cpi-offers.com Open in urlscan Pro
18.196.0.214 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://edsmunds.com/
Effective URL:
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=Exp...
Submission: On March 15 via manual (March 15th 2022, 8:23:41 am UTC) from IN — Scanned from DE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 6 countries across 17 domains to perform 41 HTTP transactions. The main IP is 18.196.0.214, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com. The Cisco Umbrella rank of the primary domain is 31501.
TLS certificate: Issued by Amazon on October 26th 2021. Valid for: a year.

This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2607:fad0:380... 2607:fad0:3801:4::1	32244 (LIQUIDWEB) (LIQUIDWEB)
1 1	198.134.116.30 198.134.116.30	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
3	18.196.0.214 18.196.0.214	16509 (AMAZON-02) (AMAZON-02)
1	185.33.87.146 185.33.87.146	202015 (HZ-US-AS) (HZ-US-AS)
2 2	213.227.134.204 213.227.134.204	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	213.227.156.21 213.227.156.21	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2606:4700:10:... 2606:4700:10::6816:2156	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.95.74.198 34.95.74.198	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::ac43:d372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	5.9.5.210 5.9.5.210	24940 (HETZNER-AS) (HETZNER-AS)
1	3.233.140.147 3.233.140.147	14618 (AMAZON-AES) (AMAZON-AES)
1 1	188.114.97.7 188.114.97.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400e:811::2004	15169 (GOOGLE) (GOOGLE)
41	11

2 2607:fad0:3801:4::1 (United States)

ASN32244 (LIQUIDWEB, US)

edsmunds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.134.116.30 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

click.expmediadirect1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.0.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-0-214.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.87.146 (Ashburn, United States)

ASN202015 (HZ-US-AS, BG)

direct2.knmasdfsdgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.134.204 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

labmediasolutions.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)

www.freegames4play.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.227.156.21 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

apply.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:2156 (United States)

ASN13335 (CLOUDFLARENET, US)

settleads.gotrackier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.74.198 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 198.74.95.34.bc.googleusercontent.com

bv.strandnm.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:d372 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.bidrivo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.9.5.210 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.210.5.9.5.clients.your-server.de

advdgt.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.140.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-140-147.compute-1.amazonaws.com

trk.ad-serving-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.7 (Medellín, Colombia) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zainzuri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:811::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	g2afse.com 2 redirects labmediasolutions.g2afse.com — Cisco Umbrella Rank: 83082 appalgo.g2afse.com Failed apply.g2afse.com — Cisco Umbrella Rank: 71744	371 B
3	cpi-offers.com cpi-offers.com — Cisco Umbrella Rank: 31501	3 KB
2	edsmunds.com edsmunds.com	3 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2
1	zainzuri.com 1 redirects zainzuri.com — Cisco Umbrella Rank: 56237	519 B
1	ad-serving-ads.com trk.ad-serving-ads.com — Cisco Umbrella Rank: 39342
1	trckswrm.com 1 redirects advdgt.trckswrm.com — Cisco Umbrella Rank: 33841	228 B
1	bidrivo.com trk.bidrivo.com — Cisco Umbrella Rank: 125882	591 B
1	strandnm.xyz bv.strandnm.xyz	252 B
1	gotrackier.com settleads.gotrackier.com — Cisco Umbrella Rank: 208557	459 B
1	freegames4play.com www.freegames4play.com — Cisco Umbrella Rank: 178999
1	knmasdfsdgs.com direct2.knmasdfsdgs.com — Cisco Umbrella Rank: 50935	138 B
1	expmediadirect1.com 1 redirects click.expmediadirect1.com — Cisco Umbrella Rank: 69767	268 B
0	allontrk.com Failed c.allontrk.com Failed
0	appsdeku.com Failed 1v4r9re.appsdeku.com Failed
0	soldbyphonder.com Failed direct4.soldbyphonder.com Failed
0	alibaba.com Failed offer.alibaba.com Failed
41	17

	Domain	Requested by
5	apply.g2afse.com	cpi-offers.com
3	cpi-offers.com	edsmunds.com cpi-offers.com
2	labmediasolutions.g2afse.com	2 redirects
2	edsmunds.com	edsmunds.com
1	www.google.com	cpi-offers.com
1	zainzuri.com	1 redirects
1	trk.ad-serving-ads.com	cpi-offers.com
1	advdgt.trckswrm.com	1 redirects
1	trk.bidrivo.com	cpi-offers.com
1	bv.strandnm.xyz	cpi-offers.com
1	settleads.gotrackier.com	cpi-offers.com
1	www.freegames4play.com	cpi-offers.com
1	direct2.knmasdfsdgs.com	cpi-offers.com
1	click.expmediadirect1.com	1 redirects
0	c.allontrk.com Failed	cpi-offers.com
0	1v4r9re.appsdeku.com Failed	cpi-offers.com
0	appalgo.g2afse.com Failed	cpi-offers.com
0	direct4.soldbyphonder.com Failed	cpi-offers.com
0	offer.alibaba.com Failed	cpi-offers.com
41	19

This site contains no links.

