cpi-offers.com Open in urlscan Pro
3.127.100.137 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0
Effective URL:
http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0
Submission: On January 12 via api (January 12th 2022, 6:32:47 pm UTC) from DE — Scanned from DE

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 27 domains to perform 45 HTTP transactions. The main IP is 3.127.100.137, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com. The Cisco Umbrella rank of the primary domain is 33597.

This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10 12	3.127.100.137 3.127.100.137	16509 (AMAZON-02) (AMAZON-02)
1	157.90.33.241 157.90.33.241	24940 (HETZNER-AS) (HETZNER-AS)
3	185.33.87.146 185.33.87.146	202015 (HZ-US-AS) (HZ-US-AS)
5 6	213.227.134.196 213.227.134.196	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
8 10	213.227.134.234 213.227.134.234	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 3	213.227.135.231 213.227.135.231	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 4	213.227.135.213 213.227.135.213	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	173.212.201.66 173.212.201.66	51167 (CONTABO) (CONTABO)
2 5	136.243.5.28 136.243.5.28	24940 (HETZNER-AS) (HETZNER-AS)
2	35.201.98.21 35.201.98.21	15169 (GOOGLE) (GOOGLE)
2	3.224.8.153 3.224.8.153	14618 (AMAZON-AES) (AMAZON-AES)
7 7	213.227.156.21 213.227.156.21	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.156.234 213.227.156.234	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	35.171.97.125 35.171.97.125	14618 (AMAZON-AES) (AMAZON-AES)
6 6	213.227.135.229 213.227.135.229	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	2606:4700:20:... 2606:4700:20::681a:cbb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	213.227.135.207 213.227.135.207	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	34.134.37.160 34.134.37.160	15169 (GOOGLE) (GOOGLE)
6 6	5.9.6.124 5.9.6.124	24940 (HETZNER-AS) (HETZNER-AS)
8 10	213.227.156.19 213.227.156.19	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
7 14	104.111.243.137 104.111.243.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	213.227.134.204 213.227.134.204	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	51.161.115.163 51.161.115.163	16276 (OVH) (OVH)
2 2	23.235.251.114 23.235.251.114	19437 (SS-ASH) (SS-ASH)
3 3	142.93.240.225 142.93.240.225	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	51.83.143.92 51.83.143.92	16276 (OVH) (OVH)
1 1	2606:4700:21:... 2606:4700:21::681b:ce5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.210.43.149 54.210.43.149	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::6816:2256	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	136.243.5.43 136.243.5.43	24940 (HETZNER-AS) (HETZNER-AS)
4 4	212.7.209.71 212.7.209.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	5.9.5.213 5.9.5.213	24940 (HETZNER-AS) (HETZNER-AS)
1 1	213.227.134.198 213.227.134.198	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::374e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	88.99.70.114 88.99.70.114	24940 (HETZNER-AS) (HETZNER-AS)
1	213.227.156.193 213.227.156.193	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.227.135.235 213.227.135.235	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	52.72.232.140 52.72.232.140	14618 (AMAZON-AES) (AMAZON-AES)
1	52.72.170.254 52.72.170.254	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.21.66.249 104.21.66.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
45	23

12 3.127.100.137 (Frankfurt am Main, Germany) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-100-137.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.33.241 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.241.33.90.157.clients.your-server.de

apnp.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.87.146 (Ashburn, United States)

ASN202015 (HZ-US-AS, BG)

direct2.knmasdfsdgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.227.134.196 (Netherlands) 5 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

go2.lkjlkjkljsdflkjsdfklsfjklsd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsperfection.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amazus.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 213.227.134.234 (Netherlands) 8 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ad-experience.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
appricotads.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
digitalfuture.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.135.231 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

olamob.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.227.135.213 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

zildd.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.212.201.66 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: m10082.contaboserver.net

ila3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 136.243.5.28 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.28.5.243.136.clients.your-server.de

apts.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.98.21 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 21.98.201.35.bc.googleusercontent.com

track.m15trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.8.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-8-153.compute-1.amazonaws.com

trk.games-to-run123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 213.227.156.21 (Netherlands) 7 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

maxtopmedia.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
greengrass.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.156.234 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

nexamob.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.171.97.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-97-125.compute-1.amazonaws.com

trk.ad-serving-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.227.135.229 (Netherlands) 6 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appad.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:cbb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ams3.clkstream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.135.207 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

track.2elementr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.134.37.160 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 160.37.134.34.bc.googleusercontent.com

clk.medialabels.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 5.9.6.124 (Germany) 6 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.124.6.9.5.clients.your-server.de

advdgt.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aptrt.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 213.227.156.19 (Netherlands) 8 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

mookomedia.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.111.243.137 (Frankfurt am Main, Germany) 7 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-243-137.deploy.static.akamaitechnologies.com

offer.alibaba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.134.204 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

marlinads.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.161.115.163 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: ns572483.ip-51-161-115.net

t1.coolnovemberbreeze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.235.251.114 (Ashburn, United States) 2 redirects

ASN19437 (SS-ASH, US)

34.us.brownwinds.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.93.240.225 (North Bergen, United States) 3 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

redir.brownwinds.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.toromclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.143.92 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3155458.ip-51-83-143.eu

miao.labtrffc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:21::681b:ce5c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

popcash.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.210.43.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-43-149.compute-1.amazonaws.com

ps.popcash.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:2256 (United States)

ASN13335 (CLOUDFLARENET, US)

settleads.gotrackier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.5.43 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.43.5.243.136.clients.your-server.de

apply.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.7.209.71 (Netherlands) 4 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

t.9696.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.9.5.213 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.213.5.9.5.clients.your-server.de

md412.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.134.198 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ad.mobcho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2ae::374e (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.visitdubai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.99.70.114 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.114.70.99.88.clients.your-server.de

c.allontrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.156.193 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

trafficred.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.135.235 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appscogent.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.232.140 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-232-140.compute-1.amazonaws.com

c.mylot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.170.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-170-254.compute-1.amazonaws.com

welcome.mylot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.66.249 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zainzuri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	g2afse.com 40 redirects ad-experience.g2afse.com — Cisco Umbrella Rank: 47590 olamob.g2afse.com — Cisco Umbrella Rank: 43325 zildd.g2afse.com — Cisco Umbrella Rank: 48915 adsperfection.g2afse.com — Cisco Umbrella Rank: 54184 maxtopmedia.g2afse.com — Cisco Umbrella Rank: 58838 nexamob.g2afse.com — Cisco Umbrella Rank: 47035 imagineads.g2afse.com — Cisco Umbrella Rank: 56751 Failed appad.g2afse.com — Cisco Umbrella Rank: 39500 appricotads.g2afse.com — Cisco Umbrella Rank: 56168 mookomedia.g2afse.com — Cisco Umbrella Rank: 47075 greengrass.g2afse.com — Cisco Umbrella Rank: 58680 marlinads.g2afse.com — Cisco Umbrella Rank: 47334 trafficred.g2afse.com — Cisco Umbrella Rank: 793110 digitalfuture.g2afse.com — Cisco Umbrella Rank: 37612 appscogent.g2afse.com — Cisco Umbrella Rank: 53138 amazus.g2afse.com — Cisco Umbrella Rank: 49632	8 KB
16	trckswrm.com 10 redirects apnp.trckswrm.com — Cisco Umbrella Rank: 44966 apts.trckswrm.com — Cisco Umbrella Rank: 36300 advdgt.trckswrm.com — Cisco Umbrella Rank: 38959 aptrt.trckswrm.com — Cisco Umbrella Rank: 35346 apply.trckswrm.com — Cisco Umbrella Rank: 42329 md412.trckswrm.com — Cisco Umbrella Rank: 72669	3 KB
14	alibaba.com 7 redirects offer.alibaba.com — Cisco Umbrella Rank: 24766	9 KB
12	cpi-offers.com 10 redirects cpi-offers.com — Cisco Umbrella Rank: 33597	6 KB
4	allontrk.com 2 redirects c.allontrk.com — Cisco Umbrella Rank: 37487	514 B
4	9696.me 4 redirects t.9696.me — Cisco Umbrella Rank: 39703	877 B
4	brownwinds.xyz 4 redirects 34.us.brownwinds.xyz redir.brownwinds.xyz — Cisco Umbrella Rank: 60761	5 KB
4	lkjlkjkljsdflkjsdfklsfjklsd.com 3 redirects go2.lkjlkjkljsdflkjsdfklsfjklsd.com — Cisco Umbrella Rank: 52021	433 B
3	ad-serving-ads.com trk.ad-serving-ads.com — Cisco Umbrella Rank: 45755
3	knmasdfsdgs.com direct2.knmasdfsdgs.com — Cisco Umbrella Rank: 45292	414 B
2	mylot.com 1 redirects c.mylot.com — Cisco Umbrella Rank: 289768 welcome.mylot.com	1 KB
2	visitdubai.com 1 redirects www.visitdubai.com — Cisco Umbrella Rank: 183262	222 B
2	popcash.net 1 redirects popcash.net — Cisco Umbrella Rank: 19810 ps.popcash.net — Cisco Umbrella Rank: 59736	482 B
2	coolnovemberbreeze.com 2 redirects t1.coolnovemberbreeze.com — Cisco Umbrella Rank: 63106	633 B
2	games-to-run123.com trk.games-to-run123.com — Cisco Umbrella Rank: 48273
2	m15trk.com track.m15trk.com — Cisco Umbrella Rank: 112706	235 B
1	google.com www.google.com — Cisco Umbrella Rank: 8
1	zainzuri.com 1 redirects zainzuri.com — Cisco Umbrella Rank: 65304	558 B
1	toromclick.com 1 redirects www.toromclick.com — Cisco Umbrella Rank: 204372	495 B
1	mobcho.com 1 redirects ad.mobcho.com — Cisco Umbrella Rank: 71222	266 B
1	gotrackier.com settleads.gotrackier.com — Cisco Umbrella Rank: 252558	458 B
1	labtrffc.com 1 redirects miao.labtrffc.com — Cisco Umbrella Rank: 71558	253 B
1	medialabels.de clk.medialabels.de — Cisco Umbrella Rank: 137617
1	2elementr.com 1 redirects track.2elementr.com — Cisco Umbrella Rank: 98762	326 B
1	clkstream.com 1 redirects ams3.clkstream.com — Cisco Umbrella Rank: 158669	809 B
1	ila3.co ila3.co — Cisco Umbrella Rank: 44690	198 B
0	il32.co Failed il32.co Failed
45	27

	Domain	Requested by
14	offer.alibaba.com	7 redirects cpi-offers.com
12	cpi-offers.com	10 redirects cpi-offers.com
10	mookomedia.g2afse.com	8 redirects cpi-offers.com
6	appricotads.g2afse.com	4 redirects cpi-offers.com
6	appad.g2afse.com	6 redirects
5	greengrass.g2afse.com	5 redirects
5	aptrt.trckswrm.com	5 redirects
5	apts.trckswrm.com	2 redirects cpi-offers.com
4	c.allontrk.com	2 redirects cpi-offers.com
4	t.9696.me	4 redirects
4	zildd.g2afse.com	2 redirects cpi-offers.com
4	go2.lkjlkjkljsdflkjsdfklsfjklsd.com	3 redirects cpi-offers.com
3	trk.ad-serving-ads.com	cpi-offers.com
3	olamob.g2afse.com	3 redirects
3	ad-experience.g2afse.com	3 redirects
3	direct2.knmasdfsdgs.com	cpi-offers.com
2	www.visitdubai.com	1 redirects cpi-offers.com
2	md412.trckswrm.com	2 redirects
2	apply.trckswrm.com	cpi-offers.com
2	redir.brownwinds.xyz	2 redirects
2	34.us.brownwinds.xyz	2 redirects
2	t1.coolnovemberbreeze.com	2 redirects
2	nexamob.g2afse.com	2 redirects
2	maxtopmedia.g2afse.com	2 redirects
2	trk.games-to-run123.com	cpi-offers.com
2	track.m15trk.com	cpi-offers.com
1	www.google.com	cpi-offers.com
1	zainzuri.com	1 redirects
1	welcome.mylot.com	cpi-offers.com
1	c.mylot.com	1 redirects
1	www.toromclick.com	1 redirects
1	amazus.g2afse.com	1 redirects
1	appscogent.g2afse.com	1 redirects
1	digitalfuture.g2afse.com	1 redirects
1	trafficred.g2afse.com	cpi-offers.com
1	ad.mobcho.com	1 redirects
1	settleads.gotrackier.com	cpi-offers.com
1	ps.popcash.net	cpi-offers.com
1	popcash.net	1 redirects
1	miao.labtrffc.com	1 redirects
1	marlinads.g2afse.com	1 redirects
1	advdgt.trckswrm.com	1 redirects
1	clk.medialabels.de	cpi-offers.com
1	track.2elementr.com	1 redirects
1	ams3.clkstream.com	1 redirects
1	adsperfection.g2afse.com	1 redirects
1	ila3.co	cpi-offers.com
1	apnp.trckswrm.com	cpi-offers.com
0	il32.co Failed	cpi-offers.com
0	imagineads.g2afse.com Failed	cpi-offers.com
45	50

This site contains no links.

