cpi-offers.com Open in urlscan Pro
54.93.38.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockT...
Effective URL:
http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockT...
Submission: On January 23 via manual (January 23rd 2022, 11:55:03 am UTC) from IL — Scanned from DE

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 19 domains to perform 46 HTTP transactions. The main IP is 54.93.38.64, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com. The Cisco Umbrella rank of the primary domain is 28249.

This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12 16	54.93.38.64 54.93.38.64	16509 (AMAZON-02) (AMAZON-02)
2 2	212.7.209.75 212.7.209.75	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	185.33.87.146 185.33.87.146	202015 (HZ-US-AS) (HZ-US-AS)
6 9	213.227.135.207 213.227.135.207	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5 10	136.243.5.43 136.243.5.43	24940 (HETZNER-AS) (HETZNER-AS)
1	173.212.201.66 173.212.201.66	51167 (CONTABO) (CONTABO)
2 3	213.227.134.242 213.227.134.242	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.134.202 213.227.134.202	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4 16	5.9.5.213 5.9.5.213	24940 (HETZNER-AS) (HETZNER-AS)
2 2	213.227.134.236 213.227.134.236	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
6 6	213.227.135.231 213.227.135.231	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
6 6	213.227.134.240 213.227.134.240	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.227.135.233 213.227.135.233	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.227.134.200 213.227.134.200	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	18.64.79.99 18.64.79.99	16509 (AMAZON-02) (AMAZON-02)
20 25	213.227.134.204 213.227.134.204	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	213.227.135.235 213.227.135.235	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4	213.227.156.193 213.227.156.193	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	84.110.34.195 84.110.34.195	8551 (BEZEQ-INT...) (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone)
1 1	63.32.229.101 63.32.229.101	16509 (AMAZON-02) (AMAZON-02)
1 1	185.151.204.8 185.151.204.8	61273 (ADJUST-NL) (ADJUST-NL)
1	2a02:26f0:170... 2a02:26f0:1700:391::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 6	213.227.134.234 213.227.134.234	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	212.7.209.71 212.7.209.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	104.92.96.135 104.92.96.135	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	172.67.166.138 172.67.166.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
46	16

16 54.93.38.64 (Frankfurt am Main, Germany) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-38-64.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.7.209.75 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

gowith.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.87.146 (Ashburn, United States)

ASN202015 (HZ-US-AS, BG)

direct2.knmasdfsdgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 213.227.135.207 (Netherlands) 6 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

media.appm.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 136.243.5.43 (Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.43.5.243.136.clients.your-server.de

c.allontrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.212.201.66 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: m10082.contaboserver.net

ila3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.134.242 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

zildd.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
allmarketing.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.134.202 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

go2.lkjlkjkljsdflkjsdfklsfjklsd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 5.9.5.213 (Germany) 4 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.213.5.9.5.clients.your-server.de

apts.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
md412.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.134.236 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

digitalfuture.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.227.135.231 (Netherlands) 6 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

olamob.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.227.134.240 (Netherlands) 6 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appscogent.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad-experience.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.135.233 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ahm.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.134.200 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

adright.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.79.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-99.txl50.r.cloudfront.net

impression.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 213.227.134.204 (Netherlands) 20 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

mookomedia.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.135.235 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

apply.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.227.156.193 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

trafficred.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.110.34.195 (Netanya, Israel) 1 redirects

ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL)
PTR: bzq-84-110-34-195.static-ip.bezeqint.net

rewardsctr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.229.101 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-229-101.eu-west-1.compute.amazonaws.com

click-event.wuzztrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.151.204.8 (United States) 1 redirects

ASN61273 (ADJUST-NL, DE)

app.adjust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:391::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

apps.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.227.134.234 (Netherlands) 4 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appricotads.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.7.209.71 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

t.9696.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.96.135 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-96-135.deploy.static.akamaitechnologies.com

offer.alibaba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.166.138 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zainzuri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	g2afse.com 42 redirects zildd.g2afse.com — Cisco Umbrella Rank: 49223 digitalfuture.g2afse.com — Cisco Umbrella Rank: 35599 olamob.g2afse.com — Cisco Umbrella Rank: 42121 appscogent.g2afse.com — Cisco Umbrella Rank: 47640 allmarketing.g2afse.com — Cisco Umbrella Rank: 44785 ahm.g2afse.com — Cisco Umbrella Rank: 60808 adright.g2afse.com — Cisco Umbrella Rank: 44379 mookomedia.g2afse.com — Cisco Umbrella Rank: 42611 apply.g2afse.com — Cisco Umbrella Rank: 65536 trafficred.g2afse.com — Cisco Umbrella Rank: 410434 ad-experience.g2afse.com — Cisco Umbrella Rank: 42316 appricotads.g2afse.com — Cisco Umbrella Rank: 53873	9 KB
16	trckswrm.com 4 redirects apts.trckswrm.com — Cisco Umbrella Rank: 32730 md412.trckswrm.com — Cisco Umbrella Rank: 53514	2 KB
16	cpi-offers.com 12 redirects cpi-offers.com — Cisco Umbrella Rank: 28249	6 KB
10	allontrk.com 5 redirects c.allontrk.com — Cisco Umbrella Rank: 34748	1 KB
9	appm.app 6 redirects media.appm.app — Cisco Umbrella Rank: 40497	933 B
2	alibaba.com 1 redirects offer.alibaba.com — Cisco Umbrella Rank: 24953	1 KB
2	9696.me 2 redirects t.9696.me — Cisco Umbrella Rank: 35348	427 B
2	lkjlkjkljsdflkjsdfklsfjklsd.com 2 redirects go2.lkjlkjkljsdflkjsdfklsfjklsd.com — Cisco Umbrella Rank: 40190	379 B
2	knmasdfsdgs.com direct2.knmasdfsdgs.com — Cisco Umbrella Rank: 40924	276 B
2	go2affise.com 2 redirects gowith.go2affise.com — Cisco Umbrella Rank: 50560	353 B
1	google.com www.google.com — Cisco Umbrella Rank: 13
1	zainzuri.com 1 redirects zainzuri.com — Cisco Umbrella Rank: 78406	516 B
1	apple.com apps.apple.com — Cisco Umbrella Rank: 798
1	adjust.com 1 redirects app.adjust.com — Cisco Umbrella Rank: 979	880 B
1	wuzztrack.com 1 redirects click-event.wuzztrack.com — Cisco Umbrella Rank: 272091	2 KB
1	rewardsctr.com 1 redirects rewardsctr.com — Cisco Umbrella Rank: 62603	465 B
1	appsflyer.com impression.appsflyer.com — Cisco Umbrella Rank: 1575	311 B
1	ila3.co ila3.co — Cisco Umbrella Rank: 45219	198 B
0	soldbyphonder.com Failed direct4.soldbyphonder.com Failed
46	19

	Domain	Requested by
25	mookomedia.g2afse.com	20 redirects cpi-offers.com
16	cpi-offers.com	12 redirects cpi-offers.com
12	apts.trckswrm.com	cpi-offers.com
10	c.allontrk.com	5 redirects cpi-offers.com
9	media.appm.app	6 redirects cpi-offers.com
6	appricotads.g2afse.com	4 redirects cpi-offers.com
6	olamob.g2afse.com	6 redirects
5	ad-experience.g2afse.com	5 redirects
4	trafficred.g2afse.com	cpi-offers.com
4	md412.trckswrm.com	4 redirects
2	offer.alibaba.com	1 redirects cpi-offers.com
2	t.9696.me	2 redirects
2	digitalfuture.g2afse.com	2 redirects
2	go2.lkjlkjkljsdflkjsdfklsfjklsd.com	2 redirects
2	zildd.g2afse.com	1 redirects cpi-offers.com
2	direct2.knmasdfsdgs.com	cpi-offers.com
2	gowith.go2affise.com	2 redirects
1	www.google.com	cpi-offers.com
1	zainzuri.com	1 redirects
1	apps.apple.com	cpi-offers.com
1	app.adjust.com	1 redirects
1	click-event.wuzztrack.com	1 redirects
1	rewardsctr.com	1 redirects
1	apply.g2afse.com	cpi-offers.com
1	impression.appsflyer.com	cpi-offers.com
1	adright.g2afse.com	1 redirects
1	ahm.g2afse.com	1 redirects
1	allmarketing.g2afse.com	1 redirects
1	appscogent.g2afse.com	1 redirects
1	ila3.co	cpi-offers.com
0	direct4.soldbyphonder.com Failed	cpi-offers.com
46	31

This site contains no links.