Subject Issuer	Validity	Valid
cpi-offers.com Amazon	`2021-10-26` - `2022-11-23`	a year	crt.sh
*.knmasdfsdgs.com Go Daddy Secure Certificate Authority - G2	`2021-07-14` - `2022-08-15`	a year	crt.sh
*.go2affise.com Go Daddy Secure Certificate Authority - G2	`2021-10-09` - `2022-11-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
mm.ellafitzgeraldsayt.club Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-03-24`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0
Frame ID: E8D582521938E002830BC3D7840ECE21
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://edsmunds.com/ Page URL
http://edsmunds.com/page/bouncy.php?&bpae=GbhGtzsnokx%2F9ZthsSnWPtiMVKUEkkwD4vhNW3HC5d1yYfllZLxD... Page URL
http://click.expmediadirect1.com/click?i=1fmx-9LC8rA_0 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&... Page URL

Page Statistics

41
Requests

17 %
HTTPS

29 %
IPv6

17
Domains

19
Subdomains

11
IPs

6
Countries

7 kB
Transfer

12 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://edsmunds.com/ Page URL
http://edsmunds.com/page/bouncy.php?&bpae=GbhGtzsnokx%2F9ZthsSnWPtiMVKUEkkwD4vhNW3HC5d1yYfllZLxDVF7gGmSHB%2F7XDjZMlGk0SHqu9dP43Szha6BZSKpaSOJBj6ttLS%2BwnW83P1TSfCCRAxBZCDLz%2FCnvPeRv%2B6DFs4c35mQmHChzypVDXR5pD7n4tN3zH8%2B5e0aOmFtrWrs0uSfBJossDwP39E5C9sRPhHk3Y6ASUumlsxdbNJX47lrB5%2BUCmxv6JqemmVctfHXlJl5P1irq6ehDUiO6JhhXyaOZQksuerO0fxhUwAKQ0EgHwbI5BcRS1HAGEOLSppKWd8lV6fhiNIGShrhM05bh%2F0ih8WA%2BO%2FPb26LXK523vtqN2lUWIqE78x01jQnUTsNMWBCZ1bHf3lnzvppS64EPyhdAy%2FoNWUfNvSmACjebEc%2FUR4Ou3MFlnAzcemL4hYE%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
http://click.expmediadirect1.com/click?i=1fmx-9LC8rA_0 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_de_ofid10910945_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat1_sub4_sub5&sub1=729_48501032&sub2=729_48501032_225955_edsmunds.com&sub3=id1503028915&sub7=id1503028915 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1503028915&sub1=729_48501032&sub2=729_48501032_225955_edsmunds.com HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=62304d085777730001c1921a&pid=729_48501032&adid= HTTP 0
http://offer.alibaba.com/product/w404

Request Chain 5

https://kuno-gae.com/com.id1503028915?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd HTTP 302
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=35efc583-a439-11ec-9c22-129bcbbb27ab

Request Chain 6

https://labmediasolutions.g2afse.com/click?pid=3&offer_id=3173&sub1=NCT_iphone_de_ofid11038255_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat4_sub4_sub5&sub2=7733301032_225955_edsmunds.com&sub3=id1503028915 HTTP 302
https://labmediasolutions.g2afse.com/click?pid=1&offer_id=73371 HTTP 302
https://www.freegames4play.com/

Request Chain 8

https://mookomedia.g2afse.com/click?pid=42&offer_id=238383&sub1=NCT_iphone_de_ofid12453445_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat6_sub4_sub5&sub4=7733301032_225955_edsmunds.com&sub5=id1503028915 HTTP 302
https://1v4r9re.appsdeku.com/1v4r9re?p=42_7733301032_225955_edsmunds.com&sid=62304d084081420001a70868&android_id=&android_a_id=&idfa=&app_id=id1503028915&param1=

Request Chain 13

https://t.9696.me/click?pid=868&offer_id=118468&sub4=NCT_iphone_de_ofid12489560_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat11_sub4_sub5&sub1=868_48501032&sub2=868_48501032_225955_edsmunds.com&sub3=id1503028915 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1503028915&sub1=868_48501032&sub2=868_48501032_225955_edsmunds.com HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=62304d087ab4e800015cb269&pid=868_48501032&adid=

Request Chain 19

https://mookomedia.g2afse.com/click?pid=42&offer_id=260213&sub1=NCT_iphone_de_ofid12685080_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat17_sub4_sub5&sub4=7733301032_225955_edsmunds.com&sub5=id1503028915 HTTP 302
https://appalgo.g2afse.com/click?pid=304&offer_id=91836&sub1=62304d0844b8750001b57ffc&sub2=42_7733301032_225955_edsmunds.com&sub3=&sub4=&sub5=id1503028915

Request Chain 21

https://mookomedia.g2afse.com/click?pid=42&offer_id=203369&sub1=NCT_iphone_de_ofid11752964_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat19_sub4_sub5&sub4=7733301032_225955_edsmunds.com&sub3=CAC9CD54-6F16-4AB5-B294-1ECB4F81943F&sub2=CAC9CD54-6F16-4AB5-B294-1ECB4F81943F&sub5=id1503028915 HTTP 302
https://appalgo.g2afse.com/click?pid=304&offer_id=86154&sub1=62304d08447f4000015b4702&sub2=42_7733301032_225955_edsmunds.com&sub3=CAC9CD54-6F16-4AB5-B294-1ECB4F81943F&sub4=CAC9CD54-6F16-4AB5-B294-1ECB4F81943F&sub5=id1503028915