Subject Issuer	Validity	Valid
apnp.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2021-12-16` - `2022-03-16`	3 months	crt.sh
*.knmasdfsdgs.com Go Daddy Secure Certificate Authority - G2	`2021-07-14` - `2022-08-15`	a year	crt.sh
ila3.co R3	`2021-12-10` - `2022-03-10`	3 months	crt.sh
trk.games-to-run123.com Amazon	`2021-10-07` - `2022-11-04`	a year	crt.sh
apts.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2021-12-16` - `2022-03-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
apply.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2021-12-16` - `2022-03-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0
Frame ID: 93F437232121D2647D86E6176061030B
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

45
Requests

27 %
HTTPS

12 %
IPv6

27
Domains

50
Subdomains

23
IPs

6
Countries

6 kB
Transfer

13 kB
Size

19
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=12789778&sub1=,&sub2=,&sub3=,_nat4&sub4=D4177CF7-BB26-4182-B115-45480B68133F&sub5=id593715088&sub6=358760 HTTP 302
http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html

Request Chain 5

https://ad-experience.g2afse.com/click?pid=2&offer_id=686351&sub1=NCT_iphone_de_ofid13182015_pidundefined_sub1,_sub2,_sub3,_nat5_sub4_sub5&sub2=358760undefined_,&sub5=id593715088 HTTP 302
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=686351&sub3=2 HTTP 302
https://olamob.g2afse.com/click?pid=38&offer_id=1112121&sub1=61df1eb01e0a73000102edb9&sub2=1_686351&sub3=2&sub4=&sub8=|680302,1 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://ad-experience.g2afse.com/click?pid=2&offer_id=598334&sub1=NCT_iphone_de_ofid11579328_pid616_sub1_sub238_sub3OlaMobSL_nat15_sub4_sub5&sub2=358760616_38&sub5=id1439785734 HTTP 302
https://olamob.g2afse.com/click?pid=38&offer_id=20255&sub1=61df1eb05a866600017c9f3c&sub2=2_358760616_38&sub3=&sub4=id1439785734 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://zildd.g2afse.com/click?pid=35&offer_id=3432353&sub1=NCT_iphone_de_ofid13076665_pid616_sub1_sub238_sub3OlaMobSL_nat10_sub4_sub5&sub2=358760616_38&sub3=id290638154 HTTP 302
http://zildd.g2afse.com/disabled.html

Request Chain 6

https://zildd.g2afse.com/click?pid=35&offer_id=3312509&sub1=NCT_iphone_de_ofid12930360_pidundefined_sub1,_sub2,_sub3,_nat6_sub4_sub5&sub2=358760undefined_,&sub3=id593715088&sub4=D4177CF7-BB26-4182-B115-45480B68133F HTTP 302
http://zildd.g2afse.com/disabled.html

Request Chain 8

https://adsperfection.g2afse.com/click?pid=691&offer_id=609556&ref_id=NCT_iphone_de_ofid12802616_pidundefined_sub1,_sub2,_sub3,_nat8_sub4_sub5&sub1=358760undefined_,&sub2=D4177CF7-BB26-4182-B115-45480B68133F&sub3=id593715088&sub5=id593715088 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0 HTTP 302
https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=12789778&sub1=,&sub2=,&sub3=adsperfectionppre_nat4&sub4=6529AD1A-0AD3-4463-B5E5-54722EA428DC&sub5=id393048976&sub6=358760 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=12789778&sub1=&sub2=&sub3=TbLabq_nat4&sub4=0D0C73F6-0182-49D6-B973-E7AB158D24EE&sub5=id593715088&sub6=358760 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://apts.trckswrm.com/click?offer_id=529516&pub_id=9&pub_click_id=NCT_iphone_de_ofid12992281_pid616_sub1_sub2_sub3TbLabq_nat6_sub4_sub5&pub_sub_id=358760616&pub_sub_sub_id=&idfa=591ECAEE-E18F-476F-BBB7-7394495549E9&gaid=591ECAEE-E18F-476F-BBB7-7394495549E9&app=id543577420 HTTP 302
https://track.m15trk.com/click?campaign_id=447&pub_id=220&p1=AlBeUp4AAAF-T4_jEwAJiVgAAABlAAAAEQ&source=101_9&app_name=id543577420&idfa=591ECAEE-E18F-476F-BBB7-7394495549E9&gaid=591ECAEE-E18F-476F-BBB7-7394495549E9&creative_name=&app_id=

Request Chain 10

https://olamob.g2afse.com/click?pid=7&offer_id=913524&sub1=NCT_iphone_de_ofid12902808_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&sub2=358760undefined_,&sub4=id593715088&sub8={sub8}|{offer_id},4850undefined HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=7&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=358760616&q=

Request Chain 11

https://maxtopmedia.g2afse.com/click?pid=166&offer_id=89536&sub1=NCT_iphone_de_ofid13029846_pidundefined_sub1,_sub2,_sub3,_nat11_sub4_sub5&sub2=358760undefined_,&sub3=D4177CF7-BB26-4182-B115-45480B68133F&sub4=id593715088 HTTP 302
https://maxtopmedia.g2afse.com/click?pid=166&offer_id=41297&sub4=89536 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=630&cid=61df1eb0e6179b000191d493&sid=166_&udid=&name=&info=MTMsl&blockTime=0 HTTP 302
https://nexamob.g2afse.com/click?pid=15&offer_id=254169&sub1=NCT_iphone_de_ofid12918051_pid616_sub161df1eb0e6179b000191d493_sub2166__sub3MTMsl_nat15_sub4_sub5&sub2=358760616_166_&sub3=id1360098321&sub5=id1360098321 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01

Request Chain 12

https://nexamob.g2afse.com/click?pid=15&offer_id=254156&sub1=NCT_iphone_de_ofid12918038_pidundefined_sub1,_sub2,_sub3,_nat12_sub4_sub5&sub2=358760undefined_,&sub3=id593715088&sub5=id593715088 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01

Request Chain 13

https://imagineads.g2afse.com/click?pid=59&offer_id=7087&sub1=NCT_iphone_de_ofid13034679_pidundefined_sub1,_sub2,_sub3,_nat13_sub4_sub5&sub2=358760undefined_,&sub4=id593715088&sub5=id593715088 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7087 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=7294

Request Chain 14

https://imagineads.g2afse.com/click?pid=38&offer_id=7065&sub1=NCT_iphone_de_ofid13034742_pidundefined_sub1,_sub2,_sub3,_nat14_sub4_sub5&sub2=358760undefined_,&sub4=id593715088&sub5=id593715088 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7065 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=7294

Request Chain 15

https://apts.trckswrm.com/click?offer_id=107221&pub_id=10&pub_click_id=NCT_iphone_de_ofid10794217_pidundefined_sub1,_sub2,_sub3,_nat15_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id593715088 HTTP 302
https://track.m15trk.com/click?campaign_id=447&pub_id=220&p1=AuDIyQMAAAF-T4_iFgAJiVgAAABlAAAAEQ&source=101_10&app_name=id593715088&idfa=&gaid=&creative_name=&app_id=

Request Chain 16

https://appad.g2afse.com/click?pid=33&offer_id=320972&sub1=NCT_iphone_de_ofid13175387_pidundefined_sub1,_sub2,_sub3,_nat16_sub4_sub5&sub2=358760undefined_,&sub7=id593715088 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=947&cid=&sid=33&udid=&name=&info=appadppre&blockTime=0 HTTP 302
https://ams3.clkstream.com/click?cid=jww1s-ep7h8&publisher=zvnye-2xgwn&campaign=dvsnw-5dnfi-y12k5&p_click=NCT_iphone_de_ofid13006977_pid616_sub1_sub233_sub3appadppre_nat9_sub4_sub5&sub=33&publisher=358760616&app=id1400134578 HTTP 302
https://track.2elementr.com/click?offer_id=328240&pid=242&sub1=id-9391406804621848372&sub2=33&sub3=&sub4=&sub5=&sub6=id1400134578 HTTP 302
https://clk.medialabels.de/click?a=83023337&o=87113342&sub_id=61df1eb0f3a58400018ddd22&sub_id2=611&sub_id3=851&sub_id4=Audiomack

Request Chain 17

https://appricotads.g2afse.com/click?pid=251&offer_id=440007&ref_id=NCT_iphone_de_ofid12965557_pidundefined_sub1,_sub2,_sub3,_nat17_sub4_sub5&sub1=251_4850undefined&sub2=,&sub6=id593715088 HTTP 302
http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850undefined&sub2=,&sub3=&sub4=&sub5=251&sub6=251_4850undefined&sub7=,&sub8=440007 HTTP 302
http://appricotads.g2afse.com/disabled.html

Request Chain 19

https://advdgt.trckswrm.com/click?offer_id=178054&pub_id=7&pub_click_id=NCT_iphone_de_ofid12632192_pidundefined_sub1,_sub2,_sub3,_nat19_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id593715088 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_358760undefined&creativeid=POP&category=01

Request Chain 20

https://mookomedia.g2afse.com/click?pid=42&offer_id=239810&sub1=NCT_iphone_de_ofid12608414_pidundefined_sub1,_sub2,_sub3,_nat20_sub4_sub5&sub4=358760undefined_,&sub5=id593715088 HTTP 302
http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 HTTP 302
https://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 HTTP 302
http://mookomedia.g2afse.com/disabled.html HTTP 302
https://mookomedia.g2afse.com/disabled.html