Subject Issuer	Validity	Valid
cpi-offers.com Amazon	`2021-10-26` - `2022-11-23`	a year	crt.sh
*.knmasdfsdgs.com Go Daddy Secure Certificate Authority - G2	`2021-07-14` - `2022-08-15`	a year	crt.sh
ila3.co R3	`2021-12-10` - `2022-03-10`	3 months	crt.sh
apts.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2021-12-16` - `2022-03-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Frame ID: 42F3B0435A760A67492BF2945F3AE6EC
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

46
Requests

28 %
HTTPS

7 %
IPv6

19
Domains

31
Subdomains

16
IPs

5
Countries

5 kB
Transfer

10 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://gowith.go2affise.com/click?pid=141&offer_id=2307935&sub1=NCT_iphone_de_ofid12910342_pid1004_sub1_sub24_sub3RingolaSL_nat1_sub4_sub5&sub2=6100701004_4&sub4=id997362197 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=&sid=141&udid=&name=&info=GOWMsl&blockTime=0 HTTP 302
https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=610070616&q=

Request Chain 4

https://kuno-gae.com/com.id997362197?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd HTTP 302
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=49a64815-7c43-11ec-ba54-0a218d8ef94f

Request Chain 5

https://media.appm.app/click?pid=263&offer_id=78451&sub1=NCT_iphone_de_ofid13200490_pid1004_sub1_sub24_sub3RingolaSL_nat5_sub4_sub5&sub2=6100701004&sub3=id997362197&sub4=4&sub6=id997362197 HTTP 302
https://media.appm.app/sl?id=5c13c0a659b8ac00406bd7d4&pid=6&sub1=NCT_iphone_de_ofid13200490_pid1004_sub1_sub24_sub3RingolaSL_nat5_sub4_sub5&sub2=263_6100701004&sub3=id997362197&sub5= HTTP 302
http://media.appm.app/disabled.html HTTP 307
https://media.appm.app/disabled.html

Request Chain 6

https://c.allontrk.com/click?offer_id=161332&pub_id=636&pub_click_id=NCT_iphone_de_ofid13069475_pid1004_sub1_sub24_sub3RingolaSL_nat6_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 8

https://media.appm.app/click?pid=185&offer_id=77249&sub1=NCT_iphone_de_ofid12992710_pid1004_sub1_sub24_sub3RingolaSL_nat8_sub4_sub5&sub2=6100701004&sub3=id997362197&sub4=4 HTTP 302
https://media.appm.app/sl?id=5c13c0a659b8ac00406bd7d4&pid=6&sub1=NCT_iphone_de_ofid12992710_pid1004_sub1_sub24_sub3RingolaSL_nat8_sub4_sub5&sub2=185_6100701004&sub3=id997362197&sub5= HTTP 302
http://media.appm.app/disabled.html HTTP 307
https://media.appm.app/disabled.html

Request Chain 9

https://zildd.g2afse.com/click?pid=35&offer_id=3443087&sub1=NCT_iphone_de_ofid13163544_pid1004_sub1_sub24_sub3RingolaSL_nat9_sub4_sub5&sub2=6100701004_4&sub3=id997362197 HTTP 302
http://zildd.g2afse.com/disabled.html

Request Chain 10

https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=1004&offer_id=13084553&sub1=&sub2=4&sub3=RingolaSL_nat10&sub4=B3D8EEAC-0913-4055-9EBF-B89EBB80220C&sub5=id997362197&sub6=610070 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://apts.trckswrm.com/click?offer_id=577002&pub_id=10&pub_click_id=NCT_iphone_de_ofid12953586_pid616_sub1_sub2_sub3TbLabq_nat6_sub4_sub5&pub_sub_id=610070616&pub_sub_sub_id=&app=id412443566

Request Chain 11

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1743361&sub1=NCT_iphone_de_ofid13029625_pid1004_sub1_sub24_sub3RingolaSL_nat11_sub4_sub5&sub2=6100701004_4&sub5=id997362197 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://olamob.g2afse.com/click?pid=101&offer_id=1180164&sub1=NCT_iphone_de_ofid13186063_pid616_sub1_sub22_sub3ElishaSL_nat14_sub4_sub5&sub2=610070616_2&sub4=id314716233&sub8=%7Bsub8%7D%7C%7Boffer_id%7D,4850616 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=101&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://appscogent.g2afse.com/click?pid=27&offer_id=680811&sub1=NCT_iphone_de_ofid13186345_pid616_sub1_sub2101_sub3OlaMobSL_nat7_sub4_sub5&sub2=610070616_101&sub5=id593715088 HTTP 302
https://allmarketing.g2afse.com/click?pid=778&offer_id=4931310&sub1=61ed42129c05bb0001bb8cd6&sub2=27_610070616_101&sub3=&sub3=&sub4=id593715088 HTTP 302
http://ahm.g2afse.com/click?pid=604&offer_id=119686&sub1=61ed4212b846c3000117cb7f&sub2=778_27_610070616_101&sub3=id593715088&sub4= HTTP 302
https://adright.g2afse.com/click?pid=197&offer_id=3483057&sub1=604&sub2=61ed4212710fa80001573b60&sub3=&sub4=604_778_27_610070616_101&sub5=id593715088&sub7= HTTP 302
https://impression.appsflyer.com/id1262148500?af_prt=moblin&pid=adright_int&af_ad_id=604&af_viewthrough_lookback=1d&clickid=61ed4212e007ad000122a757&af_cost_model=cpi&af_cost_value=8.5&af_channel=0991&c=Zoomd_DE_iOS_de&af_siteid=|3483057,197&af_channel=197&af_ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&af_lang=de-DE&af_ip=138.199.38.133

Request Chain 12

https://mookomedia.g2afse.com/click?pid=42&offer_id=206096&sub1=NCT_iphone_de_ofid11981014_pid1004_sub1_sub24_sub3RingolaSL_nat12_sub4_sub5&sub4=6100701004_4&sub5=id997362197 HTTP 302
http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 HTTP 302
https://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 HTTP 302
http://mookomedia.g2afse.com/disabled.html HTTP 302
https://mookomedia.g2afse.com/disabled.html

Request Chain 14

https://olamob.g2afse.com/click?pid=101&offer_id=1180164&sub1=NCT_iphone_de_ofid13186063_pid1004_sub1_sub24_sub3RingolaSL_nat14_sub4_sub5&sub2=6100701004_4&sub4=id997362197&sub8={sub8}|{offer_id},48501004 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=101&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://apply.g2afse.com/click?pid=3&offer_id=354214&sub1=NCT_iphone_de_ofid12775565_pid616_sub1_sub2101_sub3OlaMobSL_nat6_sub4_sub5&sub4=id1423046460&sub2=610070616_101

Request Chain 17

https://md412.trckswrm.com/click?offer_id=218721&pub_id=10&pub_click_id=NCT_iphone_de_ofid13191624_pid1004_sub1_sub24_sub3RingolaSL_nat17_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197 HTTP 302
https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=Am0EqzEAAAF-hsoWTAADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197

Request Chain 18

https://mookomedia.g2afse.com/click?pid=42&offer_id=211086&sub1=NCT_iphone_de_ofid12206590_pid1004_sub1_sub24_sub3RingolaSL_nat18_sub4_sub5&sub4=6100701004_4&sub3=B3D8EEAC-0913-4055-9EBF-B89EBB80220C&sub2=B3D8EEAC-0913-4055-9EBF-B89EBB80220C&sub5=id997362197 HTTP 302
http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 HTTP 302
https://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 HTTP 302
http://mookomedia.g2afse.com/disabled.html HTTP 302
https://mookomedia.g2afse.com/disabled.html

Request Chain 19

https://gowith.go2affise.com/click?pid=141&offer_id=2294523&sub1=NCT_iphone_de_ofid13028395_pid1004_sub1_sub24_sub3RingolaSL_nat19_sub4_sub5&sub2=6100701004_4&sub4=id997362197 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=&sid=141&udid=&name=&info=GOWMsl&blockTime=0 HTTP 302
https://apts.trckswrm.com/click?offer_id=621546&pub_id=10&pub_click_id=NCT_iphone_de_ofid13012082_pid616_sub1_sub2141_sub3GOWMsl_nat15_sub4_sub5&pub_sub_id=610070616&pub_sub_sub_id=141&app=id290638154

Request Chain 20

https://c.allontrk.com/click?offer_id=180272&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid12802107_pid1004_sub1_sub24_sub3RingolaSL_nat20_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 21