Request Chain 24

https://advdgt.trckswrm.com/click?offer_id=85700&pub_id=7&pub_click_id=NCT_iphone_de_ofid12645085_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat22_sub4_sub5&pub_sub_id=7733301032&pub_sub_sub_id=225955_edsmunds.com&app=id1503028915 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_7733301032&creativeid=POP&category=01&androidid=

Request Chain 27

https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
https://www.google.com/

Request Chain 30

https://appalgo.g2afse.com/click?pid=76&offer_id=86556&sub1=NCT_iphone_de_ofid11429569_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat5_sub4_sub5&sub2=7733301032_225955_edsmunds.com&sub5=id1503028915 HTTP 0
http://appalgo.g2afse.com/disabled.html

Request Chain 31

https://c.allontrk.com/click?offer_id=210931&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071147_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat9_sub4_sub5&pub_sub_id=7733301032&pub_sub_sub_id=225955_edsmunds.com&app=id1503028915 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 32

https://t.9696.me/click?pid=868&offer_id=118468&sub4=NCT_iphone_de_ofid12489560_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat11_sub4_sub5&sub1=868_48501032&sub2=868_48501032_225955_edsmunds.com&sub3=id1503028915 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1503028915&sub1=868_48501032&sub2=868_48501032_225955_edsmunds.com HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=62304d090c77190001106b35&pid=868_48501032&adid= HTTP 0
http://offer.alibaba.com/product/w404

Request Chain 33

https://c.allontrk.com/click?offer_id=210803&pub_id=646&pub_click_id=NCT_iphone_de_ofid13069388_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat13_sub4_sub5&pub_sub_id=7733301032&pub_sub_sub_id=225955_edsmunds.com&app=id1503028915 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 34

https://c.allontrk.com/click?offer_id=196753&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071521_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat14_sub4_sub5&pub_sub_id=7733301032&pub_sub_sub_id=225955_edsmunds.com&app=id1503028915 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 35

https://mookomedia.g2afse.com/click?pid=42&offer_id=260213&sub1=NCT_iphone_de_ofid12685080_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat17_sub4_sub5&sub4=7733301032_225955_edsmunds.com&sub5=id1503028915 HTTP 302
https://appalgo.g2afse.com/click?pid=304&offer_id=91836&sub1=62304d098c109500011a5d93&sub2=42_7733301032_225955_edsmunds.com&sub3=&sub4=&sub5=id1503028915 HTTP 0
http://appalgo.g2afse.com/disabled.html

Request Chain 36

https://c.allontrk.com/click?offer_id=206636&pub_id=646&pub_click_id=NCT_iphone_de_ofid12995189_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat18_sub4_sub5&pub_sub_id=7733301032&pub_sub_sub_id=225955_edsmunds.com&app=id1503028915 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 37

https://mookomedia.g2afse.com/click?pid=42&offer_id=203369&sub1=NCT_iphone_de_ofid11752964_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat19_sub4_sub5&sub4=7733301032_225955_edsmunds.com&sub3=CAC9CD54-6F16-4AB5-B294-1ECB4F81943F&sub2=CAC9CD54-6F16-4AB5-B294-1ECB4F81943F&sub5=id1503028915 HTTP 302
https://appalgo.g2afse.com/click?pid=304&offer_id=86154&sub1=62304d09d59032000125e8cf&sub2=42_7733301032_225955_edsmunds.com&sub3=CAC9CD54-6F16-4AB5-B294-1ECB4F81943F&sub4=CAC9CD54-6F16-4AB5-B294-1ECB4F81943F&sub5=id1503028915 HTTP 0
http://appalgo.g2afse.com/disabled.html

Request Chain 38

https://c.allontrk.com/click?offer_id=210002&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070324_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat21_sub4_sub5&pub_sub_id=7733301032&pub_sub_sub_id=225955_edsmunds.com&app=id1503028915 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 39

https://c.allontrk.com/click?offer_id=210641&pub_id=646&pub_click_id=NCT_iphone_de_ofid13073107_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat24_sub4_sub5&pub_sub_id=7733301032&pub_sub_sub_id=225955_edsmunds.com&app=id1503028915 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