Request Chain 21

https://aptrt.trckswrm.com/click?offer_id=2990&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid12255589_pidundefined_sub1,_sub2,_sub3,_nat21_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id593715088 HTTP 302
https://appad.g2afse.com/click?pid=34&offer_id=57719&sub1=AnvNRWoAAAF-T4_iFAAApOAAAACAAAAABQ&sub2=128.29&sub7=id593715088&sub6=&sub4=&sub8=CzubKuLed2MdTETNilB__7 HTTP 302
https://greengrass.g2afse.com/click?pid=256&offer_id=468&sub1=61df1eb07268540001eddce7&sub2=128.29&sub5= HTTP 302
https://offer.alibaba.com/cps/p8snq151?bm=cps&src=saf&tp1=61df1eb0b64a9f0001f40b39&adid=&pid=256&tp2=61df1eb07268540001eddce7&tp3=128.29 HTTP 302
https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=p8snq151&e=6

Request Chain 22

https://aptrt.trckswrm.com/click?offer_id=31966&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid12262233_pidundefined_sub1,_sub2,_sub3,_nat22_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id593715088 HTTP 302
https://appad.g2afse.com/click?pid=34&offer_id=57719&sub1=Ah9qRlQAAAF-T4_iFAAApOAAAACAAAAABQ&sub2=128.29&sub7=id593715088&sub6=&sub4=&sub8=pkQOAsZXqqkIp5bBGf5E__7 HTTP 302
https://greengrass.g2afse.com/click?pid=256&offer_id=468&sub1=61df1eb09de4eb0001b23c44&sub2=128.29&sub5= HTTP 302
https://offer.alibaba.com/cps/p8snq151?bm=cps&src=saf&tp1=61df1eb07b56890001d98931&adid=&pid=256&tp2=61df1eb09de4eb0001b23c44&tp3=128.29 HTTP 302
https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=p8snq151&e=6

Request Chain 23

https://marlinads.g2afse.com/click?pid=48&offer_id=61036&sub1=NCT_iphone_de_ofid13181543_pidundefined_sub1,_sub2,_sub3,_nat23_sub4_sub5&sub2=358760undefined_,&sub3=D4177CF7-BB26-4182-B115-45480B68133F&sub4=D4177CF7-BB26-4182-B115-45480B68133F&sub5=id593715088 HTTP 302
https://t1.coolnovemberbreeze.com/g.php?p=c:xecd97ulljoow2567&d=616fcbe4a9c13d20c01cde81&s=358760undefined_,&pid= HTTP 302
https://34.us.brownwinds.xyz/feed/?link=true&tid=34&subid=34-358760undefined_,&ref=&s1=61df1eb0989a246f6201aae1 HTTP 301
http://redir.brownwinds.xyz/click/invalid/?tid=34&subid=34-358760undefined_, HTTP 302
https://miao.labtrffc.com/m.php?p=c:ewuvqob33z8_lq5s_&d=61d4835119830d43cb231841&source=34-358760undefined_,&pid=undefined HTTP 302
https://popcash.net/world/go/134600/317194 HTTP 301
http://ps.popcash.net/go/134600/317194

Request Chain 25

https://aptrt.trckswrm.com/click?offer_id=54614&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid13089119_pidundefined_sub1,_sub2,_sub3,_nat25_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id593715088 HTTP 302
https://appad.g2afse.com/click?pid=34&offer_id=57719&sub1=AupohpEAAAF-T4_iFAAApOAAAACAAAAABQ&sub2=128.29&sub7=id593715088&sub6=&sub4=&sub8=qidLhmL76DRag1wCl1rN__7 HTTP 302
https://greengrass.g2afse.com/click?pid=256&offer_id=468&sub1=61df1eb038eaed000130f256&sub2=128.29&sub5= HTTP 302
https://offer.alibaba.com/cps/p8snq151?bm=cps&src=saf&tp1=61df1eb07b56890001d98932&adid=&pid=256&tp2=61df1eb038eaed000130f256&tp3=128.29 HTTP 302
https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=p8snq151&e=6

Request Chain 27

https://t.9696.me/click?pid=868&offer_id=146664&sub4=NCT_iphone_de_ofid12251718_pidundefined_sub1,_sub2,_sub3,_nat27_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id593715088 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id593715088&sub1=868_4850undefined&sub2=868_4850undefined_, HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=61df1eb0030001000179297a&pid=868_4850undefined&adid= HTTP 302
http://offer.alibaba.com/product/w404 HTTP 307
https://offer.alibaba.com/product/w404

Request Chain 29

https://t.9696.me/click?pid=868&offer_id=148018&sub4=NCT_iphone_de_ofid12277221_pidundefined_sub1,_sub2,_sub3,_nat29_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id593715088 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id593715088&sub1=868_4850undefined&sub2=868_4850undefined_, HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=61df1eb0ddf5d5000188a30e&pid=868_4850undefined&adid= HTTP 302
http://offer.alibaba.com/product/w404 HTTP 307
https://offer.alibaba.com/product/w404

Request Chain 30

https://md412.trckswrm.com/click?offer_id=230581&pub_id=10&pub_click_id=NCT_iphone_de_ofid13045586_pidundefined_sub1,_sub2,_sub3,_nat30_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id593715088 HTTP 302
https://ad.mobcho.com/click?pid=252&offer_id=33&sub2=Atf7u7UAAAF-T4_iGAADSVkAAAAHAAAAAw&sub3=7_10&sub1=&sub4=&sub5=id593715088 HTTP 302
https://www.visitdubai.com/en/win-a-trip-with-rixos HTTP 301
https://www.visitdubai.com/en

Request Chain 31

https://appricotads.g2afse.com/click?pid=251&offer_id=440011&ref_id=NCT_iphone_de_ofid12965563_pidundefined_sub1,_sub2,_sub3,_nat31_sub4_sub5&sub1=251_4850undefined&sub2=,&sub6=id593715088 HTTP 302
http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850undefined&sub2=,&sub3=&sub4=&sub5=251&sub6=251_4850undefined&sub7=,&sub8=440011 HTTP 302
http://appricotads.g2afse.com/disabled.html

Request Chain 32

https://aptrt.trckswrm.com/click?offer_id=42611&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid12940904_pidundefined_sub1,_sub2,_sub3,_nat32_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id593715088 HTTP 302
https://appad.g2afse.com/click?pid=34&offer_id=57719&sub1=AsSYOiEAAAF-T4_iFAAApOAAAACAAAAABQ&sub2=128.29&sub7=id593715088&sub6=&sub4=&sub8=pjXKh9DKPWkGlTI9LW1J__7 HTTP 302
https://greengrass.g2afse.com/click?pid=256&offer_id=468&sub1=61df1eb04f0f7c000195bda6&sub2=128.29&sub5= HTTP 302
https://offer.alibaba.com/cps/p8snq151?bm=cps&src=saf&tp1=61df1eb06674450001cb88fd&adid=&pid=256&tp2=61df1eb04f0f7c000195bda6&tp3=128.29 HTTP 302
https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=p8snq151&e=6

Request Chain 33

https://c.allontrk.com/click?offer_id=145251&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13069158_pidundefined_sub1,_sub2,_sub3,_nat33_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id593715088 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 34

https://md412.trckswrm.com/click?offer_id=232538&pub_id=10&pub_click_id=NCT_iphone_de_ofid13069147_pidundefined_sub1,_sub2,_sub3,_nat34_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id593715088 HTTP 302
https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AvigcE4AAAF-T4_iGAADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id593715088

Request Chain 36

https://c.allontrk.com/click?offer_id=209353&pub_id=646&pub_click_id=NCT_iphone_de_ofid13074690_pidundefined_sub1,_sub2,_sub3,_nat36_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id593715088 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 37

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1755195&sub1=NCT_iphone_de_ofid13181628_pidundefined_sub1,_sub2,_sub3,_nat37_sub4_sub5&sub2=358760undefined_,&sub5=id593715088 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://aptrt.trckswrm.com/click?offer_id=56032&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid13182992_pid616_sub1_sub22_sub3ElishaSL_nat13_sub4_sub5&pub_sub_id=358760616&pub_sub_sub_id=2&app=id314716233 HTTP 302
https://appad.g2afse.com/click?pid=34&offer_id=57719&sub1=Au8I19EAAAF-T4_iiwAApOAAAACAAAAABQ&sub2=128.29&sub7=id314716233&sub6=&sub4=&sub8=WaVRIHaSHTy9hUJ0wkyf__7 HTTP 302
https://greengrass.g2afse.com/click?pid=256&offer_id=468&sub1=61df1eb04f0f7c000195bdc5&sub2=128.29&sub5= HTTP 302
https://offer.alibaba.com/cps/p8snq151?bm=cps&src=saf&tp1=61df1eb029c8f60001b10835&adid=&pid=256&tp2=61df1eb04f0f7c000195bdc5&tp3=128.29 HTTP 302
https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=p8snq151&e=6

Request Chain 39

https://mookomedia.g2afse.com/click?pid=42&offer_id=206008&sub1=NCT_iphone_de_ofid11979302_pidundefined_sub1,_sub2,_sub3,_nat39_sub4_sub5&sub4=358760undefined_,&sub5=id593715088 HTTP 302
http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 HTTP 302
https://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 HTTP 302
http://mookomedia.g2afse.com/disabled.html HTTP 302
https://mookomedia.g2afse.com/disabled.html