https://ad-experience.g2afse.com/click?pid=2&offer_id=688845&sub1=NCT_iphone_de_ofid13213190_pid1004_sub1_sub24_sub3RingolaSL_nat21_sub4_sub5&sub2=6100701004_4&sub5=id997362197 HTTP 302
https://rewardsctr.com/t/943922?A1=61ed42120ebe230001741d33&A5=2_6100701004_4&A4=id997362197&A3=_&A2=_&pip=138.199.38.133&plang=DE&pua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36 HTTP 302
https://click-event.wuzztrack.com/?campaignId=2753&publisherId=3051&publisherClickId=11ec7c4349b0814091ab47b3fa34c836_943922_72008&publisherSubId1=2079&publisherSubId2=2_6100701004_4&publisherSource=Musica%20Unlimited%20Player_1308604545&clickEventDeviceId=___&creativeId= HTTP 302
https://app.adjust.com/83fbb3e?campaign=bux0_DE_DE_duo_con_ps_aff_wuzzon_527_B1&adgroup=3051&creative=2079&click_id=3434c418345c436b93d768bf2839ad&tracker_limit=10000000&wuzzonClickId=3434c418345c436b93d768bf2839ad&install_callback=https%3A%2F%2Fconversion-event.wuzztrack.com%2F%3FcampaignId%3D2753%26campaignEventId%3D1823%26publisherId%3D3051%26wuzzonClickId%3D3434c418345c436b93d768bf2839ad%26publisherClickId%3D11ec7c4349b0814091ab47b3fa34c836_943922_72008%26clickEventInsertedOn%3D2022-01-23%26conversionEventDeviceId%3D%7Bidfa%7C%7Cgps_adid%7D%26advertiserRefId1%3D%7Badid%7D%26advertiserRefId2%3D%7Bsdk_version%7D%26platform%3Dadjust%26salesAmount%3D%7Brevenue_float%7D&rejected_install_callback=https%3A%2F%2Fconversion-event.wuzztrack.com%2F%3FwuzzonClickId%3D3434c418345c436b93d768bf2839ad%26campaignId%3D2753%26publisherId%3D3051%26status%3Drejected%26fraudMessage%3D{rejection_reason}%26clickEventInsertedOn%3D2022-01-23%26conversionEventDeviceId%3D%7Bidfa%7C%7Cgps_adid%7D%26advertiserRefId1%3D%7Badid%7D%26advertiserRefId2%3D%7Bsdk_version%7D%26platform%3Dadjust%26salesAmount%3D%7Brevenue_float%7D&rejected_reattribution_callback=https%3A%2F%2Fconversion-event.wuzztrack.com%2F%3FwuzzonClickId%3D3434c418345c436b93d768bf2839ad%26campaignId%3D2753%26publisherId%3D3051%26status%3Drejected%26fraudMessage%3D{rejection_reason}%26clickEventInsertedOn%3D2022-01-23%26conversionEventDeviceId%3D%7Bidfa%7C%7Cgps_adid%7D%26advertiserRefId1%3D%7Badid%7D%26advertiserRefId2%3D%7Bsdk_version%7D%26platform%3Dadjust%26salesAmount%3D%7Brevenue_float%7D&event_callback_22is62=https%3A%2F%2Fconversion-event.wuzztrack.com%2F%3FcampaignId%3D2753%26campaignEventId%3D1824%26publisherId%3D3051%26wuzzonClickId%3D3434c418345c436b93d768bf2839ad%26publisherClickId%3D11ec7c4349b0814091ab47b3fa34c836_943922_72008%26clickEventInsertedOn%3D2022-01-23%26conversionEventDeviceId%3D%7Bidfa%7C%7Cgps_adid%7D%26advertiserRefId1%3D%7Badid%7D%26advertiserRefId2%3D%7Bsdk_version%7D%26platform%3Dadjust%26salesAmount%3D%7Brevenue_float%7D&event_callback_xlli8v=https%3A%2F%2Fconversion-event.wuzztrack.com%2F%3FcampaignId%3D2753%26campaignEventId%3D1825%26publisherId%3D3051%26wuzzonClickId%3D3434c418345c436b93d768bf2839ad%26publisherClickId%3D11ec7c4349b0814091ab47b3fa34c836_943922_72008%26clickEventInsertedOn%3D2022-01-23%26conversionEventDeviceId%3D%7Bidfa%7C%7Cgps_adid%7D%26advertiserRefId1%3D%7Badid%7D%26advertiserRefId2%3D%7Bsdk_version%7D%26platform%3Dadjust%26salesAmount%3D%7Brevenue_float%7D&event_callback_hw4gp8=https%3A%2F%2Fconversion-event.wuzztrack.com%2F%3FcampaignId%3D2753%26campaignEventId%3D1826%26publisherId%3D3051%26wuzzonClickId%3D3434c418345c436b93d768bf2839ad%26publisherClickId%3D11ec7c4349b0814091ab47b3fa34c836_943922_72008%26clickEventInsertedOn%3D2022-01-23%26conversionEventDeviceId%3D%7Bidfa%7C%7Cgps_adid%7D%26advertiserRefId1%3D%7Badid%7D%26advertiserRefId2%3D%7Bsdk_version%7D%26platform%3Dadjust%26salesAmount%3D%7Brevenue_float%7D HTTP 302
https://apps.apple.com/app/id1478406784?mt=8

Request Chain 23

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1762039&sub1=NCT_iphone_de_ofid13199961_pid1004_sub1_sub24_sub3RingolaSL_nat23_sub4_sub5&sub2=6100701004_4&sub5=id997362197 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://media.appm.app/click?pid=185&offer_id=77249&sub1=NCT_iphone_de_ofid12992710_pid616_sub1_sub22_sub3ElishaSL_nat8_sub4_sub5&sub2=610070616&sub3=id314487667&sub4=2 HTTP 302
https://media.appm.app/sl?id=5c13c0a659b8ac00406bd7d4&pid=6&sub1=NCT_iphone_de_ofid12992710_pid616_sub1_sub22_sub3ElishaSL_nat8_sub4_sub5&sub2=185_610070616&sub3=id314487667&sub5= HTTP 302
http://media.appm.app/disabled.html HTTP 307
https://media.appm.app/disabled.html

Request Chain 25

https://appricotads.g2afse.com/click?pid=251&offer_id=439948&ref_id=NCT_iphone_de_ofid13168028_pid1004_sub1_sub24_sub3RingolaSL_nat25_sub4_sub5&sub1=251_48501004&sub2=4&sub6=id997362197 HTTP 302
http://appricotads.g2afse.com/sl?id=5f36c7061a6e4b1879225163&pid=2&ref_id=&sub1=251_48501004&sub2=4&sub3=&sub4=&sub5=251&sub6=251_48501004&sub7=4&sub8=439948 HTTP 302
http://appricotads.g2afse.com/disabled.html

Request Chain 26

https://ad-experience.g2afse.com/click?pid=2&offer_id=679486&sub1=NCT_iphone_de_ofid13013598_pid1004_sub1_sub24_sub3RingolaSL_nat26_sub4_sub5&sub2=6100701004_4&sub5=id997362197 HTTP 302
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=679486&sub3=2 HTTP 302
https://olamob.g2afse.com/click?pid=38&offer_id=1169018&sub1=61ed4212057e880001e8c054&sub2=1_679486&sub3=2&sub4=&sub8=|685141,1 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://ad-experience.g2afse.com/click?pid=2&offer_id=593028&sub1=NCT_iphone_de_ofid12144862_pid616_sub1_sub238_sub3OlaMobSL_nat6_sub4_sub5&sub2=610070616_38&sub5=id1360098321 HTTP 302
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=593028&sub3=2 HTTP 302
https://olamob.g2afse.com/click?pid=38&offer_id=1167514&sub1=61ed42120ebe230001741d55&sub2=1_593028&sub3=2&sub4=&sub8=|685256,1 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://cpi-offers.com/aflinkref?prefix=https%3A//app.adjust.com/d4qsr6r%3F&deeplink=com.tipp24.app%3A%2F%2Fopen_native_view%3Fname%3Dhome%26partnerId%3D1COAUAPHDR&idfa=AFD36A35-2E84-47A1-A4E5-05D61F4CDB44&adgroup=610070616&creative=38&tracker_limit=10000000&event_callback_1vh3pr=http%3A%2F%2Fpostbacks.eu-central-1.elasticbeanstalk.com%2F1.php%3Fsum%3D25%26clickid%3DNCT_iphone_de_ofid7315478_pid616_sub1_sub238_sub3OlaMobSL_nat2_sub4_sub5&redis=24

Request Chain 27

https://c.allontrk.com/click?offer_id=185967&pub_id=646&pub_click_id=NCT_iphone_de_ofid12835420_pid1004_sub1_sub24_sub3RingolaSL_nat27_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 28

https://c.allontrk.com/click?offer_id=209353&pub_id=646&pub_click_id=NCT_iphone_de_ofid13074690_pid1004_sub1_sub24_sub3RingolaSL_nat28_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 29

https://mookomedia.g2afse.com/click?pid=42&offer_id=239751&sub1=NCT_iphone_de_ofid12563923_pid1004_sub1_sub24_sub3RingolaSL_nat29_sub4_sub5&sub4=6100701004_4&sub5=id997362197 HTTP 302
http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 HTTP 302
https://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 HTTP 302
http://mookomedia.g2afse.com/disabled.html HTTP 302
https://mookomedia.g2afse.com/disabled.html

Request Chain 32

https://appricotads.g2afse.com/click?pid=251&offer_id=29613&ref_id=NCT_iphone_de_ofid12711076_pid1004_sub1_sub24_sub3RingolaSL_nat32_sub4_sub5&sub1=251_48501004&sub2=4&sub6=id997362197 HTTP 302
http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_48501004&sub2=4&sub3=&sub4=&sub5=251&sub6=251_48501004&sub7=4&sub8=29613 HTTP 302
http://appricotads.g2afse.com/disabled.html

Request Chain 33

https://md412.trckswrm.com/click?offer_id=232831&pub_id=10&pub_click_id=NCT_iphone_de_ofid13067510_pid1004_sub1_sub24_sub3RingolaSL_nat33_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197 HTTP 302
https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AnISUiQAAAF-hsoWTQADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197

Request Chain 36

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1749952&sub1=NCT_iphone_de_ofid13178754_pid1004_sub1_sub24_sub3RingolaSL_nat36_sub4_sub5&sub2=6100701004_4&sub5=id997362197 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://kuno-gae.com/com.id486154808?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd HTTP 302
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=49a64813-7c43-11ec-b379-129e3b9380fd

