONE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers location https://clk.taptica.com/aff_c?ver=bulk&tt_ls=b&offer_id=36672277&tt_appid=1535455615&aff_id=2236286&tt_bannerid=&tt_aff_clickid=623e649f50f6b100017db7d6&tt_sub_aff=46_123820undefined_,&tt_idfa=&tt_advertising_id=&tt_app_name=id1274972321 date Sat, 26 Mar 2022 00:55:59 GMT referer referrer-policy no-referrer server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=164938&pub_id=646&pub_click_id=NCT_iphone_de_ofid13074409_pidundefined_sub1,_sub2,_sub3,_nat35_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	24ms 12ms	Stylesheet text/plain	188.40.120.131 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.131.120.40.188.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 00:55:59 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Sat, 26 Mar 2022 00:55:59 GMT referrer-policy no-referrer content-length 0
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=210720&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13074236_pidundefined_sub1,_sub2,_sub3,_nat36_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	24ms 12ms	Stylesheet text/plain	188.40.120.131 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.131.120.40.188.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 00:55:59 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Sat, 26 Mar 2022 00:55:59 GMT referrer-policy no-referrer content-length 0
GET H2	200	disabled.html appalgo.g2afse.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=260213&sub1=NCT_iphone_de_ofid12685080_pidundefined_sub1,_sub2,_sub3,_nat37_sub4_sub5&sub4=123820undefined_,&sub5=id1274972321 https://appalgo.g2afse.com/click?pid=304&offer_id=91836&sub1=623e649ff4429a0001d1de9c&sub2=42_123820undefined_,&sub3=&sub4=&sub5=id1274972321 http://appalgo.g2afse.com/disabled.html https://appalgo.g2afse.com/disabled.html	0 0	13ms 13ms	Stylesheet text/html	213.227.134.198 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://appalgo.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 213.227.134.198 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers Location https://appalgo.g2afse.com/disabled.html Date Sat, 26 Mar 2022 00:55:59 GMT Server nginx Connection keep-alive Content-Length 138 Content-Type text/html
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=203745&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070488_pidundefined_sub1,_sub2,_sub3,_nat38_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,&app=id1274... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	26ms 12ms	Stylesheet text/plain	188.40.120.131 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.131.120.40.188.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 00:55:59 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Sat, 26 Mar 2022 00:55:59 GMT referrer-policy no-referrer content-length 0
GET H/1.1	200 OK	disabled.html go2.lkjlkjkljsdflkjsdfklsfjklsd.com/ Redirect Chain https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=13270325&sub1=,&sub2=,&sub3=,_nat39&sub4=A53C8BE8-3D1F-4902-8FC4-BD6DFF9A035A&sub5=id1274972321&sub6=123820 http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html	0 0	27ms 14ms	Stylesheet text/html	213.227.134.202 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 213.227.134.202 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers location http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html date Sat, 26 Mar 2022 00:55:59 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=207764&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071022_pidundefined_sub1,_sub2,_sub3,_nat40_sub4_sub5&pub_sub_id=123820undefined&pub_sub_sub_id=,... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	26ms 12ms	Stylesheet text/plain	188.40.120.131 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.131.120.40.188.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 26 Mar 2022 00:55:59 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Sat, 26 Mar 2022 00:55:59 GMT referrer-policy no-referrer content-length 0
GET H2	200	/ www.google.com/ Redirect Chain https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D https://www.google.com/	0 0	108ms 84ms	Stylesheet text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers date Sat, 26 Mar 2022 00:55:59 GMT referrer-policy origin cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0X6tXtDMLAL74LhZ928w6agELGo5gY9FQrntzqb%2Fxy%2FX%2BBHX8SoG%2Fvl7euw%2BS1nTxPZLyJDvZgLLzKud6KVda6Pdo0MI960xXGC1eo6LJjMx75kq0J58MQvJ8y4D64%3D"}],"group":"cf-nel","max_age":604800} location https://www.google.com cf-ray 6f1bec866f339b7c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: direct4.soldbyphonder.com
URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=80a1fd04-ac9f-11ec-b046-0a550bb61e8d

Domain: ttmma.go2affise.com
URL: https://ttmma.go2affise.com/click?pid=224&offer_id=549261&sub1=623e649f81862200014f0eee&sub2=141_123820undefined_,&sub3=&sub4=&sub5=id1274972321&sub6=id1274972321&sub8=|2343482,141

Domain: 424nlnw.appsdeku.com
URL: https://424nlnw.appsdeku.com/424nlnw?p=42_123820undefined_,&sid=623e649ff5ab980001df15a6&android_id=&android_a_id=&idfa=&app_id=id1274972321&param1=

Domain: 9h6ha0y.appsdeku.com
URL: https://9h6ha0y.appsdeku.com/9h6ha0y?p=42_123820undefined_,&sid=623e649f447f4000014de00d&android_id=&android_a_id=&idfa=&app_id=id1274972321&param1=

Domain: direct4.soldbyphonder.com
URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=80a1fd04-ac9f-11ec-bbbb-0ab08a1544e1