Request Chain 40

https://appscogent.g2afse.com/click?pid=27&offer_id=615144&sub1=NCT_iphone_de_ofid13068081_pidundefined_sub1,_sub2,_sub3,_nat40_sub4_sub5&sub2=358760undefined_,&sub5=id593715088 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1011&cid=&sid=27_358760undefined_,&udid=&name=&info=AppscogentSL&blockTime=0 HTTP 302
https://amazus.g2afse.com/click?pid=4&offer_id=18874&sub1=NCT_iphone_de_ofid13089998_pid616_sub1_sub227_358760undefined_,_sub3AppscogentSL_nat7_sub4_sub5&sub2=358760616_27_358760undefined_,&sub3=CABE5FAA-DAC3-49F1-B8FC-F2C9CBD55D24&sub4=CABE5FAA-DAC3-49F1-B8FC-F2C9CBD55D24&sub5=id653967729 HTTP 302
https://t1.coolnovemberbreeze.com/g.php?p=c:xecd97ulljoow2567&d=616fcbe4a9c13d20c01cde81&s=358760616_27_358760undefined_,&pid= HTTP 302
https://34.us.brownwinds.xyz/feed/?link=true&tid=34&subid=34-358760616_27_358760undefined_,&ref=&s1=61df1eb04f969d44d4320feb HTTP 301
http://redir.brownwinds.xyz/feed/click/?t1=128&tid=34&uid=10&subid=34-358760616_27_358760undefined_,&id=0bcc25542e1f2119d1701d906ec65ee0:50d37ff26496dd2d6a4b92dc8054e8e257b0ba30dbe0cbee0bceefebbc0175c7ced8bdf85cc3c69c74119a3d55bbd05d4fbc822a642bc9053c76964404ced2ab89ec4fc10e939096f5cb6584f017554cc3a067fec3ab057e9642239548ede8ef984f972d2fff3f5f6c4dabc7bdb29f761be6e65f467025373f4bd02ad829668f1b9249d02ad0dd36f5c89ff73951bd3c35ea573e40798dc1e0cf6e9920f0c24d126d6115d4e2d68799cb0d34f1bdfc88a44e1b13ec7a1538066a76972af4221a043ae3b789e7bb7622a944c92ecf18c3c65cee13f97f94733031079fe7ad0d657d70f4817a10eb6da5429723bf85a562cb9218e1fad38a0a14269acee0ee1d32eca49289eecb1859e9998d00dcb27c5fdb970454c3d13105f1d1eddd5fbd1135f38f208246c688281eb8d24cc410e58ca050bf5a521c14f456fa08babea31b5b64572b7aa36a158f2e0a973e56865af9208db882ab726a80ba3ba79978d635baa646df83a8f0dfc1ce3eba570e1c8f25ad01f15646729fc767383fbd502a82e498e9b00eb81f4be7f0950144bf3e2af1c53f36cc5d80327d1ca0ac52a670310c632afec462bed2975c4c57dc1fc009afdcd8f3ea4182809eeac9bd7189f77c6b5a562e2a098b96e4ed0611ead96ff5802cfabcbf6b7ab3166d8854d99c892b4f077222c3af2cc8d3e6018ffe2972eddf44605342c9fb4fab60e04bb13d9a42e551bced8879c802cd88877697e6611f4a60629f8bbdb94cc120f345b7827dd37761a3362ceb6abddb62604892928a2f9304661f9bb0a7dc0fd580e48ae8532a979dc473e2e9d9a4f9b09b8f32d378ed83dd29c1b589b22fe6686b86ca3383bf86927290e2eba858e96c9a40761cfad76a8e2a891954a5f09de6c59208a67bf382904c1bb3b5bcee799ab3c81d0b3e9a0cedf173316bc63693d94a3bc35472381d6e912818850a54865f6c1e09e69bcb09cede184a1120432c6435eda1095d255d81ce13e96f80de38be2d274198dbb4a32e650cf6d59864839a0ab4f9752c19ab1df61edc1147d10d28b022cf46e9002bf7e3db8aada796049a9c595f5602b9da59a78ca44d1798138429047e035b640c57be3e8e87060b52e24a20f0f11064130bca9c9be127bbad60d3c1a5bdc75a82cdbed93e9638e62f11ea98f780f8467469494045c90e6e6a7425c4f9f03251537344143b831f73beec7968cdd56299f1982259fcc8391ad145dc4ef44874dfa29b6226681d1e36aec1ca6f262db94b19a832c76b6263ef1cd6a3100902b0784c2620b8ba27f3eab34125ad5c224857e6f66d11b8c7894f494d46b19e5685db1a241e13e2bbd2481e1a311d10b977b86113c8245332c4205cc5430cc7510a4bc57f9ac1df99c8a07efcb83f04be1042bbb15158ed3369710f77ef83527092143970604361b9c5bd525ab539f72068192f249ecd890dfd80d8e3463ba43b563079cd97f9d5e4e55754d2e703671d48e2860f780748b00e6a93efa8f37270cecb5cc67786b79fd31a2b6972b0ed005311743f23ea4c78f010a6eede2789b4773a944fbf891e22e0f4b4589cfd662c477ab2d7ae1877fe97d440f74a675b67e7182ca87480b424e62c3ece498eedb13cb0a70d79f8c56bfc39d8d154434b21ad89322a96314a34ea76e2890d6fb9abcdb79eeb05017c9fff220736b520ee347b7faa6b4aaf33f926d7f00724a77b3a2bf304de6fcfb27b48bf91c6883509fbf79e628d71649475cddb88d627f015f02164c603bf676ecff2c9df3323972c99e6539976943e3b73e3c080edda1262629cf3205eb32e1ce60124ada25d2212c7b2201836a180cb269c1a2c0ffb4f079637cf169c7228b30a6a6141910779959042e49078d495c459bfe2ef86c1635bdaa4c886&s1=61df1eb04f969d44d4320feb HTTP 302
http://www.toromclick.com/feed/click/?t1=128&tid=465&uid=36&subid=34_34-358760616_27_358760undefined_,&id=8a6006ef6146fd49bd3c0dcdedf557ea:1fafc95ee8a172ca397d78bd4474a0a00d7aaffc303e39336c8e90215285a6d88b91a3caf8e530dfe2d0e4f2880a0123bc8218dabf86cfb16c56fbba1373140fbba908841d664ed560a02edf9b06c2f252782bb4c8c84db4e0f1eeba4750a110eb5d68089734aa8df33f7213c05cbbc00093c25326e0fa775ee4924986f176b196043d3d1e82f494620c45d32f6197444cddb31ec99f1821d46e979c260220bb7226e721e329db1b241bbda79054d5331781df5f0a64565dd1344cfec49f63a1d7a97890a97bbcec6be2acaaafc5add83271d9087e393e0b0595dd0fdacd0ffb82f7492bead00c8db5e50aa089093ae47387c201b77c1ebc5ebe30a3dffbb53aa236e70319d26efbda78b4ae2df37f08d5bae864fba9c341b3a6b0a57adc4bb32f8aa789ad38332a25e932fa9e1c06bbdc93e8992ab8948a0c65c94212b454b0f90b0e7e7d4a52ad9a8c5ddb416d150f39fb05055be6239aae6864ec0f23b8e450cc2a68a5236f9a235d4b806f010c064ebc903121687ff14aabb3bbcff44e0fbb7d91defcfde62c88bc16f894d0409aee427d718a312c91cc952b833538389309fe6f3d96bdc93bd6e3af5c142bcae75ae0943869e184e974cb2e43c9aa1efd HTTP 302
http://c.mylot.com/go.ashx?w=cD1leHBsb3JhZHN0b3Jyb21pJms9ZmlsbWk3LmNvbSZiPTAuMDAwMSZzPTQ2NV8zNF8zNC0zNTg3NjA2MTZfMjdfMzU4NzYwdW5kZWZpbmVkXyUyYyZhPTA1 HTTP 302
https://welcome.mylot.com/notify.html?s1=swy11y32nk1yvz7o_%2c_noxsponx4aghifd_hc_gbgaghifd-ed_ed_fge&s2=outlook.live.com

Request Chain 41

https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
https://www.google.com/

Request Chain 43

https://maxtopmedia.g2afse.com/click?pid=166&offer_id=89536&sub1=NCT_iphone_de_ofid13029846_pidundefined_sub1,_sub2,_sub3,_nat11_sub4_sub5&sub2=358760undefined_,&sub3=D4177CF7-BB26-4182-B115-45480B68133F&sub4=id593715088 HTTP 302
https://maxtopmedia.g2afse.com/click?pid=166&offer_id=41297&sub4=89536 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=630&cid=61df1eb27c161400014d8ac8&sid=166_&udid=&name=&info=MTMsl&blockTime=0 HTTP 302
https://zildd.g2afse.com/click?pid=35&offer_id=3307478&sub1=NCT_iphone_de_ofid12900132_pid616_sub161df1eb27c161400014d8ac8_sub2166__sub3MTMsl_nat12_sub4_sub5&sub2=358760616_166_&sub3=id500963785 HTTP 302
https://ila3.co/o/213838?p=3&aff_clickid=61df1eb280e0b00001513b7a&sub2=358760616_166_&sub1=35_358760616_166_&app_name=id500963785&idfa=&gaid= HTTP 302
https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_35_358760616_166_&target=