Request Chain 37

https://t.9696.me/click?pid=868&offer_id=148864&sub4=NCT_iphone_de_ofid13192610_pid1004_sub1_sub24_sub3RingolaSL_nat37_sub4_sub5&sub1=868_48501004&sub2=868_48501004_4&sub3=id997362197 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id997362197&sub1=868_48501004&sub2=868_48501004_4 HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=61ed421294a7370001f1cd70&pid=868_48501004&adid= HTTP 302
http://offer.alibaba.com/product/w404 HTTP 307
https://offer.alibaba.com/product/w404

Request Chain 39

https://c.allontrk.com/click?offer_id=207842&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13072536_pid1004_sub1_sub24_sub3RingolaSL_nat39_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 40

https://mookomedia.g2afse.com/click?pid=42&offer_id=239366&sub1=NCT_iphone_de_ofid12529669_pid1004_sub1_sub24_sub3RingolaSL_nat40_sub4_sub5&sub4=6100701004_4&sub3=B3D8EEAC-0913-4055-9EBF-B89EBB80220C&sub2=B3D8EEAC-0913-4055-9EBF-B89EBB80220C&sub5=id997362197 HTTP 302
http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 HTTP 302
https://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 HTTP 302
http://mookomedia.g2afse.com/disabled.html HTTP 302
https://mookomedia.g2afse.com/disabled.html

Request Chain 41

https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
https://www.google.com/

Request Chain 42

https://olamob.g2afse.com/click?pid=101&offer_id=1180164&sub1=NCT_iphone_de_ofid13186063_pid1004_sub1_sub24_sub3RingolaSL_nat14_sub4_sub5&sub2=6100701004_4&sub4=id997362197&sub8={sub8}|{offer_id},48501004 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=101&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://olamob.g2afse.com/click?pid=101&offer_id=1180164&sub1=NCT_iphone_de_ofid13186063_pid616_sub1_sub2101_sub3OlaMobSL_nat14_sub4_sub5&sub2=610070616_101&sub4=id1423046460&sub8=%7Bsub8%7D%7C%7Boffer_id%7D,4850616 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=101&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13205733&sub1=&sub2=101&sub3=OlaMobSL_nat5&sub4=834C443B-5418-4890-95E4-1DE1A0E57F7E&sub5=id462678375&sub6=610070 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://mookomedia.g2afse.com/click?pid=42&offer_id=205494&sub1=NCT_iphone_de_ofid11976009_pid616_sub1_sub2_sub3TbLabq_nat11_sub4_sub5&sub4=610070616_&sub3=8DFF5989-487F-4594-A080-8643ECE50C99&sub2=8DFF5989-487F-4594-A080-8643ECE50C99&sub5=id1407852246 HTTP 302
http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 HTTP 302
https://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 HTTP 302
http://mookomedia.g2afse.com/disabled.html HTTP 302
https://mookomedia.g2afse.com/disabled.html

Request Chain 43

https://md412.trckswrm.com/click?offer_id=218721&pub_id=10&pub_click_id=NCT_iphone_de_ofid13191624_pid1004_sub1_sub24_sub3RingolaSL_nat17_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197 HTTP 302
https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=Aosc8xIAAAF-hsoYcwADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197

Request Chain 44

https://md412.trckswrm.com/click?offer_id=232831&pub_id=10&pub_click_id=NCT_iphone_de_ofid13067510_pid1004_sub1_sub24_sub3RingolaSL_nat33_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197 HTTP 302
https://trafficred.g2afse.com/click?pid=4&offer_id=824&ref_id=AnPdzHYAAAF-hsoa2wADJcwAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
cpi-offers.com/fantastic.html/ 10 KB
2 KB 17ms
10ms Document
text/html 54.93.38.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Server: 54.93.38.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-38-64.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: 9fdd4c65ba9280e61ab168ce381a07ccc0197926fe0f96e1f6b30fd1be19ce07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 23 Jan 2022 11:54:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.14.1
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"26c3-2AZ1q6nqNQ7r2Fs6J20U6+a7RpI"
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 404
Not Found main.js
cpi-offers.com/fantastic.html/jsf/ 0
0 9ms
8ms Script
text/html 54.93.38.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://cpi-offers.com/fantastic.html/jsf/main.js

Requested by

Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0

Protocol

HTTP/1.1

Server

54.93.38.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-38-64.eu-central-1.compute.amazonaws.com

Software

nginx/1.14.1 / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 23 Jan 2022 11:54:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.14.1
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

204
No Content

redirect
direct2.knmasdfsdgs.com/
Redirect Chain

https://gowith.go2affise.com/click?pid=141&offer_id=2307935&sub1=NCT_iphone_de_ofid12910342_pid1004_sub1_sub24_sub3RingolaSL_nat1_sub4_sub5&sub2=6100701004_4&sub4=id997362197
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=&sid=141&udid=&name=&info=GOWMsl&blockTime=0
https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=610070616&q=

0
138 B

358ms
162ms

Stylesheet
text/html

185.33.87.146
HZ-US-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=610070616&q=
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Server: 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 23 Jan 2022 11:54:58 GMT
Server: nginx
Connection: close
Content-Type: text/html; charset=utf-8

Redirect headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-encoding: gzip
server: nginx/1.14.1
location: https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=610070616&q=
x-powered-by: Express
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *

GET
H2 200 aflinkref
cpi-offers.com/ 2 B
231 B 25ms
8ms Stylesheet
text/plain 54.93.38.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cpi-offers.com/aflinkref?prefix=https%3A//app.adjust.com/d4qsr6r%3F&deeplink=com.tipp24.app%3A%2F%2Fopen_native_view%3Fname%3Dhome%26partnerId%3D1COAUAPHDR&idfa=B3D8EEAC-0913-4055-9EBF-B89EBB80220C&adgroup=6100701004&creative=4&tracker_limit=10000000&event_callback_1vh3pr=http%3A%2F%2Fpostbacks.eu-central-1.elasticbeanstalk.com%2F1.php%3Fsum%3D25%26clickid%3DNCT_iphone_de_ofid7315478_pid1004_sub1_sub24_sub3RingolaSL_nat2_sub4_sub5&redis=24
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.38.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-38-64.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:57 GMT
content-encoding: gzip
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: nginx/1.14.1
x-powered-by: Express
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *

GET
H/1.1 204
No Content redirect
direct2.knmasdfsdgs.com/ 0
138 B 313ms
106ms Stylesheet
text/html 185.33.87.146
HZ-US-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=6100701004&q=
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 23 Jan 2022 11:54:57 GMT
Server: nginx
Connection: close
Content-Type: text/html; charset=utf-8

GET

redirect
direct4.soldbyphonder.com/
Redirect Chain

https://kuno-gae.com/com.id997362197?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=49a64815-7c43-11ec-ba54-0a218d8ef94f

0
0

GET
H2

200

disabled.html
media.appm.app/
Redirect Chain

https://media.appm.app/click?pid=263&offer_id=78451&sub1=NCT_iphone_de_ofid13200490_pid1004_sub1_sub24_sub3RingolaSL_nat5_sub4_sub5&sub2=6100701004&sub3=id997362197&sub4=4&sub6=id997362197
https://media.appm.app/sl?id=5c13c0a659b8ac00406bd7d4&pid=6&sub1=NCT_iphone_de_ofid13200490_pid1004_sub1_sub24_sub3RingolaSL_nat5_sub4_sub5&sub2=263_6100701004&sub3=id997362197&sub5=
http://media.appm.app/disabled.html
https://media.appm.app/disabled.html

0
0

14ms
14ms

Stylesheet
text/html

213.227.135.207
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://media.appm.app/disabled.html
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 213.227.135.207 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Location: https://media.appm.app/disabled.html
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

recommendation
c.allontrk.com/
Redirect Chain

https://c.allontrk.com/click?offer_id=161332&pub_id=636&pub_click_id=NCT_iphone_de_ofid13069475_pid1004_sub1_sub24_sub3RingolaSL_nat6_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
75 B

26ms
12ms

Stylesheet
text/plain

136.243.5.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Server: 136.243.5.43 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.5.243.136.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-length: 0

Redirect headers

location: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
date: Sun, 23 Jan 2022 11:54:57 GMT
referrer-policy: no-referrer
content-length: 0

GET
H/1.1 200
OK 230672
ila3.co/o/ 0
198 B 63ms
21ms Stylesheet
text/plain 173.212.201.66
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://ila3.co/o/230672?p=17&aff_clickid=NCT_iphone_de_ofid12396697_pid1004_sub1_sub24_sub3RingolaSL_nat7_sub4_sub5&sub1=6100701004_4&app_name=id997362197
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.212.201.66 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m10082.contaboserver.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Jan 2022 11:54:58 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Expires: 0

GET
H2

200

disabled.html
media.appm.app/
Redirect Chain

https://media.appm.app/click?pid=185&offer_id=77249&sub1=NCT_iphone_de_ofid12992710_pid1004_sub1_sub24_sub3RingolaSL_nat8_sub4_sub5&sub2=6100701004&sub3=id997362197&sub4=4
https://media.appm.app/sl?id=5c13c0a659b8ac00406bd7d4&pid=6&sub1=NCT_iphone_de_ofid12992710_pid1004_sub1_sub24_sub3RingolaSL_nat8_sub4_sub5&sub2=185_6100701004&sub3=id997362197&sub5=
http://media.appm.app/disabled.html
https://media.appm.app/disabled.html