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
zildd.g2afse.com/	1970-01-20 10:36:32	Name: afclick Value: 623e649fcead3b0001a4889a
zildd.g2afse.com/	1970-01-20 10:36:32	Name: afoffers Value: {"2482829":1648256159}
mookomedia.g2afse.com/	1970-01-20 10:36:32	Name: afclick Value: 623e649ff4429a0001d1de9c
mookomedia.g2afse.com/	1970-01-20 10:36:32	Name: afoffers Value: {"260213":1648256159}
lambadapp.go2affise.com/	1970-01-20 10:36:32	Name: afclick Value: 623e649f50f6b100017db7d6
lambadapp.go2affise.com/	1970-01-20 10:36:32	Name: afoffers Value: {"4143960":1648256159}
t.9696.me/	1970-01-20 10:36:32	Name: afclick Value: 623e649f5614270001893c75
appad.g2afse.com/	1970-01-20 10:36:32	Name: afclick Value: 623e649f4f0f7c0001d1ae4a
appad.g2afse.com/	1970-01-20 10:36:32	Name: afoffers Value: {"423389":1648256159}
track.gowithads.com/	1970-01-20 10:36:32	Name: afclick Value: 623e649f81862200014f0eee
track.gowithads.com/	1970-01-20 10:36:32	Name: afoffers Value: {"2343482":1648256159}
.gowithads.com/	1970-01-20 01:50:57	Name: __cf_bm Value: qoIUtYs5Lqzjiaw0ZmqaYTi188uqU8u2FFd2JHsT1DE-1648256159-0-AdrExP7KiFuBNkxQ/jatzs5Y88sEaPKNyOhsdZs0HbwPyHCjuMf+wyzhruCawDgLYH3eAXEIWN3WrXGGm8PPZ/Y=
greengrass.g2afse.com/	1970-01-20 10:36:32	Name: afclick Value: 623e649fb64a9f000152ad80
greengrass.g2afse.com/	1970-01-20 10:36:32	Name: afoffers Value: {"771":1648256159}
.alibaba.com/	1969-12-31 23:59:59	Name: cookie2 Value: af330a7fdc7c0d6314ecee808971732d
.alibaba.com/	1970-01-23 15:16:53	Name: t Value: bef46b55ad8fe05a5e28e83dca28ebb2
.alibaba.com/	1969-12-31 23:59:59	Name: _tb_token_ Value: 5f8ee1e53b734

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=92161&sub1=NCT_iphone_de_ofid12622676_pidundefined_sub1,_sub2,_sub3,_nat13_sub4_sub5&sub4=id1274972321&sub2=123820undefined_, Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=14467&sub1=NCT_iphone_de_ofid12667047_pidundefined_sub1,_sub2,_sub3,_nat24_sub4_sub5&sub4=id1274972321&sub2=123820undefined_, Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=20536&sub1=NCT_iphone_de_ofid10981693_pidundefined_sub1,_sub2,_sub3,_nat33_sub4_sub5&sub4=id1274972321&sub2=123820undefined_, Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://9h6ha0y.appsdeku.com/9h6ha0y?p=42_123820undefined_,&sid=623e649f447f4000014de00d&android_id=&android_a_id=&idfa=&app_id=id1274972321&param1= Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://424nlnw.appsdeku.com/424nlnw?p=42_123820undefined_,&sid=623e649ff5ab980001df15a6&android_id=&android_a_id=&idfa=&app_id=id1274972321&param1= Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=80a1fd04-ac9f-11ec-bbbb-0ab08a1544e1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=80a1fd04-ac9f-11ec-b046-0a550bb61e8d Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=17_123820undefined&target=1440147115 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_z2uc21an6ud7v8&target=1014949597 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

424nlnw.appsdeku.com
9h6ha0y.appsdeku.com
ad-experience.g2afse.com
admatic.offerstrack.net
appad.g2afse.com
appalgo.g2afse.com
apply.g2afse.com
appme.trckswrm.com
apts.trckswrm.com
c.allontrk.com
clk.taptica.com
cpi-offers.com
de.zaful.com
direct2.knmasdfsdgs.com
direct4.soldbyphonder.com
go2.lkjlkjkljsdflkjsdfklsfjklsd.com
greengrass.g2afse.com
il32.co
ila3.co
lambadapp.go2affise.com
md412.trckswrm.com
media.appm.app
mookomedia.g2afse.com
nexamob.g2afse.com
offer.alibaba.com
olamob.g2afse.com
rewardsctr.com
spyke.trckswrm.com
t.9696.me
trk.ad-serving-ads.com
ttmma.go2affise.com
www.google.com
www.zaful.com
zainzuri.com
zildd.g2afse.com
424nlnw.appsdeku.com
9h6ha0y.appsdeku.com
direct4.soldbyphonder.com
ttmma.go2affise.com
104.111.243.137
116.202.135.114
136.243.5.28
143.204.215.111
143.204.215.74
144.91.99.171
168.119.91.184
173.212.201.66
18.195.77.111
185.33.87.146
188.114.96.7
188.40.120.131
199.127.206.103
212.7.209.75
213.227.134.198
213.227.134.200
213.227.134.202
213.227.134.204
213.227.134.236
213.227.135.207
213.227.135.213
213.227.156.19
2a00:1450:4001:80f::2004
34.225.38.196
47.241.22.124
84.110.34.195
3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec9cde82b67a8c70b2c9bc38e5e4a7c970615c497d4cb9df9428c9af2e84dc41

cpi-offers.com Open in urlscan Pro 18.195.77.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

43 Requests

12 %HTTPS

4 %IPv6

21 Domains

35 Subdomains

17 IPs

6 Countries

4 kBTransfer

12 kBSize

17 Cookies

0 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

cpi-offers.com Open in urlscan Pro
18.195.77.111 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

12 %
HTTPS

4 %
IPv6

21
Domains

35
Subdomains

17
IPs

6
Countries

4 kB
Transfer

12 kB
Size

17
Cookies

43 HTTP transactions
0 data transactions