45 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request FANTASTIC.HTML Show response cpi-offers.com/	10 KB 2 KB	19ms 12ms	Document text/html	3.127.100.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Server 3.127.100.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-100-137.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `58433d4316e481cb57d1fe888f656a3d3847ff84a0feec93bc06734234154835` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Wed, 12 Jan 2022 18:32:16 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Server nginx/1.14.1 X-Powered-By Express Access-Control-Allow-Origin * ETag W/"2691-DVL86xTR1fL5i9W24GFubJsC0uA" Vary Accept-Encoding Content-Encoding gzip
GET H/1.1	200 OK	main.js Show response cpi-offers.com/jsf/	3 KB 1 KB	9ms 9ms	Script application/javascript	3.127.100.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cpi-offers.com/jsf/main.js Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Server 3.127.100.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-100-137.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 12 Jan 2022 18:32:16 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Mon, 27 Dec 2021 10:42:10 GMT Server nginx/1.14.1 X-Powered-By Express Etag "418721-2720-1640601730000" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin * cache-control max-age=3600 Connection keep-alive
GET H/1.1	200 OK	click apnp.trckswrm.com/	0 75 B	78ms 21ms	Stylesheet text/plain	157.90.33.241 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apnp.trckswrm.com/click?offer_id=69316&pub_id=7&pub_id=7&pub_click_id=NCT_iphone_de_ofid12673233_pidundefined_sub1,_sub2,_sub3,_nat1_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id593715088 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 157.90.33.241 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.241.33.90.157.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 18:32:16 GMT content-length 0
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	1464ms 1240ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=358760undefined&q= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 12 Jan 2022 18:32:17 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	1467ms 1244ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=358760undefined&q= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 12 Jan 2022 18:32:17 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	disabled.html go2.lkjlkjkljsdflkjsdfklsfjklsd.com/ Redirect Chain https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=12789778&sub1=,&sub2=,&sub3=,_nat4&sub4=D4177CF7-BB26-4182-B115-45480B68133F&sub5=id593715088&sub6=358760 http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html	0 0	29ms 15ms	Stylesheet text/html	213.227.134.196 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Server 213.227.134.196 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html date Wed, 12 Jan 2022 18:32:16 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	disabled.html zildd.g2afse.com/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=686351&sub1=NCT_iphone_de_ofid13182015_pidundefined_sub1,_sub2,_sub3,_nat5_sub4_sub5&sub2=358760undefined_,&sub5=id593715088 http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=686351&sub3=2 https://olamob.g2afse.com/click?pid=38&offer_id=1112121&sub1=61df1eb01e0a73000102edb9&sub2=1_686351&sub3=2&sub4=&sub8=\|680302,1 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 https://ad-experience.g2afse.com/click?pid=2&offer_id=598334&sub1=NCT_iphone_de_ofid11579328_pid616_sub1_sub238_sub3OlaMobSL_nat15_sub4_sub5&sub2=358760616_38&sub5=id1439785734 https://olamob.g2afse.com/click?pid=38&offer_id=20255&sub1=61df1eb05a866600017c9f3c&sub2=2_358760616_38&sub3=&sub4=id1439785734 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 https://zildd.g2afse.com/click?pid=35&offer_id=3432353&sub1=NCT_iphone_de_ofid13076665_pid616_sub1_sub238_sub3OlaMobSL_nat10_sub4_sub5&sub2=358760616_38&sub3=id290638154 http://zildd.g2afse.com/disabled.html	0 0	27ms 13ms	Stylesheet text/html	213.227.135.213 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://zildd.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Server 213.227.135.213 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location http://zildd.g2afse.com/disabled.html date Wed, 12 Jan 2022 18:32:16 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	disabled.html zildd.g2afse.com/ Redirect Chain https://zildd.g2afse.com/click?pid=35&offer_id=3312509&sub1=NCT_iphone_de_ofid12930360_pidundefined_sub1,_sub2,_sub3,_nat6_sub4_sub5&sub2=358760undefined_,&sub3=id593715088&sub4=D4177CF7-BB26-4182-... http://zildd.g2afse.com/disabled.html	0 0	40ms 14ms	Stylesheet text/html	213.227.135.213 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://zildd.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Server 213.227.135.213 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location http://zildd.g2afse.com/disabled.html date Wed, 12 Jan 2022 18:32:16 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	230672 ila3.co/o/	0 198 B	81ms 25ms	Stylesheet text/plain	173.212.201.66 CONTABO
General Check archive.org Show headers Download Go to Full URL https://ila3.co/o/230672?p=17&aff_clickid=NCT_iphone_de_ofid12396697_pidundefined_sub1,_sub2,_sub3,_nat7_sub4_sub5&sub1=358760undefined_,&app_name=id593715088 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 173.212.201.66 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS m10082.contaboserver.net Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Wed, 12 Jan 2022 18:32:16 GMT Cache-Control no-store, no-cache, must-revalidate Content-Type text/plain; charset=utf-8 Content-Length 0 Expires 0
GET H2	200	click track.m15trk.com/ Redirect Chain https://adsperfection.g2afse.com/click?pid=691&offer_id=609556&ref_id=NCT_iphone_de_ofid12802616_pidundefined_sub1,_sub2,_sub3,_nat8_sub4_sub5&sub1=358760undefined_,&sub2=D4177CF7-BB26-4182-B115-45... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0 https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=12789778&sub1=,&sub2=,&sub3=adsperfectionppre_nat4&sub4=6529AD1A-0AD3-4463-B5E5-54722EA428DC&sub5=id393048976&sub6=358760 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=12789778&sub1=&sub2=&sub3=TbLabq_nat4&sub4=0D0C73F6-0182-49D6-B973-E7AB158D24EE&sub5=id593715088&sub6=358760 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://apts.trckswrm.com/click?offer_id=529516&pub_id=9&pub_click_id=NCT_iphone_de_ofid12992281_pid616_sub1_sub2_sub3TbLabq_nat6_sub4_sub5&pub_sub_id=358760616&pub_sub_sub_id=&idfa=591ECAEE-E18F-4... https://track.m15trk.com/click?campaign_id=447&pub_id=220&p1=AlBeUp4AAAF-T4_jEwAJiVgAAABlAAAAEQ&source=101_9&app_name=id543577420&idfa=591ECAEE-E18F-476F-BBB7-7394495549E9&gaid=591ECAEE-E18F-476F-B...	22 B 82 B	38ms 38ms	Stylesheet text/plain	35.201.98.21 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://track.m15trk.com/click?campaign_id=447&pub_id=220&p1=AlBeUp4AAAF-T4_jEwAJiVgAAABlAAAAEQ&source=101_9&app_name=id543577420&idfa=591ECAEE-E18F-476F-BBB7-7394495549E9&gaid=591ECAEE-E18F-476F-BBB7-7394495549E9&creative_name=&app_id= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 35.201.98.21 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 21.98.201.35.bc.googleusercontent.com Software nginx / Resource Hash `1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 18:32:16 GMT via 1.1 google server nginx content-type text/plain; charset=utf-8 alt-svc clear content-length 22 x-rt 0 x-err CSS_REQUEST Redirect headers location https://track.m15trk.com/click?campaign_id=447&pub_id=220&p1=AlBeUp4AAAF-T4_jEwAJiVgAAABlAAAAEQ&source=101_9&app_name=id543577420&idfa=591ECAEE-E18F-476F-BBB7-7394495549E9&gaid=591ECAEE-E18F-476F-BBB7-7394495549E9&creative_name=&app_id= date Wed, 12 Jan 2022 18:32:16 GMT referrer-policy no-referrer content-length 0
GET H2	404	click trk.games-to-run123.com/	0 0	324ms 102ms	Stylesheet text/html	3.224.8.153 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.games-to-run123.com/click?affid=47&cmpid=f622a0ebab383e24&clickid=NCT_iphone_de_ofid11510342_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&siteid=358760undefined_, Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.224.8.153 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-224-8-153.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 18:32:16 GMT content-length 13 content-type text/html
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/ Redirect Chain https://olamob.g2afse.com/click?pid=7&offer_id=913524&sub1=NCT_iphone_de_ofid12902808_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&sub2=358760undefined_,&sub4=id593715088&sub8={sub8}\|{offer_id},4... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=7&udid=&name=&info=OlaMobSL&blockTime=0 https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=358760616&q=	0 138 B	1424ms 1241ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=358760616&q= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 12 Jan 2022 18:32:17 GMT Server nginx Connection close Content-Type text/html; charset=utf-8 Redirect headers date Wed, 12 Jan 2022 18:32:16 GMT content-encoding gzip server nginx/1.14.1 location https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=358760616&q= x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://maxtopmedia.g2afse.com/click?pid=166&offer_id=89536&sub1=NCT_iphone_de_ofid13029846_pidundefined_sub1,_sub2,_sub3,_nat11_sub4_sub5&sub2=358760undefined_,&sub3=D4177CF7-BB26-4182-B115-45480B... https://maxtopmedia.g2afse.com/click?pid=166&offer_id=41297&sub4=89536 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=630&cid=61df1eb0e6179b000191d493&sid=166_&udid=&name=&info=MTMsl&blockTime=0 https://nexamob.g2afse.com/click?pid=15&offer_id=254169&sub1=NCT_iphone_de_ofid12918051_pid616_sub161df1eb0e6179b000191d493_sub2166__sub3MTMsl_nat15_sub4_sub5&sub2=358760616_166_&sub3=id1360098321&... https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01	0 0	250ms 98ms	Stylesheet text/html	35.171.97.125 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 35.171.97.125 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-171-97-125.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 18:32:16 GMT content-length 13 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 date Wed, 12 Jan 2022 18:32:16 GMT server nginx access-control-allow-origin * content-length 0
GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://nexamob.g2afse.com/click?pid=15&offer_id=254156&sub1=NCT_iphone_de_ofid12918038_pidundefined_sub1,_sub2,_sub3,_nat12_sub4_sub5&sub2=358760undefined_,&sub3=id593715088&sub5=id593715088 https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01	0 0	314ms 97ms	Stylesheet text/html	35.171.97.125 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 35.171.97.125 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-171-97-125.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 18:32:16 GMT content-length 13 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 date Wed, 12 Jan 2022 18:32:16 GMT server nginx access-control-allow-origin * content-length 0
GET		click imagineads.g2afse.com/ Redirect Chain https://imagineads.g2afse.com/click?pid=59&offer_id=7087&sub1=NCT_iphone_de_ofid13034679_pidundefined_sub1,_sub2,_sub3,_nat13_sub4_sub5&sub2=358760undefined_,&sub4=id593715088&sub5=id593715088 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7087 https://imagineads.g2afse.com/click?pid=59&offer_id=7294 https://imagineads.g2afse.com/click?pid=59&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=59&offer_id=7294 https://imagineads.g2afse.com/click?pid=59&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=59&offer_id=7294 https://imagineads.g2afse.com/click?pid=59&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=59&offer_id=7294 https://imagineads.g2afse.com/click?pid=59&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=59&offer_id=7294 https://imagineads.g2afse.com/click?pid=59&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=59&offer_id=7294 https://imagineads.g2afse.com/click?pid=59&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=59&offer_id=7294	0 0

GET		click imagineads.g2afse.com/ Redirect Chain https://imagineads.g2afse.com/click?pid=38&offer_id=7065&sub1=NCT_iphone_de_ofid13034742_pidundefined_sub1,_sub2,_sub3,_nat14_sub4_sub5&sub2=358760undefined_,&sub4=id593715088&sub5=id593715088 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7065 https://imagineads.g2afse.com/click?pid=38&offer_id=7294 https://imagineads.g2afse.com/click?pid=38&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=38&offer_id=7294 https://imagineads.g2afse.com/click?pid=38&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=38&offer_id=7294 https://imagineads.g2afse.com/click?pid=38&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=38&offer_id=7294 https://imagineads.g2afse.com/click?pid=38&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=38&offer_id=7294 https://imagineads.g2afse.com/click?pid=38&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=38&offer_id=7294 https://imagineads.g2afse.com/click?pid=38&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=38&offer_id=7294	0 0