0
0

14ms
13ms

Stylesheet
text/html

213.227.135.207
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://media.appm.app/disabled.html
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 213.227.135.207 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Location: https://media.appm.app/disabled.html
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

disabled.html
zildd.g2afse.com/
Redirect Chain

https://zildd.g2afse.com/click?pid=35&offer_id=3443087&sub1=NCT_iphone_de_ofid13163544_pid1004_sub1_sub24_sub3RingolaSL_nat9_sub4_sub5&sub2=6100701004_4&sub3=id997362197
http://zildd.g2afse.com/disabled.html

0
0

27ms
13ms

Stylesheet
text/html

213.227.134.242
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://zildd.g2afse.com/disabled.html
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Server: 213.227.134.242 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

location: http://zildd.g2afse.com/disabled.html
date: Sun, 23 Jan 2022 11:54:58 GMT
server: nginx
access-control-allow-origin: *
content-length: 0

GET
H/1.1

200
OK

click
apts.trckswrm.com/
Redirect Chain

https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=1004&offer_id=13084553&sub1=&sub2=4&sub3=RingolaSL_nat10&sub4=B3D8EEAC-0913-4055-9EBF-B89EBB80220C&sub5=id997362197&sub6=610070
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0
https://apts.trckswrm.com/click?offer_id=577002&pub_id=10&pub_click_id=NCT_iphone_de_ofid12953586_pid616_sub1_sub2_sub3TbLabq_nat6_sub4_sub5&pub_sub_id=610070616&pub_sub_sub_id=&app=id412443566

0
75 B

13ms
13ms

Stylesheet
text/plain

5.9.5.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=577002&pub_id=10&pub_click_id=NCT_iphone_de_ofid12953586_pid616_sub1_sub2_sub3TbLabq_nat6_sub4_sub5&pub_sub_id=610070616&pub_sub_sub_id=&app=id412443566
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Server: 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.5.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-length: 0

Redirect headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-encoding: gzip
server: nginx/1.14.1
location: https://apts.trckswrm.com/click?offer_id=577002&pub_id=10&pub_click_id=NCT_iphone_de_ofid12953586_pid616_sub1_sub2_sub3TbLabq_nat6_sub4_sub5&pub_sub_id=610070616&pub_sub_sub_id=&app=id412443566
x-powered-by: Express
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *

GET
H2

200

id1262148500
impression.appsflyer.com/
Redirect Chain

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1743361&sub1=NCT_iphone_de_ofid13029625_pid1004_sub1_sub24_sub3RingolaSL_nat11_sub4_sub5&sub2=6100701004_4&sub5=id997362197
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0
https://olamob.g2afse.com/click?pid=101&offer_id=1180164&sub1=NCT_iphone_de_ofid13186063_pid616_sub1_sub22_sub3ElishaSL_nat14_sub4_sub5&sub2=610070616_2&sub4=id314716233&sub8=%7Bsub8%7D%7C%7Boffer_...
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=101&udid=&name=&info=OlaMobSL&blockTime=0
https://appscogent.g2afse.com/click?pid=27&offer_id=680811&sub1=NCT_iphone_de_ofid13186345_pid616_sub1_sub2101_sub3OlaMobSL_nat7_sub4_sub5&sub2=610070616_101&sub5=id593715088
https://allmarketing.g2afse.com/click?pid=778&offer_id=4931310&sub1=61ed42129c05bb0001bb8cd6&sub2=27_610070616_101&sub3=&sub3=&sub4=id593715088
http://ahm.g2afse.com/click?pid=604&offer_id=119686&sub1=61ed4212b846c3000117cb7f&sub2=778_27_610070616_101&sub3=id593715088&sub4=
https://adright.g2afse.com/click?pid=197&offer_id=3483057&sub1=604&sub2=61ed4212710fa80001573b60&sub3=&sub4=604_778_27_610070616_101&sub5=id593715088&sub7=
https://impression.appsflyer.com/id1262148500?af_prt=moblin&pid=adright_int&af_ad_id=604&af_viewthrough_lookback=1d&clickid=61ed4212e007ad000122a757&af_cost_model=cpi&af_cost_value=8.5&af_channel=0...

2 B
311 B

95ms
47ms

Stylesheet
text/html

18.64.79.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://impression.appsflyer.com/id1262148500?af_prt=moblin&pid=adright_int&af_ad_id=604&af_viewthrough_lookback=1d&clickid=61ed4212e007ad000122a757&af_cost_model=cpi&af_cost_value=8.5&af_channel=0991&c=Zoomd_DE_iOS_de&af_siteid=|3483057,197&af_channel=197&af_ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&af_lang=de-DE&af_ip=138.199.38.133

Requested by

Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0

Protocol

Server

18.64.79.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-64-79-99.txl50.r.cloudfront.net

Software

http-kit /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:58 GMT
via: 1.1 2a449514cebabcf6ab64b86d6a229cfe.cloudfront.net (CloudFront)
server: http-kit
x-amz-cf-pop: TXL50-P2
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
cache-control: no-cache
content-length: 2
x-amz-cf-id: 6HtLmWPFCY9qbU90rsPw5WBfuQ9yYjO6ddaIAOmeY5d9pNThMgmccQ==

Redirect headers

location: https://impression.appsflyer.com/id1262148500?af_prt=moblin&pid=adright_int&af_ad_id=604&af_viewthrough_lookback=1d&clickid=61ed4212e007ad000122a757&af_cost_model=cpi&af_cost_value=8.5&af_channel=0991&c=Zoomd_DE_iOS_de&af_siteid=|3483057,197&af_channel=197&af_ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&af_lang=de-DE&af_ip=138.199.38.133
date: Sun, 23 Jan 2022 11:54:58 GMT
server: nginx
access-control-allow-origin: *
content-length: 0

GET
H2

200

disabled.html
mookomedia.g2afse.com/
Redirect Chain

https://mookomedia.g2afse.com/click?pid=42&offer_id=206096&sub1=NCT_iphone_de_ofid11981014_pid1004_sub1_sub24_sub3RingolaSL_nat12_sub4_sub5&sub4=6100701004_4&sub5=id997362197
http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106
https://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106
http://mookomedia.g2afse.com/disabled.html
https://mookomedia.g2afse.com/disabled.html

0
0

14ms
14ms

Stylesheet
text/html

213.227.134.204
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://mookomedia.g2afse.com/disabled.html
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 213.227.134.204 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Location: https://mookomedia.g2afse.com/disabled.html
Date: Sun, 23 Jan 2022 11:54:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 138
Content-Type: text/html

GET
H/1.1 200
OK click
apts.trckswrm.com/ 0
75 B 47ms
14ms Stylesheet
text/plain 5.9.5.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=107221&pub_id=10&pub_click_id=NCT_iphone_de_ofid10794217_pid1004_sub1_sub24_sub3RingolaSL_nat13_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.5.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:57 GMT
content-length: 0

GET
H2

404

click
apply.g2afse.com/
Redirect Chain

https://olamob.g2afse.com/click?pid=101&offer_id=1180164&sub1=NCT_iphone_de_ofid13186063_pid1004_sub1_sub24_sub3RingolaSL_nat14_sub4_sub5&sub2=6100701004_4&sub4=id997362197&sub8={sub8}|{offer_id},4...
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=101&udid=&name=&info=OlaMobSL&blockTime=0
https://apply.g2afse.com/click?pid=3&offer_id=354214&sub1=NCT_iphone_de_ofid12775565_pid616_sub1_sub2101_sub3OlaMobSL_nat6_sub4_sub5&sub4=id1423046460&sub2=610070616_101

0
0

44ms
13ms

Stylesheet
text/html

213.227.135.235
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://apply.g2afse.com/click?pid=3&offer_id=354214&sub1=NCT_iphone_de_ofid12775565_pid616_sub1_sub2101_sub3OlaMobSL_nat6_sub4_sub5&sub4=id1423046460&sub2=610070616_101
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 213.227.135.235 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-encoding: gzip
server: nginx/1.14.1
location: https://apply.g2afse.com/click?pid=3&offer_id=354214&sub1=NCT_iphone_de_ofid12775565_pid616_sub1_sub2101_sub3OlaMobSL_nat6_sub4_sub5&sub4=id1423046460&sub2=610070616_101
x-powered-by: Express
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *

GET
H/1.1 200
OK click
apts.trckswrm.com/ 0
75 B 46ms
13ms Stylesheet
text/plain 5.9.5.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=621546&pub_id=10&pub_click_id=NCT_iphone_de_ofid13012082_pid1004_sub1_sub24_sub3RingolaSL_nat15_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.5.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:57 GMT
content-length: 0

GET
H/1.1 200
OK click
apts.trckswrm.com/ 0
75 B 46ms
13ms Stylesheet
text/plain 5.9.5.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=106388&pub_id=10&pub_click_id=NCT_iphone_de_ofid10740346_pid1004_sub1_sub24_sub3RingolaSL_nat16_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.5.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:57 GMT
content-length: 0

GET
H2

404

click
trafficred.g2afse.com/
Redirect Chain

https://md412.trckswrm.com/click?offer_id=218721&pub_id=10&pub_click_id=NCT_iphone_de_ofid13191624_pid1004_sub1_sub24_sub3RingolaSL_nat17_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id9973...
https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=Am0EqzEAAAF-hsoWTAADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197