41 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ edsmunds.com/	2 KB 2 KB	561ms 418ms	Document text/html	2607:fad0:3801:4::1 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL http://edsmunds.com/ Protocol HTTP/1.1 Server 2607:fad0:3801:4::1 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Tue, 15 Mar 2022 08:23:35 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 X-Powered-By PHP/5.4.16 Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	bouncy.php edsmunds.com/page/	688 B 973 B	342ms 122ms	Document text/html	2607:fad0:3801:4::1 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL http://edsmunds.com/page/bouncy.php?&bpae=GbhGtzsnokx%2F9ZthsSnWPtiMVKUEkkwD4vhNW3HC5d1yYfllZLxDVF7gGmSHB%2F7XDjZMlGk0SHqu9dP43Szha6BZSKpaSOJBj6ttLS%2BwnW83P1TSfCCRAxBZCDLz%2FCnvPeRv%2B6DFs4c35mQmHChzypVDXR5pD7n4tN3zH8%2B5e0aOmFtrWrs0uSfBJossDwP39E5C9sRPhHk3Y6ASUumlsxdbNJX47lrB5%2BUCmxv6JqemmVctfHXlJl5P1irq6ehDUiO6JhhXyaOZQksuerO0fxhUwAKQ0EgHwbI5BcRS1HAGEOLSppKWd8lV6fhiNIGShrhM05bh%2F0ih8WA%2BO%2FPb26LXK523vtqN2lUWIqE78x01jQnUTsNMWBCZ1bHf3lnzvppS64EPyhdAy%2FoNWUfNvSmACjebEc%2FUR4Ou3MFlnAzcemL4hYE%3D&redirectType=js&inIframe=false&inPopUp=false Requested by Host: edsmunds.com URL: http://edsmunds.com/ Protocol HTTP/1.1 Server 2607:fad0:3801:4::1 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://edsmunds.com/ Response headers Date Tue, 15 Mar 2022 08:23:35 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 X-Powered-By PHP/5.4.16 Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	Primary Request fantastic.html Show response cpi-offers.com/ Redirect Chain http://click.expmediadirect1.com/click?i=1fmx-9LC8rA_0 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0	6 KB 1 KB	40ms 10ms	Document text/html	18.196.0.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Requested by Host: edsmunds.com URL: http://edsmunds.com/page/bouncy.php?&bpae=GbhGtzsnokx%2F9ZthsSnWPtiMVKUEkkwD4vhNW3HC5d1yYfllZLxDVF7gGmSHB%2F7XDjZMlGk0SHqu9dP43Szha6BZSKpaSOJBj6ttLS%2BwnW83P1TSfCCRAxBZCDLz%2FCnvPeRv%2B6DFs4c35mQmHChzypVDXR5pD7n4tN3zH8%2B5e0aOmFtrWrs0uSfBJossDwP39E5C9sRPhHk3Y6ASUumlsxdbNJX47lrB5%2BUCmxv6JqemmVctfHXlJl5P1irq6ehDUiO6JhhXyaOZQksuerO0fxhUwAKQ0EgHwbI5BcRS1HAGEOLSppKWd8lV6fhiNIGShrhM05bh%2F0ih8WA%2BO%2FPb26LXK523vtqN2lUWIqE78x01jQnUTsNMWBCZ1bHf3lnzvppS64EPyhdAy%2FoNWUfNvSmACjebEc%2FUR4Ou3MFlnAzcemL4hYE%3D&redirectType=js&inIframe=false&inPopUp=false Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.196.0.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-0-214.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `a0106648d19e216b17e95409876b15bbfadb7dcce8ab3f8f6e38d6f9099db80a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://edsmunds.com/page/bouncy.php?&bpae=GbhGtzsnokx%2F9ZthsSnWPtiMVKUEkkwD4vhNW3HC5d1yYfllZLxDVF7gGmSHB%2F7XDjZMlGk0SHqu9dP43Szha6BZSKpaSOJBj6ttLS%2BwnW83P1TSfCCRAxBZCDLz%2FCnvPeRv%2B6DFs4c35mQmHChzypVDXR5pD7n4tN3zH8%2B5e0aOmFtrWrs0uSfBJossDwP39E5C9sRPhHk3Y6ASUumlsxdbNJX47lrB5%2BUCmxv6JqemmVctfHXlJl5P1irq6ehDUiO6JhhXyaOZQksuerO0fxhUwAKQ0EgHwbI5BcRS1HAGEOLSppKWd8lV6fhiNIGShrhM05bh%2F0ih8WA%2BO%2FPb26LXK523vtqN2lUWIqE78x01jQnUTsNMWBCZ1bHf3lnzvppS64EPyhdAy%2FoNWUfNvSmACjebEc%2FUR4Ou3MFlnAzcemL4hYE%3D&redirectType=js&inIframe=false&inPopUp=false Response headers date Tue, 15 Mar 2022 08:23:36 GMT content-type text/html; charset=utf-8 server nginx/1.14.1 x-powered-by Express access-control-allow-origin * etag W/"19dd-UeB3826XtQPTIFk8+H7CzZ6dVHE" vary Accept-Encoding content-encoding gzip Redirect headers Cache-Control no-store Content-Length 0 Age 0 Connection keep-alive Location https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Pragma no-cache
GET H2	200	main.js Show response cpi-offers.com/jsf/	3 KB 1 KB	9ms 8ms	Script application/javascript	18.196.0.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/jsf/main.js Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.196.0.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-0-214.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 08:23:36 GMT content-encoding gzip etag "415990-2720-1645428716000" last-modified Mon, 21 Feb 2022 07:31:56 GMT server nginx/1.14.1 x-powered-by Express vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=3600
GET		w404 offer.alibaba.com/product/ Redirect Chain https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_de_ofid10910945_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat1_sub4_sub5&sub1=729_48501032&sub2=729_48501032_225955_edsm... https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1503028915&sub1=729_48501032&sub2=729_48501032_225955_edsmunds.com https://offer.alibaba.com/cps/rq9rg325?tp1=62304d085777730001c1921a&pid=729_48501032&adid= http://offer.alibaba.com/product/w404	0 0

GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	507ms 282ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=7733301032&q= Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 15 Mar 2022 08:23:36 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET		redirect direct4.soldbyphonder.com/ Redirect Chain https://kuno-gae.com/com.id1503028915?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=35efc583-a439-11ec-9c22-129bcbbb27ab	0 0

GET H2	200	/ www.freegames4play.com/ Redirect Chain https://labmediasolutions.g2afse.com/click?pid=3&offer_id=3173&sub1=NCT_iphone_de_ofid11038255_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat4_sub4_sub5&sub2=7733301032_225955_edsmunds.... https://labmediasolutions.g2afse.com/click?pid=1&offer_id=73371 https://www.freegames4play.com/	0 0	218ms 161ms	Stylesheet text/html	23.227.38.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.freegames4play.com/ Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Server 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers location https://www.freegames4play.com/ date Tue, 15 Mar 2022 08:23:36 GMT server nginx access-control-allow-origin * content-length 0
GET		click appalgo.g2afse.com/	0 0

GET		1v4r9re 1v4r9re.appsdeku.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=238383&sub1=NCT_iphone_de_ofid12453445_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat6_sub4_sub5&sub4=7733301032_225955_edsmunds.com&... https://1v4r9re.appsdeku.com/1v4r9re?p=42_7733301032_225955_edsmunds.com&sid=62304d084081420001a70868&android_id=&android_a_id=&idfa=&app_id=id1503028915&param1=	0 0

GET H2	404	click apply.g2afse.com/	0 0	55ms 14ms	Stylesheet text/html	213.227.156.21 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apply.g2afse.com/click?pid=3&offer_id=74786&sub1=NCT_iphone_de_ofid11111745_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat7_sub4_sub5&sub4=id1503028915&sub2=7733301032_225955_edsmunds.com Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.156.21 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H2	404	click apply.g2afse.com/	0 0	55ms 15ms	Stylesheet text/html	213.227.156.21 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apply.g2afse.com/click?pid=3&offer_id=261960&sub1=NCT_iphone_de_ofid11587765_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat8_sub4_sub5&sub4=id1503028915&sub2=7733301032_225955_edsmunds.com Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.156.21 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET		click c.allontrk.com/	0 0

GET H2	200	/ settleads.gotrackier.com/t/MzMwXzEzNjI5Mg/	22 B 459 B	109ms 65ms	Stylesheet text/plain	2606:4700:10::6816:2156 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://settleads.gotrackier.com/t/MzMwXzEzNjI5Mg/?p1=NCT_iphone_de_ofid11621440_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat10_sub4_sub5&source=7733301032_225955_edsmunds.com&p4=id1503028915&p5=id1503028915 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:2156 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-err CSS_REQUEST via 1.1 google cf-cache-status DYNAMIC server cloudflare date Tue, 15 Mar 2022 08:23:36 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/plain; charset=utf-8 cf-ray 6ec3d914d92a6919-FRA content-length 22 x-rt 0
GET		rq9rg325 offer.alibaba.com/cps/ Redirect Chain https://t.9696.me/click?pid=868&offer_id=118468&sub4=NCT_iphone_de_ofid12489560_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat11_sub4_sub5&sub1=868_48501032&sub2=868_48501032_225955_eds... https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1503028915&sub1=868_48501032&sub2=868_48501032_225955_edsmunds.com https://offer.alibaba.com/cps/rq9rg325?tp1=62304d087ab4e800015cb269&pid=868_48501032&adid=	0 0

GET H2	404	click apply.g2afse.com/	0 0	55ms 15ms	Stylesheet text/html	213.227.156.21 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apply.g2afse.com/click?pid=3&offer_id=306508&sub1=NCT_iphone_de_ofid12096171_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat12_sub4_sub5&sub4=id1503028915&sub2=7733301032_225955_edsmunds.com Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.156.21 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET		click c.allontrk.com/	0 0

GET		click c.allontrk.com/	0 0

GET H2	200	/ bv.strandnm.xyz/	0 252 B	148ms 108ms	Stylesheet text/plain	34.95.74.198 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bv.strandnm.xyz/?sddtid=hdk9a&sdpi=42&pdco=Xkskjd2&pdos=2381158&pducid=NCT_iphone_de_ofid5960078_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat15_sub4_sub5&pisc1=7733301032&pssc2=225955_edsmunds.com&ppdo=id1503028915&pdumid=CAC9CD54-6F16-4AB5-B294-1ECB4F81943F Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.74.198 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 198.74.95.34.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-origin * date Tue, 15 Mar 2022 08:23:36 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 0
GET H2	404	click apply.g2afse.com/	0 0	54ms 16ms	Stylesheet text/html	213.227.156.21 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apply.g2afse.com/click?pid=3&offer_id=67915&sub1=NCT_iphone_de_ofid11909877_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat16_sub4_sub5&sub4=id1503028915&sub2=7733301032_225955_edsmunds.com Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.156.21 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET		click appalgo.g2afse.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=260213&sub1=NCT_iphone_de_ofid12685080_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat17_sub4_sub5&sub4=7733301032_225955_edsmunds.com... https://appalgo.g2afse.com/click?pid=304&offer_id=91836&sub1=62304d0844b8750001b57ffc&sub2=42_7733301032_225955_edsmunds.com&sub3=&sub4=&sub5=id1503028915	0 0