GET H2	200	click track.m15trk.com/ Redirect Chain https://apts.trckswrm.com/click?offer_id=107221&pub_id=10&pub_click_id=NCT_iphone_de_ofid10794217_pidundefined_sub1,_sub2,_sub3,_nat15_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id59... https://track.m15trk.com/click?campaign_id=447&pub_id=220&p1=AuDIyQMAAAF-T4_iFgAJiVgAAABlAAAAEQ&source=101_10&app_name=id593715088&idfa=&gaid=&creative_name=&app_id=	22 B 153 B	103ms 29ms	Stylesheet text/plain	35.201.98.21 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://track.m15trk.com/click?campaign_id=447&pub_id=220&p1=AuDIyQMAAAF-T4_iFgAJiVgAAABlAAAAEQ&source=101_10&app_name=id593715088&idfa=&gaid=&creative_name=&app_id= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 35.201.98.21 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 21.98.201.35.bc.googleusercontent.com Software nginx / Resource Hash `1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 18:32:16 GMT via 1.1 google server nginx content-type text/plain; charset=utf-8 alt-svc clear content-length 22 x-rt 0 x-err CSS_REQUEST Redirect headers location https://track.m15trk.com/click?campaign_id=447&pub_id=220&p1=AuDIyQMAAAF-T4_iFgAJiVgAAABlAAAAEQ&source=101_10&app_name=id593715088&idfa=&gaid=&creative_name=&app_id= date Wed, 12 Jan 2022 18:32:16 GMT referrer-policy no-referrer content-length 0
GET H2	404	click clk.medialabels.de/ Redirect Chain https://appad.g2afse.com/click?pid=33&offer_id=320972&sub1=NCT_iphone_de_ofid13175387_pidundefined_sub1,_sub2,_sub3,_nat16_sub4_sub5&sub2=358760undefined_,&sub7=id593715088 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=947&cid=&sid=33&udid=&name=&info=appadppre&blockTime=0 https://ams3.clkstream.com/click?cid=jww1s-ep7h8&publisher=zvnye-2xgwn&campaign=dvsnw-5dnfi-y12k5&p_click=NCT_iphone_de_ofid13006977_pid616_sub1_sub233_sub3appadppre_nat9_sub4_sub5&sub=33&publisher... https://track.2elementr.com/click?offer_id=328240&pid=242&sub1=id-9391406804621848372&sub2=33&sub3=&sub4=&sub5=&sub6=id1400134578 https://clk.medialabels.de/click?a=83023337&o=87113342&sub_id=61df1eb0f3a58400018ddd22&sub_id2=611&sub_id3=851&sub_id4=Audiomack	0 0	349ms 112ms	Stylesheet text/plain	34.134.37.160 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://clk.medialabels.de/click?a=83023337&o=87113342&sub_id=61df1eb0f3a58400018ddd22&sub_id2=611&sub_id3=851&sub_id4=Audiomack Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 34.134.37.160 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 160.37.134.34.bc.googleusercontent.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location https://clk.medialabels.de/click?a=83023337&o=87113342&sub_id=61df1eb0f3a58400018ddd22&sub_id2=611&sub_id3=851&sub_id4=Audiomack date Wed, 12 Jan 2022 18:32:16 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	disabled.html appricotads.g2afse.com/ Redirect Chain https://appricotads.g2afse.com/click?pid=251&offer_id=440007&ref_id=NCT_iphone_de_ofid12965557_pidundefined_sub1,_sub2,_sub3,_nat17_sub4_sub5&sub1=251_4850undefined&sub2=,&sub6=id593715088 http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850undefined&sub2=,&sub3=&sub4=&sub5=251&sub6=251_4850undefined&sub7=,&sub8=440007 http://appricotads.g2afse.com/disabled.html	0 0	15ms 15ms	Stylesheet text/html	213.227.134.234 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://appricotads.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Server 213.227.134.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers Location http://appricotads.g2afse.com/disabled.html Date Wed, 12 Jan 2022 18:32:16 GMT Server nginx Connection keep-alive Access-Control-Allow-Origin * Content-Length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	73ms 19ms	Stylesheet text/plain	136.243.5.28 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=675371&pub_id=55&pub_click_id=NCT_iphone_de_ofid13172533_pidundefined_sub1,_sub2,_sub3,_nat18_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id593715088 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.243.5.28 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.28.5.243.136.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 18:32:16 GMT content-length 0
GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://advdgt.trckswrm.com/click?offer_id=178054&pub_id=7&pub_click_id=NCT_iphone_de_ofid12632192_pidundefined_sub1,_sub2,_sub3,_nat19_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id5... https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_358760undefined&creativeid=POP&category=01	0 0	316ms 96ms	Stylesheet text/html	35.171.97.125 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_358760undefined&creativeid=POP&category=01 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 35.171.97.125 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-171-97-125.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 18:32:16 GMT content-length 13 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_358760undefined&creativeid=POP&category=01 date Wed, 12 Jan 2022 18:32:16 GMT referrer-policy no-referrer content-length 0
GET H2	200	disabled.html mookomedia.g2afse.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=239810&sub1=NCT_iphone_de_ofid12608414_pidundefined_sub1,_sub2,_sub3,_nat20_sub4_sub5&sub4=358760undefined_,&sub5=id593715088 http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 https://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 http://mookomedia.g2afse.com/disabled.html https://mookomedia.g2afse.com/disabled.html	0 0	16ms 16ms	Stylesheet text/html	213.227.156.19 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://mookomedia.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 213.227.156.19 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers Location https://mookomedia.g2afse.com/disabled.html Date Wed, 12 Jan 2022 18:32:16 GMT Server nginx Connection keep-alive Content-Length 138 Content-Type text/html
GET H2	200	/ offer.alibaba.com/ Redirect Chain https://aptrt.trckswrm.com/click?offer_id=2990&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid12255589_pidundefined_sub1,_sub2,_sub3,_nat21_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,... https://appad.g2afse.com/click?pid=34&offer_id=57719&sub1=AnvNRWoAAAF-T4_iFAAApOAAAACAAAAABQ&sub2=128.29&sub7=id593715088&sub6=&sub4=&sub8=CzubKuLed2MdTETNilB__7 https://greengrass.g2afse.com/click?pid=256&offer_id=468&sub1=61df1eb07268540001eddce7&sub2=128.29&sub5= https://offer.alibaba.com/cps/p8snq151?bm=cps&src=saf&tp1=61df1eb0b64a9f0001f40b39&adid=&pid=256&tp2=61df1eb07268540001eddce7&tp3=128.29 https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=p8snq151&e=6	0 0	164ms 163ms	Stylesheet text/html	104.111.243.137 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=p8snq151&e=6 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-137.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers strict-transport-security max-age=31536000 ; includeSubDomains, max-age=31536000 x-content-type-options nosniff timing-allow-origin * p3p CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' server-timing rt;dur=0.029,eagleid;desc=2101e37f16420123368862328e50e3 content-length 10 x-xss-protection 1; mode=block x-application-context arcadia:7001 havana_s_tag 285873024335988\|134217728^\|^^ referrer-policy unsafe-url havana_s_v 4.0.2.6 x-frame-options DENY date Wed, 12 Jan 2022 18:32:16 GMT havana_s_ip 45707956496f436e6d384d484359303d location https://offer.alibaba.com?bm=cps&src=saf&cps_sk=p8snq151&e=6 havana_s_group havana-session content-language de-DE pragma no-cache havana_s_tid 2101e37f16420123368862328e50e3 havana_s_status STATUS_NOT_EXISTED cache-control max-age=0, no-cache, no-store edge-type akamai content-type text/html;charset=UTF-8 eagleid 2101e37f16420123368862328e50e3 havana_s_ucode USEAST:USEAST expires Wed, 12 Jan 2022 18:32:16 GMT
GET H2	200	/ offer.alibaba.com/ Redirect Chain https://aptrt.trckswrm.com/click?offer_id=31966&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid12262233_pidundefined_sub1,_sub2,_sub3,_nat22_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=... https://appad.g2afse.com/click?pid=34&offer_id=57719&sub1=Ah9qRlQAAAF-T4_iFAAApOAAAACAAAAABQ&sub2=128.29&sub7=id593715088&sub6=&sub4=&sub8=pkQOAsZXqqkIp5bBGf5E__7 https://greengrass.g2afse.com/click?pid=256&offer_id=468&sub1=61df1eb09de4eb0001b23c44&sub2=128.29&sub5= https://offer.alibaba.com/cps/p8snq151?bm=cps&src=saf&tp1=61df1eb07b56890001d98931&adid=&pid=256&tp2=61df1eb09de4eb0001b23c44&tp3=128.29 https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=p8snq151&e=6	0 0	145ms 145ms	Stylesheet text/html	104.111.243.137 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=p8snq151&e=6 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-137.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers strict-transport-security max-age=31536000 ; includeSubDomains, max-age=31536000 x-content-type-options nosniff timing-allow-origin * p3p CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' server-timing rt;dur=0.023,eagleid;desc=2101e38616420123368876422ebdac content-length 10 x-xss-protection 1; mode=block x-application-context arcadia:7001 havana_s_tag 285873024335988\|134217728^\|^^ referrer-policy unsafe-url havana_s_v 4.0.2.6 x-frame-options DENY date Wed, 12 Jan 2022 18:32:16 GMT havana_s_ip 45707956496f436e6d3856356e454e56 location https://offer.alibaba.com?bm=cps&src=saf&cps_sk=p8snq151&e=6 havana_s_group havana-session content-language de-DE pragma no-cache havana_s_tid 2101e38616420123368876422ebdac havana_s_status STATUS_NOT_EXISTED cache-control max-age=0, no-cache, no-store edge-type akamai content-type text/html;charset=UTF-8 eagleid 2101e38616420123368876422ebdac havana_s_ucode USEAST:USEAST expires Wed, 12 Jan 2022 18:32:16 GMT
GET H/1.1	200 OK	317194 ps.popcash.net/go/134600/ Redirect Chain https://marlinads.g2afse.com/click?pid=48&offer_id=61036&sub1=NCT_iphone_de_ofid13181543_pidundefined_sub1,_sub2,_sub3,_nat23_sub4_sub5&sub2=358760undefined_,&sub3=D4177CF7-BB26-4182-B115-45480B681... https://t1.coolnovemberbreeze.com/g.php?p=c:xecd97ulljoow2567&d=616fcbe4a9c13d20c01cde81&s=358760undefined_,&pid= https://34.us.brownwinds.xyz/feed/?link=true&tid=34&subid=34-358760undefined_,&ref=&s1=61df1eb0989a246f6201aae1 http://redir.brownwinds.xyz/click/invalid/?tid=34&subid=34-358760undefined_, https://miao.labtrffc.com/m.php?p=c:ewuvqob33z8_lq5s_&d=61d4835119830d43cb231841&source=34-358760undefined_,&pid=undefined https://popcash.net/world/go/134600/317194 http://ps.popcash.net/go/134600/317194	0 0	212ms 96ms	Stylesheet text/html	54.210.43.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://ps.popcash.net/go/134600/317194 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Server 54.210.43.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-210-43-149.compute-1.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Wed, 12 Jan 2022 18:32:19 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVM%2F7fY0EK0uf8Wb91ssA9l5y2CA2mlA2%2Fktc6LnTtUh8Az6qnIFa4DFB9ck1m0oT0I17K1KJ5oJBMO%2FUftb84f7z4%2Fj7g2cuQ3mTMi0EoMmpQv33Cx8bb0m1xXRwNCpgY4GfLdKbLNl"}],"group":"cf-nel","max_age":604800} content-type text/html location http://ps.popcash.net/go/134600/317194 cf-ray 6cc8777e8dfde680-LHR content-length 162
GET H2	200	/ settleads.gotrackier.com/t/MzMwXzE0MDUzNg/	22 B 458 B	132ms 78ms	Stylesheet text/plain	2606:4700:10::6816:2256 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://settleads.gotrackier.com/t/MzMwXzE0MDUzNg/?p1=NCT_iphone_de_ofid11621389_pidundefined_sub1,_sub2,_sub3,_nat24_sub4_sub5&source=358760undefined_,&p4=id593715088&p5=id593715088 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:2256 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-err CSS_REQUEST via 1.1 google cf-cache-status DYNAMIC server cloudflare date Wed, 12 Jan 2022 18:32:16 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/plain; charset=utf-8 cf-ray 6cc877701af75c2c-FRA content-length 22 x-rt 0
GET H2	200	/ offer.alibaba.com/ Redirect Chain https://aptrt.trckswrm.com/click?offer_id=54614&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid13089119_pidundefined_sub1,_sub2,_sub3,_nat25_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=... https://appad.g2afse.com/click?pid=34&offer_id=57719&sub1=AupohpEAAAF-T4_iFAAApOAAAACAAAAABQ&sub2=128.29&sub7=id593715088&sub6=&sub4=&sub8=qidLhmL76DRag1wCl1rN__7 https://greengrass.g2afse.com/click?pid=256&offer_id=468&sub1=61df1eb038eaed000130f256&sub2=128.29&sub5= https://offer.alibaba.com/cps/p8snq151?bm=cps&src=saf&tp1=61df1eb07b56890001d98932&adid=&pid=256&tp2=61df1eb038eaed000130f256&tp3=128.29 https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=p8snq151&e=6	0 0	142ms 142ms	Stylesheet text/html	104.111.243.137 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=p8snq151&e=6 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-137.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers strict-transport-security max-age=31536000 ; includeSubDomains, max-age=31536000 x-content-type-options nosniff timing-allow-origin * p3p CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' server-timing rt;dur=0.024,eagleid;desc=2101e37e16420123368944317e93de content-length 10 x-xss-protection 1; mode=block x-application-context arcadia:7001 havana_s_tag 285873024335988\|134217728^\|^^ referrer-policy unsafe-url havana_s_v 4.0.2.6 x-frame-options DENY date Wed, 12 Jan 2022 18:32:16 GMT havana_s_ip 45707956496f436e6d452f4f32413d3d location https://offer.alibaba.com?bm=cps&src=saf&cps_sk=p8snq151&e=6 havana_s_group havana-session content-language de-DE pragma no-cache havana_s_tid 2101e37e16420123368944317e93de havana_s_status STATUS_NOT_EXISTED cache-control max-age=0, no-cache, no-store edge-type akamai content-type text/html;charset=UTF-8 eagleid 2101e37e16420123368944317e93de havana_s_ucode USEAST:USEAST expires Wed, 12 Jan 2022 18:32:16 GMT
GET H/1.1	200 OK	click apply.trckswrm.com/	0 75 B	69ms 25ms	Stylesheet text/plain	136.243.5.43 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apply.trckswrm.com/click?offer_id=8619&pub_id=29&pub_click_id=NCT_iphone_de_ofid12594854_pidundefined_sub1,_sub2,_sub3,_nat26_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id593715088 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.243.5.43 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.43.5.243.136.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 18:32:16 GMT content-length 0
GET H2	200	w404 offer.alibaba.com/product/ Redirect Chain https://t.9696.me/click?pid=868&offer_id=146664&sub4=NCT_iphone_de_ofid12251718_pidundefined_sub1,_sub2,_sub3,_nat27_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id593715088 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id593715088&sub1=868_4850undefined&sub2=868_4850undefined_, https://offer.alibaba.com/cps/rq9rg325?tp1=61df1eb0030001000179297a&pid=868_4850undefined&adid= http://offer.alibaba.com/product/w404 https://offer.alibaba.com/product/w404	0 0	124ms 124ms	Stylesheet text/html	104.111.243.137 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/product/w404 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-137.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers Location https://offer.alibaba.com/product/w404 Non-Authoritative-Reason HSTS
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	74ms 21ms	Stylesheet text/plain	136.243.5.28 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=656806&pub_id=10&pub_click_id=NCT_iphone_de_ofid13163944_pidundefined_sub1,_sub2,_sub3,_nat28_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&gaid=D4177CF7-BB26-4182-B115-45480B68133F&idfa=D4177CF7-BB26-4182-B115-45480B68133F&app=id593715088 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.243.5.28 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.28.5.243.136.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 18:32:16 GMT content-length 0