0
0

43ms
13ms

Stylesheet
text/html

213.227.156.193
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=Am0EqzEAAAF-hsoWTAADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 213.227.156.193 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

location: https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=Am0EqzEAAAF-hsoWTAADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197
date: Sun, 23 Jan 2022 11:54:57 GMT
referrer-policy: no-referrer
content-length: 0

GET
H2

200

disabled.html
mookomedia.g2afse.com/
Redirect Chain

https://mookomedia.g2afse.com/click?pid=42&offer_id=211086&sub1=NCT_iphone_de_ofid12206590_pid1004_sub1_sub24_sub3RingolaSL_nat18_sub4_sub5&sub4=6100701004_4&sub3=B3D8EEAC-0913-4055-9EBF-B89EBB8022...
http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106
https://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106
http://mookomedia.g2afse.com/disabled.html
https://mookomedia.g2afse.com/disabled.html

0
0

14ms
14ms

Stylesheet
text/html

213.227.134.204
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://mookomedia.g2afse.com/disabled.html
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 213.227.134.204 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Location: https://mookomedia.g2afse.com/disabled.html
Date: Sun, 23 Jan 2022 11:54:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 138
Content-Type: text/html

GET
H/1.1

200
OK

click
apts.trckswrm.com/
Redirect Chain

https://gowith.go2affise.com/click?pid=141&offer_id=2294523&sub1=NCT_iphone_de_ofid13028395_pid1004_sub1_sub24_sub3RingolaSL_nat19_sub4_sub5&sub2=6100701004_4&sub4=id997362197
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=&sid=141&udid=&name=&info=GOWMsl&blockTime=0
https://apts.trckswrm.com/click?offer_id=621546&pub_id=10&pub_click_id=NCT_iphone_de_ofid13012082_pid616_sub1_sub2141_sub3GOWMsl_nat15_sub4_sub5&pub_sub_id=610070616&pub_sub_sub_id=141&app=id290638154

0
75 B

13ms
13ms

Stylesheet
text/plain

5.9.5.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=621546&pub_id=10&pub_click_id=NCT_iphone_de_ofid13012082_pid616_sub1_sub2141_sub3GOWMsl_nat15_sub4_sub5&pub_sub_id=610070616&pub_sub_sub_id=141&app=id290638154
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Server: 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.5.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-length: 0

Redirect headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-encoding: gzip
server: nginx/1.14.1
location: https://apts.trckswrm.com/click?offer_id=621546&pub_id=10&pub_click_id=NCT_iphone_de_ofid13012082_pid616_sub1_sub2141_sub3GOWMsl_nat15_sub4_sub5&pub_sub_id=610070616&pub_sub_sub_id=141&app=id290638154
x-powered-by: Express
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *

GET
H/1.1

200
OK

recommendation
c.allontrk.com/
Redirect Chain

https://c.allontrk.com/click?offer_id=180272&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid12802107_pid1004_sub1_sub24_sub3RingolaSL_nat20_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&ap...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
75 B

26ms
12ms

Stylesheet
text/plain

136.243.5.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Server: 136.243.5.43 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.5.243.136.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-length: 0

Redirect headers

location: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
date: Sun, 23 Jan 2022 11:54:57 GMT
referrer-policy: no-referrer
content-length: 0

GET
H2

404

id1478406784
apps.apple.com/app/
Redirect Chain

https://ad-experience.g2afse.com/click?pid=2&offer_id=688845&sub1=NCT_iphone_de_ofid13213190_pid1004_sub1_sub24_sub3RingolaSL_nat21_sub4_sub5&sub2=6100701004_4&sub5=id997362197
https://rewardsctr.com/t/943922?A1=61ed42120ebe230001741d33&A5=2_6100701004_4&A4=id997362197&A3=_&A2=_&pip=138.199.38.133&plang=DE&pua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKi...
https://click-event.wuzztrack.com/?campaignId=2753&publisherId=3051&publisherClickId=11ec7c4349b0814091ab47b3fa34c836_943922_72008&publisherSubId1=2079&publisherSubId2=2_6100701004_4&publisherSourc...
https://app.adjust.com/83fbb3e?campaign=bux0_DE_DE_duo_con_ps_aff_wuzzon_527_B1&adgroup=3051&creative=2079&click_id=3434c418345c436b93d768bf2839ad&tracker_limit=10000000&wuzzonClickId=3434c418345c4...
https://apps.apple.com/app/id1478406784?mt=8

0
0

510ms
450ms

Stylesheet
text/html

2a02:26f0:1700:391::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.apple.com/app/id1478406784?mt=8
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 2a02:26f0:1700:391::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

location: https://apps.apple.com/app/id1478406784?mt=8
date: Sun, 23 Jan 2022 11:54:58 GMT
x-robots-tag: noindex
content-length: 67
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK click
apts.trckswrm.com/ 0
75 B 45ms
13ms Stylesheet
text/plain 5.9.5.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=487243&pub_id=10&pub_click_id=NCT_iphone_de_ofid12511507_pid1004_sub1_sub24_sub3RingolaSL_nat22_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&gaid=B3D8EEAC-0913-4055-9EBF-B89EBB80220C&idfa=B3D8EEAC-0913-4055-9EBF-B89EBB80220C&app=id997362197
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.5.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:57 GMT
content-length: 0

GET
H2

200

disabled.html
media.appm.app/
Redirect Chain

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1762039&sub1=NCT_iphone_de_ofid13199961_pid1004_sub1_sub24_sub3RingolaSL_nat23_sub4_sub5&sub2=6100701004_4&sub5=id997362197
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0
https://media.appm.app/click?pid=185&offer_id=77249&sub1=NCT_iphone_de_ofid12992710_pid616_sub1_sub22_sub3ElishaSL_nat8_sub4_sub5&sub2=610070616&sub3=id314487667&sub4=2
https://media.appm.app/sl?id=5c13c0a659b8ac00406bd7d4&pid=6&sub1=NCT_iphone_de_ofid12992710_pid616_sub1_sub22_sub3ElishaSL_nat8_sub4_sub5&sub2=185_610070616&sub3=id314487667&sub5=
http://media.appm.app/disabled.html
https://media.appm.app/disabled.html

0
0

15ms
14ms

Stylesheet
text/html

213.227.135.207
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://media.appm.app/disabled.html
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 213.227.135.207 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Location: https://media.appm.app/disabled.html
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK click
apts.trckswrm.com/ 0
75 B 43ms
12ms Stylesheet
text/plain 5.9.5.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=67860&pub_id=55&pub_click_id=NCT_iphone_de_ofid13019131_pid1004_sub1_sub24_sub3RingolaSL_nat24_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.5.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:57 GMT
content-length: 0

GET
H/1.1

200
OK

disabled.html
appricotads.g2afse.com/
Redirect Chain

https://appricotads.g2afse.com/click?pid=251&offer_id=439948&ref_id=NCT_iphone_de_ofid13168028_pid1004_sub1_sub24_sub3RingolaSL_nat25_sub4_sub5&sub1=251_48501004&sub2=4&sub6=id997362197
http://appricotads.g2afse.com/sl?id=5f36c7061a6e4b1879225163&pid=2&ref_id=&sub1=251_48501004&sub2=4&sub3=&sub4=&sub5=251&sub6=251_48501004&sub7=4&sub8=439948
http://appricotads.g2afse.com/disabled.html

0
0

13ms
13ms

Stylesheet
text/html

213.227.134.234
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://appricotads.g2afse.com/disabled.html
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Server: 213.227.134.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Location: http://appricotads.g2afse.com/disabled.html
Date: Sun, 23 Jan 2022 11:54:58 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H2

200

aflinkref
cpi-offers.com/
Redirect Chain

https://ad-experience.g2afse.com/click?pid=2&offer_id=679486&sub1=NCT_iphone_de_ofid13013598_pid1004_sub1_sub24_sub3RingolaSL_nat26_sub4_sub5&sub2=6100701004_4&sub5=id997362197
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=679486&sub3=2
https://olamob.g2afse.com/click?pid=38&offer_id=1169018&sub1=61ed4212057e880001e8c054&sub2=1_679486&sub3=2&sub4=&sub8=|685141,1
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0
https://ad-experience.g2afse.com/click?pid=2&offer_id=593028&sub1=NCT_iphone_de_ofid12144862_pid616_sub1_sub238_sub3OlaMobSL_nat6_sub4_sub5&sub2=610070616_38&sub5=id1360098321
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=593028&sub3=2
https://olamob.g2afse.com/click?pid=38&offer_id=1167514&sub1=61ed42120ebe230001741d55&sub2=1_593028&sub3=2&sub4=&sub8=|685256,1
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0
https://cpi-offers.com/aflinkref?prefix=https%3A//app.adjust.com/d4qsr6r%3F&deeplink=com.tipp24.app%3A%2F%2Fopen_native_view%3Fname%3Dhome%26partnerId%3D1COAUAPHDR&idfa=AFD36A35-2E84-47A1-A4E5-05D6...