GET		click c.allontrk.com/	0 0

GET		click appalgo.g2afse.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=203369&sub1=NCT_iphone_de_ofid11752964_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat19_sub4_sub5&sub4=7733301032_225955_edsmunds.com... https://appalgo.g2afse.com/click?pid=304&offer_id=86154&sub1=62304d08447f4000015b4702&sub2=42_7733301032_225955_edsmunds.com&sub3=CAC9CD54-6F16-4AB5-B294-1ECB4F81943F&sub4=CAC9CD54-6F16-4AB5-B294-1...	0 0

GET H2	200	click trk.bidrivo.com/	22 B 591 B	85ms 34ms	Stylesheet text/plain	2606:4700:3036::ac43:d372 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk.bidrivo.com/click?campaign_id=272097&pub_id=75&p1=NCT_iphone_de_ofid12647936_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat20_sub4_sub5&source=7733301032_225955_edsmunds.com&app_name=id1503028915 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:d372 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-err CSS_REQUEST via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare date Tue, 15 Mar 2022 08:23:36 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOHVLN2HTsqCHWQ8owVLySug6M%2F81cdP%2FJUJ8DB0LgrcBVmw%2BrnmVn5W3QMyy0FrtGvluKzGB09Hz2M5PE5x7XXPWNgTrh2g2zI2auwjhO%2B5oqLfaYTy1fyIPM6tr9I%2B97NG169tg12hepeAqD0%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 cf-ray 6ec3d914ea498fe9-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 22 x-rt 0
GET		click c.allontrk.com/	0 0

GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://advdgt.trckswrm.com/click?offer_id=85700&pub_id=7&pub_click_id=NCT_iphone_de_ofid12645085_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat22_sub4_sub5&pub_sub_id=7733301032&pub_su... https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_7733301032&creativeid=POP&category=01&androidid=	0 0	328ms 96ms	Stylesheet text/html	3.233.140.147 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_7733301032&creativeid=POP&category=01&androidid= Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Server 3.233.140.147 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-233-140-147.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 08:23:36 GMT content-length 13 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_7733301032&creativeid=POP&category=01&androidid= date Tue, 15 Mar 2022 08:23:36 GMT referrer-policy no-referrer content-length 0
GET H2	404	click apply.g2afse.com/	0 0	53ms 15ms	Stylesheet text/html	213.227.156.21 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apply.g2afse.com/click?pid=3&offer_id=358543&sub1=NCT_iphone_de_ofid12144044_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat23_sub4_sub5&sub4=id1503028915&sub2=7733301032_225955_edsmunds.com Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.156.21 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET		click c.allontrk.com/	0 0

GET H2	200	/ www.google.com/ Redirect Chain https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D https://www.google.com/	0 0	109ms 78ms	Stylesheet text/html	2a00:1450:400e:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Server 2a00:1450:400e:811::2004 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers date Tue, 15 Mar 2022 08:23:36 GMT referrer-policy origin cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfDKazUj80tKgiRTjRyY4rwg4YPzR3MsSYhwQZE5rNO753WLCAufdwmtKx2reHL%2F4oh0oPKQ4ikr4rwn9%2FnUGM1mFNxCmQ3VMpsrW%2BKQRDuogW3F%2BdX6kRW1DkLeWKk%3D"}],"group":"cf-nel","max_age":604800} location https://www.google.com cf-ray 6ec3d914d82b9a03-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET		infpsw.js cpi-offers.com/jsf/	0 0

GET H2	200	swback cpi-offers.com/	0 0	8ms 8ms	Fetch text/html	18.196.0.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/swback Requested by Host: cpi-offers.com URL: https://cpi-offers.com/jsf/main.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.196.0.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-0-214.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 08:23:36 GMT content-encoding gzip etag W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk" server nginx/1.14.1 x-powered-by Express vary Accept-Encoding content-type text/html; charset=utf-8 access-control-allow-origin *
GET		disabled.html appalgo.g2afse.com/ Redirect Chain https://appalgo.g2afse.com/click?pid=76&offer_id=86556&sub1=NCT_iphone_de_ofid11429569_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat5_sub4_sub5&sub2=7733301032_225955_edsmunds.com&sub5... http://appalgo.g2afse.com/disabled.html	0 0

GET		recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=210931&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071147_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat9_sub4_sub5&pub_sub_id=773330103... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 0

GET		w404 offer.alibaba.com/product/ Redirect Chain https://t.9696.me/click?pid=868&offer_id=118468&sub4=NCT_iphone_de_ofid12489560_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat11_sub4_sub5&sub1=868_48501032&sub2=868_48501032_225955_eds... https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1503028915&sub1=868_48501032&sub2=868_48501032_225955_edsmunds.com https://offer.alibaba.com/cps/rq9rg325?tp1=62304d090c77190001106b35&pid=868_48501032&adid= http://offer.alibaba.com/product/w404	0 0