GET H2	200	w404 offer.alibaba.com/product/ Redirect Chain https://t.9696.me/click?pid=868&offer_id=148018&sub4=NCT_iphone_de_ofid12277221_pidundefined_sub1,_sub2,_sub3,_nat29_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id593715088 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id593715088&sub1=868_4850undefined&sub2=868_4850undefined_, https://offer.alibaba.com/cps/rq9rg325?tp1=61df1eb0ddf5d5000188a30e&pid=868_4850undefined&adid= http://offer.alibaba.com/product/w404 https://offer.alibaba.com/product/w404	0 0	123ms 123ms	Stylesheet text/html	104.111.243.137 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/product/w404 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-137.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers Location https://offer.alibaba.com/product/w404 Non-Authoritative-Reason HSTS
GET H2	200	en www.visitdubai.com/ Redirect Chain https://md412.trckswrm.com/click?offer_id=230581&pub_id=10&pub_click_id=NCT_iphone_de_ofid13045586_pidundefined_sub1,_sub2,_sub3,_nat30_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id5... https://ad.mobcho.com/click?pid=252&offer_id=33&sub2=Atf7u7UAAAF-T4_iGAADSVkAAAAHAAAAAw&sub3=7_10&sub1=&sub4=&sub5=id593715088 https://www.visitdubai.com/en/win-a-trip-with-rixos https://www.visitdubai.com/en	0 0	399ms 399ms	Stylesheet text/html	2a02:26f0:6c00:2ae::374e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.visitdubai.com/en Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 2a02:26f0:6c00:2ae::374e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Wed, 12 Jan 2022 18:32:17 GMT server AkamaiGHost strict-transport-security max-age=31536000 ; includeSubDomains ; preload location https://www.visitdubai.com/en cache-control max-age=0 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 0 expires Wed, 12 Jan 2022 18:32:17 GMT
GET H/1.1	200 OK	disabled.html appricotads.g2afse.com/ Redirect Chain https://appricotads.g2afse.com/click?pid=251&offer_id=440011&ref_id=NCT_iphone_de_ofid12965563_pidundefined_sub1,_sub2,_sub3,_nat31_sub4_sub5&sub1=251_4850undefined&sub2=,&sub6=id593715088 http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850undefined&sub2=,&sub3=&sub4=&sub5=251&sub6=251_4850undefined&sub7=,&sub8=440011 http://appricotads.g2afse.com/disabled.html	0 0	16ms 16ms	Stylesheet text/html	213.227.134.234 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://appricotads.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Server 213.227.134.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers Location http://appricotads.g2afse.com/disabled.html Date Wed, 12 Jan 2022 18:32:16 GMT Server nginx Connection keep-alive Access-Control-Allow-Origin * Content-Length 0
GET H2	200	/ offer.alibaba.com/ Redirect Chain https://aptrt.trckswrm.com/click?offer_id=42611&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid12940904_pidundefined_sub1,_sub2,_sub3,_nat32_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=... https://appad.g2afse.com/click?pid=34&offer_id=57719&sub1=AsSYOiEAAAF-T4_iFAAApOAAAACAAAAABQ&sub2=128.29&sub7=id593715088&sub6=&sub4=&sub8=pjXKh9DKPWkGlTI9LW1J__7 https://greengrass.g2afse.com/click?pid=256&offer_id=468&sub1=61df1eb04f0f7c000195bda6&sub2=128.29&sub5= https://offer.alibaba.com/cps/p8snq151?bm=cps&src=saf&tp1=61df1eb06674450001cb88fd&adid=&pid=256&tp2=61df1eb04f0f7c000195bda6&tp3=128.29 https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=p8snq151&e=6	0 0	152ms 152ms	Stylesheet text/html	104.111.243.137 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=p8snq151&e=6 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-137.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers strict-transport-security max-age=31536000 ; includeSubDomains, max-age=31536000 x-content-type-options nosniff timing-allow-origin * p3p CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' server-timing rt;dur=0.025,eagleid;desc=2101e38216420123368844010efdd1 content-length 10 x-xss-protection 1; mode=block x-application-context arcadia:7001 havana_s_tag 285873024335988\|134217728^\|^^ referrer-policy unsafe-url havana_s_v 4.0.2.6 x-frame-options DENY date Wed, 12 Jan 2022 18:32:16 GMT havana_s_ip 45707956496f436e6e4568456267733d location https://offer.alibaba.com?bm=cps&src=saf&cps_sk=p8snq151&e=6 havana_s_group havana-session content-language de-DE pragma no-cache havana_s_tid 2101e38216420123368844010efdd1 havana_s_status STATUS_NOT_EXISTED cache-control max-age=0, no-cache, no-store edge-type akamai content-type text/html;charset=UTF-8 eagleid 2101e38216420123368844010efdd1 havana_s_ucode USEAST:USEAST expires Wed, 12 Jan 2022 18:32:16 GMT
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=145251&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13069158_pidundefined_sub1,_sub2,_sub3,_nat33_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	38ms 11ms	Stylesheet text/plain	88.99.70.114 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Server 88.99.70.114 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.114.70.99.88.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 18:32:16 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Wed, 12 Jan 2022 18:32:16 GMT referrer-policy no-referrer content-length 0
GET H2	404	click trafficred.g2afse.com/ Redirect Chain https://md412.trckswrm.com/click?offer_id=232538&pub_id=10&pub_click_id=NCT_iphone_de_ofid13069147_pidundefined_sub1,_sub2,_sub3,_nat34_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id5... https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AvigcE4AAAF-T4_iGAADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id593715088	0 0	72ms 16ms	Stylesheet text/html	213.227.156.193 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AvigcE4AAAF-T4_iGAADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id593715088 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 213.227.156.193 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AvigcE4AAAF-T4_iGAADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id593715088 date Wed, 12 Jan 2022 18:32:16 GMT referrer-policy no-referrer content-length 0
GET H/1.1	200 OK	click apply.trckswrm.com/	0 75 B	68ms 26ms	Stylesheet text/plain	136.243.5.43 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apply.trckswrm.com/click?offer_id=22278&pub_id=29&pub_click_id=NCT_iphone_de_ofid13066211_pidundefined_sub1,_sub2,_sub3,_nat35_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id593715088 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.243.5.43 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.43.5.243.136.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 18:32:16 GMT content-length 0
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=209353&pub_id=646&pub_click_id=NCT_iphone_de_ofid13074690_pidundefined_sub1,_sub2,_sub3,_nat36_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&app=id5937... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	39ms 12ms	Stylesheet text/plain	88.99.70.114 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Server 88.99.70.114 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.114.70.99.88.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 18:32:16 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Wed, 12 Jan 2022 18:32:16 GMT referrer-policy no-referrer content-length 0
GET H2	200	/ offer.alibaba.com/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=1755195&sub1=NCT_iphone_de_ofid13181628_pidundefined_sub1,_sub2,_sub3,_nat37_sub4_sub5&sub2=358760undefined_,&sub5=id593715088 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://aptrt.trckswrm.com/click?offer_id=56032&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid13182992_pid616_sub1_sub22_sub3ElishaSL_nat13_sub4_sub5&pub_sub_id=358760616&pub_sub_sub_id=2&app=... https://appad.g2afse.com/click?pid=34&offer_id=57719&sub1=Au8I19EAAAF-T4_iiwAApOAAAACAAAAABQ&sub2=128.29&sub7=id314716233&sub6=&sub4=&sub8=WaVRIHaSHTy9hUJ0wkyf__7 https://greengrass.g2afse.com/click?pid=256&offer_id=468&sub1=61df1eb04f0f7c000195bdc5&sub2=128.29&sub5= https://offer.alibaba.com/cps/p8snq151?bm=cps&src=saf&tp1=61df1eb029c8f60001b10835&adid=&pid=256&tp2=61df1eb04f0f7c000195bdc5&tp3=128.29 https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=p8snq151&e=6	0 0	145ms 145ms	Stylesheet text/html	104.111.243.137 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=p8snq151&e=6 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-137.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers strict-transport-security max-age=31536000 ; includeSubDomains, max-age=31536000 x-content-type-options nosniff timing-allow-origin * p3p CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' server-timing rt;dur=0.025,eagleid;desc=2101e38216420123368892501efdca content-length 10 x-xss-protection 1; mode=block x-application-context arcadia:7001 havana_s_tag 285873024335988\|134217728^\|^^ referrer-policy unsafe-url havana_s_v 4.0.2.6 x-frame-options DENY date Wed, 12 Jan 2022 18:32:16 GMT havana_s_ip 45707956496f436e6d51704151544e4b location https://offer.alibaba.com?bm=cps&src=saf&cps_sk=p8snq151&e=6 havana_s_group havana-session content-language de-DE pragma no-cache havana_s_tid 2101e38216420123368892501efdca havana_s_status STATUS_NOT_EXISTED cache-control max-age=0, no-cache, no-store edge-type akamai content-type text/html;charset=UTF-8 eagleid 2101e38216420123368892501efdca havana_s_ucode USEAST:USEAST expires Wed, 12 Jan 2022 18:32:16 GMT
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	70ms 20ms	Stylesheet text/plain	136.243.5.28 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=678915&pub_id=55&pub_click_id=NCT_iphone_de_ofid13177813_pidundefined_sub1,_sub2,_sub3,_nat38_sub4_sub5&pub_sub_id=358760undefined&pub_sub_sub_id=,&idfa=D4177CF7-BB26-4182-B115-45480B68133F&gaid=D4177CF7-BB26-4182-B115-45480B68133F&app=id593715088 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.243.5.28 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.28.5.243.136.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 18:32:16 GMT content-length 0
GET H2	200	disabled.html mookomedia.g2afse.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=206008&sub1=NCT_iphone_de_ofid11979302_pidundefined_sub1,_sub2,_sub3,_nat39_sub4_sub5&sub4=358760undefined_,&sub5=id593715088 http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 https://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 http://mookomedia.g2afse.com/disabled.html https://mookomedia.g2afse.com/disabled.html	0 0	17ms 17ms	Stylesheet text/html	213.227.156.19 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://mookomedia.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 213.227.156.19 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers Location https://mookomedia.g2afse.com/disabled.html Date Wed, 12 Jan 2022 18:32:16 GMT Server nginx Connection keep-alive Content-Length 138 Content-Type text/html
GET H2	200	notify.html welcome.mylot.com/ Redirect Chain https://appscogent.g2afse.com/click?pid=27&offer_id=615144&sub1=NCT_iphone_de_ofid13068081_pidundefined_sub1,_sub2,_sub3,_nat40_sub4_sub5&sub2=358760undefined_,&sub5=id593715088 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1011&cid=&sid=27_358760undefined_,&udid=&name=&info=AppscogentSL&blockTime=0 https://amazus.g2afse.com/click?pid=4&offer_id=18874&sub1=NCT_iphone_de_ofid13089998_pid616_sub1_sub227_358760undefined_,_sub3AppscogentSL_nat7_sub4_sub5&sub2=358760616_27_358760undefined_,&sub3=CA... https://t1.coolnovemberbreeze.com/g.php?p=c:xecd97ulljoow2567&d=616fcbe4a9c13d20c01cde81&s=358760616_27_358760undefined_,&pid= https://34.us.brownwinds.xyz/feed/?link=true&tid=34&subid=34-358760616_27_358760undefined_,&ref=&s1=61df1eb04f969d44d4320feb http://redir.brownwinds.xyz/feed/click/?t1=128&tid=34&uid=10&subid=34-358760616_27_358760undefined_,&id=0bcc25542e1f2119d1701d906ec65ee0:50d37ff26496dd2d6a4b92dc8054e8e257b0ba30dbe0cbee0bceefebbc01... http://www.toromclick.com/feed/click/?t1=128&tid=465&uid=36&subid=34_34-358760616_27_358760undefined_,&id=8a6006ef6146fd49bd3c0dcdedf557ea:1fafc95ee8a172ca397d78bd4474a0a00d7aaffc303e39336c8e902152... http://c.mylot.com/go.ashx?w=cD1leHBsb3JhZHN0b3Jyb21pJms9ZmlsbWk3LmNvbSZiPTAuMDAwMSZzPTQ2NV8zNF8zNC0zNTg3NjA2MTZfMjdfMzU4NzYwdW5kZWZpbmVkXyUyYyZhPTA1 https://welcome.mylot.com/notify.html?s1=swy11y32nk1yvz7o_%2c_noxsponx4aghifd_hc_gbgaghifd-ed_ed_fge&s2=outlook.live.com	750 B 908 B	329ms 101ms	Stylesheet text/html	52.72.170.254 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://welcome.mylot.com/notify.html?s1=swy11y32nk1yvz7o_%2c_noxsponx4aghifd_hc_gbgaghifd-ed_ed_fge&s2=outlook.live.com Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 52.72.170.254 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-72-170-254.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / Resource Hash `38f7cc29085cf85f1eb650eeb7edc3495475c115139d9910445682739cbb84e3` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 18:32:19 GMT last-modified Wed, 12 Aug 2020 15:57:32 GMT server Microsoft-IIS/10.0 accept-ranges bytes etag "07e9c49c170d61:0" content-length 750 content-type text/html Redirect headers Location https://welcome.mylot.com/notify.html?s1=swy11y32nk1yvz7o_%2c_noxsponx4aghifd_hc_gbgaghifd-ed_ed_fge&s2=outlook.live.com Date Wed, 12 Jan 2022 18:32:18 GMT Cache-Control private Server Microsoft-IIS/10.0 Connection keep-alive Content-Length 241 Content-Type text/html; charset=utf-8
GET H2	200	/ www.google.com/ Redirect Chain https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D https://www.google.com/	0 0	196ms 113ms	Stylesheet text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Wed, 12 Jan 2022 18:32:17 GMT referrer-policy origin cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1UThLKQMv7eEgrRnDFdIRRU3P6%2FjtmO03vKfaZFD1ylvXVvwbU5TspuUWhFGfmW4Iw9hB%2BdRZ0j1C0mt%2BUCEwBOLoIxJ8QBvCiKxcCYzXy2alXjk%2BHx9sH0r5KmpoI%3D"}],"group":"cf-nel","max_age":604800} location https://www.google.com cf-ray 6cc8777178ef74ab-IAD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 0
GET H2	404	click trk.games-to-run123.com/	0 0	102ms 101ms	Stylesheet text/html	3.224.8.153 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.games-to-run123.com/click?affid=47&cmpid=f622a0ebab383e24&clickid=NCT_iphone_de_ofid11510342_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&siteid=358760undefined_, Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=748&CID=&SID=375&UDID=&NAME=&INFO=GOWMSL&BLOCKTIME=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.224.8.153 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-224-8-153.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 18:32:18 GMT content-length 13 content-type text/html
GET		ps il32.co/ Redirect Chain https://maxtopmedia.g2afse.com/click?pid=166&offer_id=89536&sub1=NCT_iphone_de_ofid13029846_pidundefined_sub1,_sub2,_sub3,_nat11_sub4_sub5&sub2=358760undefined_,&sub3=D4177CF7-BB26-4182-B115-45480B... https://maxtopmedia.g2afse.com/click?pid=166&offer_id=41297&sub4=89536 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=630&cid=61df1eb27c161400014d8ac8&sid=166_&udid=&name=&info=MTMsl&blockTime=0 https://zildd.g2afse.com/click?pid=35&offer_id=3307478&sub1=NCT_iphone_de_ofid12900132_pid616_sub161df1eb27c161400014d8ac8_sub2166__sub3MTMsl_nat12_sub4_sub5&sub2=358760616_166_&sub3=id500963785 https://ila3.co/o/213838?p=3&aff_clickid=61df1eb280e0b00001513b7a&sub2=358760616_166_&sub1=35_358760616_166_&app_name=id500963785&idfa=&gaid= https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_35_358760616_166_&target=	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=59&offer_id=7294