2 B
230 B

9ms
8ms

Stylesheet
text/plain

54.93.38.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cpi-offers.com/aflinkref?prefix=https%3A//app.adjust.com/d4qsr6r%3F&deeplink=com.tipp24.app%3A%2F%2Fopen_native_view%3Fname%3Dhome%26partnerId%3D1COAUAPHDR&idfa=AFD36A35-2E84-47A1-A4E5-05D61F4CDB44&adgroup=610070616&creative=38&tracker_limit=10000000&event_callback_1vh3pr=http%3A%2F%2Fpostbacks.eu-central-1.elasticbeanstalk.com%2F1.php%3Fsum%3D25%26clickid%3DNCT_iphone_de_ofid7315478_pid616_sub1_sub238_sub3OlaMobSL_nat2_sub4_sub5&redis=24
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 54.93.38.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-38-64.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-encoding: gzip
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: nginx/1.14.1
x-powered-by: Express
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *

Redirect headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-encoding: gzip
server: nginx/1.14.1
location: https://cpi-offers.com/aflinkref?prefix=https%3A//app.adjust.com/d4qsr6r%3F&deeplink=com.tipp24.app%3A%2F%2Fopen_native_view%3Fname%3Dhome%26partnerId%3D1COAUAPHDR&idfa=AFD36A35-2E84-47A1-A4E5-05D61F4CDB44&adgroup=610070616&creative=38&tracker_limit=10000000&event_callback_1vh3pr=http%3A%2F%2Fpostbacks.eu-central-1.elasticbeanstalk.com%2F1.php%3Fsum%3D25%26clickid%3DNCT_iphone_de_ofid7315478_pid616_sub1_sub238_sub3OlaMobSL_nat2_sub4_sub5&redis=24
x-powered-by: Express
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *

GET
H/1.1

200
OK

recommendation
c.allontrk.com/
Redirect Chain

https://c.allontrk.com/click?offer_id=185967&pub_id=646&pub_click_id=NCT_iphone_de_ofid12835420_pid1004_sub1_sub24_sub3RingolaSL_nat27_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
75 B

26ms
12ms

Stylesheet
text/plain

136.243.5.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Server: 136.243.5.43 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.5.243.136.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-length: 0

Redirect headers

location: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
date: Sun, 23 Jan 2022 11:54:57 GMT
referrer-policy: no-referrer
content-length: 0

GET
H/1.1

200
OK

recommendation
c.allontrk.com/
Redirect Chain

https://c.allontrk.com/click?offer_id=209353&pub_id=646&pub_click_id=NCT_iphone_de_ofid13074690_pid1004_sub1_sub24_sub3RingolaSL_nat28_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
75 B

26ms
12ms

Stylesheet
text/plain

136.243.5.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Server: 136.243.5.43 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.5.243.136.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-length: 0

Redirect headers

location: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
date: Sun, 23 Jan 2022 11:54:57 GMT
referrer-policy: no-referrer
content-length: 0

GET
H2

200

disabled.html
mookomedia.g2afse.com/
Redirect Chain

https://mookomedia.g2afse.com/click?pid=42&offer_id=239751&sub1=NCT_iphone_de_ofid12563923_pid1004_sub1_sub24_sub3RingolaSL_nat29_sub4_sub5&sub4=6100701004_4&sub5=id997362197
http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106
https://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106
http://mookomedia.g2afse.com/disabled.html
https://mookomedia.g2afse.com/disabled.html

0
0

14ms
14ms

Stylesheet
text/html

213.227.134.204
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://mookomedia.g2afse.com/disabled.html
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 213.227.134.204 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Location: https://mookomedia.g2afse.com/disabled.html
Date: Sun, 23 Jan 2022 11:54:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 138
Content-Type: text/html

GET
H/1.1 200
OK click
apts.trckswrm.com/ 0
75 B 43ms
12ms Stylesheet
text/plain 5.9.5.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=617632&pub_id=55&pub_click_id=NCT_iphone_de_ofid12947067_pid1004_sub1_sub24_sub3RingolaSL_nat30_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.5.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:57 GMT
content-length: 0

GET
H/1.1 200
OK click
apts.trckswrm.com/ 0
75 B 54ms
12ms Stylesheet
text/plain 5.9.5.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=603961&pub_id=55&pub_click_id=NCT_iphone_de_ofid13167212_pid1004_sub1_sub24_sub3RingolaSL_nat31_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.5.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-length: 0

GET
H/1.1

200
OK

disabled.html
appricotads.g2afse.com/
Redirect Chain

https://appricotads.g2afse.com/click?pid=251&offer_id=29613&ref_id=NCT_iphone_de_ofid12711076_pid1004_sub1_sub24_sub3RingolaSL_nat32_sub4_sub5&sub1=251_48501004&sub2=4&sub6=id997362197
http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_48501004&sub2=4&sub3=&sub4=&sub5=251&sub6=251_48501004&sub7=4&sub8=29613
http://appricotads.g2afse.com/disabled.html

0
0

16ms
15ms

Stylesheet
text/html

213.227.134.234
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://appricotads.g2afse.com/disabled.html
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Server: 213.227.134.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Location: http://appricotads.g2afse.com/disabled.html
Date: Sun, 23 Jan 2022 11:54:58 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H2

404

click
trafficred.g2afse.com/
Redirect Chain

https://md412.trckswrm.com/click?offer_id=232831&pub_id=10&pub_click_id=NCT_iphone_de_ofid13067510_pid1004_sub1_sub24_sub3RingolaSL_nat33_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id9973...
https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AnISUiQAAAF-hsoWTQADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197

0
0

43ms
13ms

Stylesheet
text/html

213.227.156.193
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AnISUiQAAAF-hsoWTQADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 213.227.156.193 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

location: https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AnISUiQAAAF-hsoWTQADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197
date: Sun, 23 Jan 2022 11:54:57 GMT
referrer-policy: no-referrer
content-length: 0

GET
H/1.1 200
OK click
apts.trckswrm.com/ 0
75 B 55ms
12ms Stylesheet
text/plain 5.9.5.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=600016&pub_id=55&pub_click_id=NCT_iphone_de_ofid12892493_pid1004_sub1_sub24_sub3RingolaSL_nat34_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.5.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-length: 0

GET
H/1.1 200
OK click
apts.trckswrm.com/ 0
75 B 55ms
12ms Stylesheet
text/plain 5.9.5.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=654143&pub_id=55&pub_click_id=NCT_iphone_de_ofid13077477_pid1004_sub1_sub24_sub3RingolaSL_nat35_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id997362197
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.5.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-length: 0

GET

redirect
direct4.soldbyphonder.com/
Redirect Chain

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1749952&sub1=NCT_iphone_de_ofid13178754_pid1004_sub1_sub24_sub3RingolaSL_nat36_sub4_sub5&sub2=6100701004_4&sub5=id997362197
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0
https://kuno-gae.com/com.id486154808?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=49a64813-7c43-11ec-b379-129e3b9380fd

0
0

GET
H2

200

w404
offer.alibaba.com/product/
Redirect Chain

https://t.9696.me/click?pid=868&offer_id=148864&sub4=NCT_iphone_de_ofid13192610_pid1004_sub1_sub24_sub3RingolaSL_nat37_sub4_sub5&sub1=868_48501004&sub2=868_48501004_4&sub3=id997362197
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id997362197&sub1=868_48501004&sub2=868_48501004_4
https://offer.alibaba.com/cps/rq9rg325?tp1=61ed421294a7370001f1cd70&pid=868_48501004&adid=
http://offer.alibaba.com/product/w404
https://offer.alibaba.com/product/w404

0
0

111ms
111ms

Stylesheet
text/html

104.92.96.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.alibaba.com/product/w404
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 104.92.96.135 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-96-135.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Location: https://offer.alibaba.com/product/w404
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK click
apts.trckswrm.com/ 0
75 B 56ms
12ms Stylesheet
text/plain 5.9.5.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=604392&pub_id=10&pub_click_id=NCT_iphone_de_ofid12907696_pid1004_sub1_sub24_sub3RingolaSL_nat38_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&gaid=B3D8EEAC-0913-4055-9EBF-B89EBB80220C&idfa=B3D8EEAC-0913-4055-9EBF-B89EBB80220C&app=id997362197
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.5.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-length: 0

GET
H/1.1

200
OK

recommendation
c.allontrk.com/
Redirect Chain

https://c.allontrk.com/click?offer_id=207842&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13072536_pid1004_sub1_sub24_sub3RingolaSL_nat39_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&ap...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
75 B

26ms
12ms

Stylesheet
text/plain

136.243.5.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: HTTP/1.1
Server: 136.243.5.43 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.5.243.136.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 23 Jan 2022 11:54:58 GMT
content-length: 0

Redirect headers

location: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
date: Sun, 23 Jan 2022 11:54:57 GMT
referrer-policy: no-referrer
content-length: 0

GET
H2

200

disabled.html
mookomedia.g2afse.com/
Redirect Chain

https://mookomedia.g2afse.com/click?pid=42&offer_id=239366&sub1=NCT_iphone_de_ofid12529669_pid1004_sub1_sub24_sub3RingolaSL_nat40_sub4_sub5&sub4=6100701004_4&sub3=B3D8EEAC-0913-4055-9EBF-B89EBB8022...
http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106
https://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106
http://mookomedia.g2afse.com/disabled.html
https://mookomedia.g2afse.com/disabled.html