GET		recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=210803&pub_id=646&pub_click_id=NCT_iphone_de_ofid13069388_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat13_sub4_sub5&pub_sub_id=7733301032&pub_sub_... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 0

GET		recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=196753&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071521_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat14_sub4_sub5&pub_sub_id=77333010... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 0

GET		disabled.html appalgo.g2afse.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=260213&sub1=NCT_iphone_de_ofid12685080_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat17_sub4_sub5&sub4=7733301032_225955_edsmunds.com... https://appalgo.g2afse.com/click?pid=304&offer_id=91836&sub1=62304d098c109500011a5d93&sub2=42_7733301032_225955_edsmunds.com&sub3=&sub4=&sub5=id1503028915 http://appalgo.g2afse.com/disabled.html	0 0

GET		recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=206636&pub_id=646&pub_click_id=NCT_iphone_de_ofid12995189_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat18_sub4_sub5&pub_sub_id=7733301032&pub_sub_... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 0

GET		disabled.html appalgo.g2afse.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=203369&sub1=NCT_iphone_de_ofid11752964_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat19_sub4_sub5&sub4=7733301032_225955_edsmunds.com... https://appalgo.g2afse.com/click?pid=304&offer_id=86154&sub1=62304d09d59032000125e8cf&sub2=42_7733301032_225955_edsmunds.com&sub3=CAC9CD54-6F16-4AB5-B294-1ECB4F81943F&sub4=CAC9CD54-6F16-4AB5-B294-1... http://appalgo.g2afse.com/disabled.html	0 0

GET		recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=210002&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070324_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat21_sub4_sub5&pub_sub_id=7733301032&pub_sub_... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 0

GET		recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=210641&pub_id=646&pub_click_id=NCT_iphone_de_ofid13073107_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat24_sub4_sub5&pub_sub_id=7733301032&pub_sub_... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: offer.alibaba.com
URL: http://offer.alibaba.com/product/w404

Domain: direct4.soldbyphonder.com
URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=35efc583-a439-11ec-9c22-129bcbbb27ab

Domain: appalgo.g2afse.com
URL: https://appalgo.g2afse.com/click?pid=76&offer_id=86556&sub1=NCT_iphone_de_ofid11429569_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat5_sub4_sub5&sub2=7733301032_225955_edsmunds.com&sub5=id1503028915

Domain: 1v4r9re.appsdeku.com
URL: https://1v4r9re.appsdeku.com/1v4r9re?p=42_7733301032_225955_edsmunds.com&sid=62304d084081420001a70868&android_id=&android_a_id=&idfa=&app_id=id1503028915&param1=

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=210931&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071147_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat9_sub4_sub5&pub_sub_id=7733301032&pub_sub_sub_id=225955_edsmunds.com&app=id1503028915

Domain: offer.alibaba.com
URL: https://offer.alibaba.com/cps/rq9rg325?tp1=62304d087ab4e800015cb269&pid=868_48501032&adid=

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=210803&pub_id=646&pub_click_id=NCT_iphone_de_ofid13069388_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat13_sub4_sub5&pub_sub_id=7733301032&pub_sub_sub_id=225955_edsmunds.com&app=id1503028915

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=196753&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071521_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat14_sub4_sub5&pub_sub_id=7733301032&pub_sub_sub_id=225955_edsmunds.com&app=id1503028915

Domain: appalgo.g2afse.com
URL: https://appalgo.g2afse.com/click?pid=304&offer_id=91836&sub1=62304d0844b8750001b57ffc&sub2=42_7733301032_225955_edsmunds.com&sub3=&sub4=&sub5=id1503028915

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=206636&pub_id=646&pub_click_id=NCT_iphone_de_ofid12995189_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat18_sub4_sub5&pub_sub_id=7733301032&pub_sub_sub_id=225955_edsmunds.com&app=id1503028915

Domain: appalgo.g2afse.com
URL: https://appalgo.g2afse.com/click?pid=304&offer_id=86154&sub1=62304d08447f4000015b4702&sub2=42_7733301032_225955_edsmunds.com&sub3=CAC9CD54-6F16-4AB5-B294-1ECB4F81943F&sub4=CAC9CD54-6F16-4AB5-B294-1ECB4F81943F&sub5=id1503028915

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=210002&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070324_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat21_sub4_sub5&pub_sub_id=7733301032&pub_sub_sub_id=225955_edsmunds.com&app=id1503028915

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=210641&pub_id=646&pub_click_id=NCT_iphone_de_ofid13073107_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat24_sub4_sub5&pub_sub_id=7733301032&pub_sub_sub_id=225955_edsmunds.com&app=id1503028915

Domain: cpi-offers.com
URL: https://cpi-offers.com/jsf/infpsw.js

Domain: appalgo.g2afse.com
URL: http://appalgo.g2afse.com/disabled.html

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: offer.alibaba.com
URL: http://offer.alibaba.com/product/w404