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=38&offer_id=7294

Domain: il32.co
URL: https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_35_358760616_166_&target=

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
appad.g2afse.com/	1970-01-20 08:52:28	Name: afoffers Value: {"57719":1642012336}
t.9696.me/	1970-01-20 08:52:28	Name: afclick Value: 61df1eb0030001000179297a
.gotrackier.com/	1970-01-20 00:06:54	Name: __cf_bm Value: ssyH22gFX07iCAp1IUhXv_jO9qD5CfWlfBbYpFz8rOc-1642012336-0-ATDFJG4216plPBdg2I0sSH2hNlRY0euNQd4DAk3O6L3Xx5zenkONBY7n+VsZbMLmKVrmXrj/RyJUvJrIwuPdFFQ=
greengrass.g2afse.com/	1970-01-20 08:52:28	Name: afoffers Value: {"468":1642012336}
ad.mobcho.com/	1970-01-20 08:52:28	Name: afclick Value: 61df1eb0abbc8a0001f42927
ad.mobcho.com/	1970-01-20 08:52:28	Name: afoffers Value: {"33":1642012336}
appad.g2afse.com/	1970-01-20 08:52:28	Name: afclick Value: 61df1eb04f0f7c000195bdc5
greengrass.g2afse.com/	1970-01-20 08:52:28	Name: afclick Value: 61df1eb029c8f60001b10835
ad-experience.g2afse.com/	1970-01-20 08:52:28	Name: afclick Value: 61df1eb05a866600017c9f3c
ad-experience.g2afse.com/	1970-01-20 08:52:28	Name: afoffers Value: {"598334":1642012336}
track.2elementr.com/	1970-01-20 08:52:28	Name: afclick Value: 61df1eb0f3a58400018ddd22
track.2elementr.com/	1970-01-20 08:52:28	Name: afoffers Value: {"328240":1642012336}
.alibaba.com/	1969-12-31 23:59:59	Name: cookie2 Value: ac719b76b23dfe261eb19b633377715a
.alibaba.com/	1970-01-23 13:32:53	Name: t Value: c89965a6911b386d21dc055313db25b9
.alibaba.com/	1969-12-31 23:59:59	Name: _tb_token_ Value: 765e0b7b673b6
maxtopmedia.g2afse.com/	1970-01-20 08:52:28	Name: afclick Value: 61df1eb27c161400014d8ac8
maxtopmedia.g2afse.com/	1970-01-20 08:52:28	Name: afoffers Value: {"41297":1642012338}
zildd.g2afse.com/	1970-01-20 08:52:28	Name: afclick Value: 61df1eb280e0b00001513b7a
zildd.g2afse.com/	1970-01-20 08:52:28	Name: afoffers Value: {"3307478":1642012338}

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AvigcE4AAAF-T4_iGAADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id593715088 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.games-to-run123.com/click?affid=47&cmpid=f622a0ebab383e24&clickid=NCT_iphone_de_ofid11510342_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&siteid=358760undefined_, Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_358760undefined&creativeid=POP&category=01 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://imagineads.g2afse.com/click?pid=38&offer_id=7294 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://imagineads.g2afse.com/click?pid=59&offer_id=7294 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://clk.medialabels.de/click?a=83023337&o=87113342&sub_id=61df1eb0f3a58400018ddd22&sub_id2=611&sub_id3=851&sub_id4=Audiomack Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.games-to-run123.com/click?affid=47&cmpid=f622a0ebab383e24&clickid=NCT_iphone_de_ofid11510342_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&siteid=358760undefined_, Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

34.us.brownwinds.xyz
ad-experience.g2afse.com
ad.mobcho.com
adsperfection.g2afse.com
advdgt.trckswrm.com
amazus.g2afse.com
ams3.clkstream.com
apnp.trckswrm.com
appad.g2afse.com
apply.trckswrm.com
appricotads.g2afse.com
appscogent.g2afse.com
aptrt.trckswrm.com
apts.trckswrm.com
c.allontrk.com
c.mylot.com
clk.medialabels.de
cpi-offers.com
digitalfuture.g2afse.com
direct2.knmasdfsdgs.com
go2.lkjlkjkljsdflkjsdfklsfjklsd.com
greengrass.g2afse.com
il32.co
ila3.co
imagineads.g2afse.com
marlinads.g2afse.com
maxtopmedia.g2afse.com
md412.trckswrm.com
miao.labtrffc.com
mookomedia.g2afse.com
nexamob.g2afse.com
offer.alibaba.com
olamob.g2afse.com
popcash.net
ps.popcash.net
redir.brownwinds.xyz
settleads.gotrackier.com
t.9696.me
t1.coolnovemberbreeze.com
track.2elementr.com
track.m15trk.com
trafficred.g2afse.com
trk.ad-serving-ads.com
trk.games-to-run123.com
welcome.mylot.com
www.google.com
www.toromclick.com
www.visitdubai.com
zainzuri.com
zildd.g2afse.com
il32.co
imagineads.g2afse.com
104.111.243.137
104.21.66.249
136.243.5.28
136.243.5.43
142.93.240.225
157.90.33.241
173.212.201.66
185.33.87.146
212.7.209.71
213.227.134.196
213.227.134.198
213.227.134.204
213.227.134.234
213.227.135.207
213.227.135.213
213.227.135.229
213.227.135.231
213.227.135.235
213.227.156.19
213.227.156.193
213.227.156.21
213.227.156.234
23.235.251.114
2606:4700:10::6816:2256
2606:4700:20::681a:cbb
2606:4700:21::681b:ce5c
2a00:1450:4001:827::2004
2a02:26f0:6c00:2ae::374e
3.127.100.137
3.224.8.153
34.134.37.160
35.171.97.125
35.201.98.21
5.9.5.213
5.9.6.124
51.161.115.163
51.83.143.92
52.72.170.254
52.72.232.140
54.210.43.149
88.99.70.114
1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6
38f7cc29085cf85f1eb650eeb7edc3495475c115139d9910445682739cbb84e3
3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1
58433d4316e481cb57d1fe888f656a3d3847ff84a0feec93bc06734234154835
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cpi-offers.com Open in urlscan Pro 3.127.100.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

45 Requests

27 %HTTPS

12 %IPv6

27 Domains

50 Subdomains

23 IPs

6 Countries

6 kBTransfer

13 kBSize

19 Cookies

0 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

cpi-offers.com Open in urlscan Pro
3.127.100.137 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

27 %
HTTPS

12 %
IPv6

27
Domains

50
Subdomains

23
IPs

6
Countries

6 kB
Transfer

13 kB
Size

19
Cookies

45 HTTP transactions
0 data transactions