0
0

14ms
13ms

Stylesheet
text/html

213.227.134.204
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://mookomedia.g2afse.com/disabled.html
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 213.227.134.204 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Location: https://mookomedia.g2afse.com/disabled.html
Date: Sun, 23 Jan 2022 11:54:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 138
Content-Type: text/html

GET
H2

200

/
www.google.com/
Redirect Chain

https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D
https://www.google.com/

0
0

104ms
80ms

Stylesheet
text/html

2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date: Sun, 23 Jan 2022 11:54:58 GMT
referrer-policy: origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuO17kOUJolRpQH%2BjulcYTYR0jadH1w960uwCRCkR9eZC5wnK%2Fm9FcJ1g0DiDpPxa5Yu6Bd7xPbpYxHWrVTnkZRyYl9LmpYXC97NdZ8ogJlXnVPeiD8cjfm9G7SpJVE%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.google.com
cf-ray: 6d20d4906efb4eb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2

200

disabled.html
mookomedia.g2afse.com/
Redirect Chain

https://olamob.g2afse.com/click?pid=101&offer_id=1180164&sub1=NCT_iphone_de_ofid13186063_pid1004_sub1_sub24_sub3RingolaSL_nat14_sub4_sub5&sub2=6100701004_4&sub4=id997362197&sub8={sub8}|{offer_id},4...
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=101&udid=&name=&info=OlaMobSL&blockTime=0
https://olamob.g2afse.com/click?pid=101&offer_id=1180164&sub1=NCT_iphone_de_ofid13186063_pid616_sub1_sub2101_sub3OlaMobSL_nat14_sub4_sub5&sub2=610070616_101&sub4=id1423046460&sub8=%7Bsub8%7D%7C%7Bo...
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=101&udid=&name=&info=OlaMobSL&blockTime=0
https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13205733&sub1=&sub2=101&sub3=OlaMobSL_nat5&sub4=834C443B-5418-4890-95E4-1DE1A0E57F7E&sub5=id462678375&sub6=610070
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0
https://mookomedia.g2afse.com/click?pid=42&offer_id=205494&sub1=NCT_iphone_de_ofid11976009_pid616_sub1_sub2_sub3TbLabq_nat11_sub4_sub5&sub4=610070616_&sub3=8DFF5989-487F-4594-A080-8643ECE50C99&sub2...
http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106
https://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106
http://mookomedia.g2afse.com/disabled.html
https://mookomedia.g2afse.com/disabled.html

0
0

15ms
14ms

Stylesheet
text/html

213.227.134.204
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://mookomedia.g2afse.com/disabled.html
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 213.227.134.204 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Location: https://mookomedia.g2afse.com/disabled.html
Date: Sun, 23 Jan 2022 11:54:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 138
Content-Type: text/html

GET
H2

404

click
trafficred.g2afse.com/
Redirect Chain

https://md412.trckswrm.com/click?offer_id=218721&pub_id=10&pub_click_id=NCT_iphone_de_ofid13191624_pid1004_sub1_sub24_sub3RingolaSL_nat17_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id9973...
https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=Aosc8xIAAAF-hsoYcwADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197

0
0

13ms
13ms

Stylesheet
text/html

213.227.156.193
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=Aosc8xIAAAF-hsoYcwADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 213.227.156.193 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

location: https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=Aosc8xIAAAF-hsoYcwADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197
date: Sun, 23 Jan 2022 11:54:58 GMT
referrer-policy: no-referrer
content-length: 0

GET
H2

404

click
trafficred.g2afse.com/
Redirect Chain

https://md412.trckswrm.com/click?offer_id=232831&pub_id=10&pub_click_id=NCT_iphone_de_ofid13067510_pid1004_sub1_sub24_sub3RingolaSL_nat33_sub4_sub5&pub_sub_id=6100701004&pub_sub_sub_id=4&app=id9973...
https://trafficred.g2afse.com/click?pid=4&offer_id=824&ref_id=AnPdzHYAAAF-hsoa2wADJcwAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197

0
0

14ms
13ms

Stylesheet
text/html

213.227.156.193
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficred.g2afse.com/click?pid=4&offer_id=824&ref_id=AnPdzHYAAAF-hsoa2wADJcwAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html/?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=4&udid=&name=&info=RingolaSL&blockTime=0
Protocol: H2
Server: 213.227.156.193 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

location: https://trafficred.g2afse.com/click?pid=4&offer_id=824&ref_id=AnPdzHYAAAF-hsoa2wADJcwAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197
date: Sun, 23 Jan 2022 11:54:59 GMT
referrer-policy: no-referrer
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: direct4.soldbyphonder.com
URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=49a64815-7c43-11ec-ba54-0a218d8ef94f

Domain: direct4.soldbyphonder.com
URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=49a64813-7c43-11ec-b379-129e3b9380fd

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ad-experience.g2afse.com/	1970-01-20 09:07:54	Name: afclick Value: 61ed42120ebe230001741d33
ad-experience.g2afse.com/	1970-01-20 09:07:54	Name: afoffers Value: {"688845":1642938898}
t.9696.me/	1970-01-20 09:07:54	Name: afclick Value: 61ed421294a7370001f1cd70
appscogent.g2afse.com/	1970-01-20 09:07:54	Name: afclick Value: 61ed42129c05bb0001bb8cd6
appscogent.g2afse.com/	1970-01-20 09:07:54	Name: afoffers Value: {"680811":1642938898}
allmarketing.g2afse.com/	1970-01-20 09:07:54	Name: afclick Value: 61ed4212b846c3000117cb7f
allmarketing.g2afse.com/	1970-01-20 09:07:54	Name: afoffers Value: {"4931310":1642938898}
.alibaba.com/	1969-12-31 23:59:59	Name: cookie2 Value: a7943f739dc7f993b03a0a6702deeff5
.alibaba.com/	1970-01-23 13:48:20	Name: t Value: 8b73e403748e9797dfbc0a496c01cdf9
.alibaba.com/	1969-12-31 23:59:59	Name: _tb_token_ Value: 7b7d1b3ddeb8a
adright.g2afse.com/	1970-01-20 09:07:54	Name: afclick Value: 61ed4212e007ad000122a757
adright.g2afse.com/	1970-01-20 09:07:54	Name: afoffers Value: {"3483057":1642938898}

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://cpi-offers.com/fantastic.html/jsf/main.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=Am0EqzEAAAF-hsoWTAADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AnISUiQAAAF-hsoWTQADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=354214&sub1=NCT_iphone_de_ofid12775565_pid616_sub1_sub2101_sub3OlaMobSL_nat6_sub4_sub5&sub4=id1423046460&sub2=610070616_101 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=49a64813-7c43-11ec-b379-129e3b9380fd Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=49a64815-7c43-11ec-ba54-0a218d8ef94f Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=Aosc8xIAAAF-hsoYcwADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://apps.apple.com/app/id1478406784?mt=8 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trafficred.g2afse.com/click?pid=4&offer_id=824&ref_id=AnPdzHYAAAF-hsoa2wADJcwAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id997362197 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-experience.g2afse.com
adright.g2afse.com
ahm.g2afse.com
allmarketing.g2afse.com
app.adjust.com
apply.g2afse.com
appricotads.g2afse.com
apps.apple.com
appscogent.g2afse.com
apts.trckswrm.com
c.allontrk.com
click-event.wuzztrack.com
cpi-offers.com
digitalfuture.g2afse.com
direct2.knmasdfsdgs.com
direct4.soldbyphonder.com
go2.lkjlkjkljsdflkjsdfklsfjklsd.com
gowith.go2affise.com
ila3.co
impression.appsflyer.com
md412.trckswrm.com
media.appm.app
mookomedia.g2afse.com
offer.alibaba.com
olamob.g2afse.com
rewardsctr.com
t.9696.me
trafficred.g2afse.com
www.google.com
zainzuri.com
zildd.g2afse.com
direct4.soldbyphonder.com
104.92.96.135
136.243.5.43
172.67.166.138
173.212.201.66
18.64.79.99
185.151.204.8
185.33.87.146
212.7.209.71
212.7.209.75
213.227.134.200
213.227.134.202
213.227.134.204
213.227.134.234
213.227.134.236
213.227.134.240
213.227.134.242
213.227.135.207
213.227.135.231
213.227.135.233
213.227.135.235
213.227.156.193
2a00:1450:4001:803::2004
2a02:26f0:1700:391::2a1
5.9.5.213
54.93.38.64
63.32.229.101
84.110.34.195
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
9fdd4c65ba9280e61ab168ce381a07ccc0197926fe0f96e1f6b30fd1be19ce07
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cpi-offers.com Open in urlscan Pro 54.93.38.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

46 Requests

28 %HTTPS

7 %IPv6

19 Domains

31 Subdomains

16 IPs

5 Countries

5 kBTransfer

10 kBSize

12 Cookies

0 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

cpi-offers.com Open in urlscan Pro
54.93.38.64 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

28 %
HTTPS

7 %
IPv6

19
Domains

31
Subdomains

16
IPs

5
Countries

5 kB
Transfer

10 kB
Size

12
Cookies

46 HTTP transactions
0 data transactions