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: appalgo.g2afse.com
URL: http://appalgo.g2afse.com/disabled.html

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: appalgo.g2afse.com
URL: http://appalgo.g2afse.com/disabled.html

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
labmediasolutions.g2afse.com/	1970-01-20 10:21:08	Name: afclick Value: 62304d089c00b80001ceca96
labmediasolutions.g2afse.com/	1970-01-20 10:21:08	Name: afoffers Value: {"73371":1647332616}
.gotrackier.com/	1970-01-20 01:35:34	Name: __cf_bm Value: eby4cb6ye__tvVX_w.ZGgSEfZ0NCGvAQqJd2hdWYqF4-1647332616-0-AUSUscz4jbNscKckfiuMcOosPlQbJkY/uR7IxmtHg/BimmO9vU+M5FMpwO46j634CDYbUJFT+qaweeQvEcbDSGE=
.alibaba.com/	1969-12-31 23:59:59	Name: cookie2 Value: ae180f466b76ca7ca8348067e2d37423
.alibaba.com/	1970-01-23 15:01:30	Name: t Value: 798101a27499e22e10374e21461fb64b
.alibaba.com/	1969-12-31 23:59:59	Name: _tb_token_ Value: 73136a67d1e63
t.9696.me/	1970-01-20 10:21:08	Name: afclick Value: 62304d090c77190001106b35
mookomedia.g2afse.com/	1970-01-20 10:21:08	Name: afclick Value: 62304d09d59032000125e8cf
mookomedia.g2afse.com/	1970-01-20 10:21:08	Name: afoffers Value: {"203369":1647332617,"260213":1647332617}

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=74786&sub1=NCT_iphone_de_ofid11111745_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat7_sub4_sub5&sub4=id1503028915&sub2=7733301032_225955_edsmunds.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=261960&sub1=NCT_iphone_de_ofid11587765_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat8_sub4_sub5&sub4=id1503028915&sub2=7733301032_225955_edsmunds.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=306508&sub1=NCT_iphone_de_ofid12096171_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat12_sub4_sub5&sub4=id1503028915&sub2=7733301032_225955_edsmunds.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=358543&sub1=NCT_iphone_de_ofid12144044_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat23_sub4_sub5&sub4=id1503028915&sub2=7733301032_225955_edsmunds.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=67915&sub1=NCT_iphone_de_ofid11909877_pid1032_sub1,_sub2225955_edsmunds.com_sub3ExplorAdsSL2_nat16_sub4_sub5&sub4=id1503028915&sub2=7733301032_225955_edsmunds.com Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0(Line 22) Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network	error	URL: https://1v4r9re.appsdeku.com/1v4r9re?p=42_7733301032_225955_edsmunds.com&sid=62304d084081420001a70868&android_id=&android_a_id=&idfa=&app_id=id1503028915&param1= Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=35efc583-a439-11ec-9c22-129bcbbb27ab Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_7733301032&creativeid=POP&category=01&androidid= Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0(Line 22) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://offer.alibaba.com/product/w404'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0(Line 30) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://appalgo.g2afse.com/disabled.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0(Line 38) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0(Line 42) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://offer.alibaba.com/product/w404'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0(Line 46) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0(Line 48) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0(Line 54) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://appalgo.g2afse.com/disabled.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0(Line 56) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0(Line 58) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://appalgo.g2afse.com/disabled.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0(Line 62) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0(Line 68) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_edsmunds.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1v4r9re.appsdeku.com
advdgt.trckswrm.com
appalgo.g2afse.com
apply.g2afse.com
bv.strandnm.xyz
c.allontrk.com
click.expmediadirect1.com
cpi-offers.com
direct2.knmasdfsdgs.com
direct4.soldbyphonder.com
edsmunds.com
labmediasolutions.g2afse.com
offer.alibaba.com
settleads.gotrackier.com
trk.ad-serving-ads.com
trk.bidrivo.com
www.freegames4play.com
www.google.com
zainzuri.com
1v4r9re.appsdeku.com
appalgo.g2afse.com
c.allontrk.com
cpi-offers.com
direct4.soldbyphonder.com
offer.alibaba.com
18.196.0.214
185.33.87.146
188.114.97.7
198.134.116.30
213.227.134.204
213.227.156.21
23.227.38.74
2606:4700:10::6816:2156
2606:4700:3036::ac43:d372
2607:fad0:3801:4::1
2a00:1450:400e:811::2004
3.233.140.147
34.95.74.198
5.9.5.210
1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6
3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1
a0106648d19e216b17e95409876b15bbfadb7dcce8ab3f8f6e38d6f9099db80a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cpi-offers.com Open in urlscan Pro 18.196.0.214 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

41 Requests

17 %HTTPS

29 %IPv6

17 Domains

19 Subdomains

11 IPs

6 Countries

7 kBTransfer

12 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

9 Cookies

20 Console Messages

Indicators

cpi-offers.com Open in urlscan Pro
18.196.0.214 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

17 %
HTTPS

29 %
IPv6

17
Domains

19
Subdomains

11
IPs

6
Countries

7 kB
Transfer

12 kB
Size

9
Cookies

41 HTTP transactions
0 data transactions