cpi-offers.com Open in urlscan Pro
18.195.230.97 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nur68cnnc5.com/
Effective URL:
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=E...
Submission: On February 02 via manual (February 2nd 2022, 6:09:02 pm UTC) from TR — Scanned from DE

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 14 domains to perform 32 HTTP transactions. The main IP is 18.195.230.97, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com. The Cisco Umbrella rank of the primary domain is 28249.
TLS certificate: Issued by Amazon on October 26th 2021. Valid for: a year.

This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2607:fad0:380... 2607:fad0:3801:4::1	32244 (LIQUIDWEB) (LIQUIDWEB)
1 1	198.134.116.30 198.134.116.30	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
6 9	18.195.230.97 18.195.230.97	16509 (AMAZON-02) (AMAZON-02)
3	185.33.87.146 185.33.87.146	202015 (HZ-US-AS) (HZ-US-AS)
2 3	213.227.156.13 213.227.156.13	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	213.227.156.11 213.227.156.11	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	5.9.6.203 5.9.6.203	24940 (HETZNER-AS) (HETZNER-AS)
1	213.227.156.193 213.227.156.193	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	212.7.209.71 212.7.209.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.227.134.204 213.227.134.204	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.156.234 213.227.156.234	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.135.209 213.227.135.209	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	143.204.215.26 143.204.215.26	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:12d... 2a02:26f0:12d:5b6::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	212.32.254.77 212.32.254.77	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	157.90.7.51 157.90.7.51	24940 (HETZNER-AS) (HETZNER-AS)
2 2	213.227.134.242 213.227.134.242	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	213.227.156.19 213.227.156.19	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	104.21.66.249 104.21.66.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
32	11

2 2607:fad0:3801:4::1 (United States)

ASN32244 (LIQUIDWEB, US)

nur68cnnc5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.134.116.30 (Farmingdale, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

click.expmediadirect1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.195.230.97 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-230-97.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.87.146 (Ashburn, United States)

ASN202015 (HZ-US-AS, BG)

direct2.knmasdfsdgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.156.13 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

labmediasolutions.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsplus.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)

www.freegames4play.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.156.11 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ermoza.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.9.6.203 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.203.6.9.5.clients.your-server.de

md412.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.156.193 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

trafficred.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.7.209.71 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

gowith.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.134.204 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

lambadapp.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.156.234 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

nexamob.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.135.209 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

cornerstore.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.26 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-26.fra53.r.cloudfront.net

app.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:12d:5b6::2a1 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

apps.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.32.254.77 (Amsterdam, Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

waardex.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.90.7.51 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.51.7.90.157.clients.your-server.de

apts.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.134.242 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appalgo.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.156.19 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

apply.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.66.249 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zainzuri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	g2afse.com 10 redirects labmediasolutions.g2afse.com — Cisco Umbrella Rank: 77932 ermoza.g2afse.com — Cisco Umbrella Rank: 55537 trafficred.g2afse.com — Cisco Umbrella Rank: 410434 adsplus.g2afse.com — Cisco Umbrella Rank: 54300 nexamob.g2afse.com — Cisco Umbrella Rank: 47694 waardex.g2afse.com — Cisco Umbrella Rank: 52033 appricotads.g2afse.com Failed appalgo.g2afse.com — Cisco Umbrella Rank: 43409 apply.g2afse.com — Cisco Umbrella Rank: 65536 imagineads.g2afse.com — Cisco Umbrella Rank: 53501 Failed brainadv.g2afse.com — Cisco Umbrella Rank: 35158 Failed	2 KB
9	cpi-offers.com 6 redirects cpi-offers.com — Cisco Umbrella Rank: 28249	4 KB
4	go2affise.com 4 redirects gowith.go2affise.com — Cisco Umbrella Rank: 50560 lambadapp.go2affise.com — Cisco Umbrella Rank: 44088 cornerstore.go2affise.com — Cisco Umbrella Rank: 25725	2 KB
4	trckswrm.com aptrt.trckswrm.com Failed md412.trckswrm.com — Cisco Umbrella Rank: 53514 apts.trckswrm.com — Cisco Umbrella Rank: 32730	481 B
3	knmasdfsdgs.com direct2.knmasdfsdgs.com — Cisco Umbrella Rank: 40924	414 B
2	apple.com apps.apple.com — Cisco Umbrella Rank: 798
2	appsflyer.com 2 redirects app.appsflyer.com — Cisco Umbrella Rank: 7387	621 B
2	nur68cnnc5.com nur68cnnc5.com — Cisco Umbrella Rank: 21755	3 KB
1	google.com www.google.com — Cisco Umbrella Rank: 13
1	zainzuri.com 1 redirects zainzuri.com — Cisco Umbrella Rank: 78406	513 B
1	freegames4play.com www.freegames4play.com — Cisco Umbrella Rank: 150237
1	expmediadirect1.com 1 redirects click.expmediadirect1.com — Cisco Umbrella Rank: 64369	270 B
0	allontrk.com Failed c.allontrk.com Failed
0	alibaba.com Failed offer.alibaba.com Failed
32	14

	Domain	Requested by
9	cpi-offers.com	6 redirects nur68cnnc5.com cpi-offers.com
3	apts.trckswrm.com	cpi-offers.com
3	direct2.knmasdfsdgs.com	cpi-offers.com
2	apply.g2afse.com	cpi-offers.com
2	appalgo.g2afse.com	2 redirects
2	waardex.g2afse.com	2 redirects
2	apps.apple.com	cpi-offers.com
2	app.appsflyer.com	2 redirects
2	cornerstore.go2affise.com	2 redirects
2	nexamob.g2afse.com	2 redirects
2	ermoza.g2afse.com	2 redirects
2	labmediasolutions.g2afse.com	2 redirects
2	nur68cnnc5.com	nur68cnnc5.com
1	www.google.com	cpi-offers.com
1	zainzuri.com	1 redirects
1	adsplus.g2afse.com	cpi-offers.com
1	lambadapp.go2affise.com	1 redirects
1	gowith.go2affise.com	1 redirects
1	trafficred.g2afse.com	cpi-offers.com
1	md412.trckswrm.com	1 redirects
1	www.freegames4play.com	cpi-offers.com
1	click.expmediadirect1.com	1 redirects
0	brainadv.g2afse.com Failed	cpi-offers.com
0	imagineads.g2afse.com Failed	cpi-offers.com
0	appricotads.g2afse.com Failed	cpi-offers.com
0	c.allontrk.com Failed	cpi-offers.com
0	aptrt.trckswrm.com Failed	cpi-offers.com
0	offer.alibaba.com Failed	cpi-offers.com
32	28

This site contains no links.

Subject Issuer	Validity	Valid
cpi-offers.com Amazon	`2021-10-26` - `2022-11-23`	a year	crt.sh
*.knmasdfsdgs.com Go Daddy Secure Certificate Authority - G2	`2021-07-14` - `2022-08-15`	a year	crt.sh
apts.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2021-12-16` - `2022-03-16`	3 months	crt.sh
*.go2affise.com Go Daddy Secure Certificate Authority - G2	`2021-10-09` - `2022-11-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0
Frame ID: 8660E1D2F333F5A7DE651C1899FF12D1
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://nur68cnnc5.com/ Page URL
http://nur68cnnc5.com/page/bouncy.php?&bpae=GbhGdK0mpUx%2FjnNU5oTpCDdhG%2B8xOimoQmiNBGGKPtfyv53A3L... Page URL
http://click.expmediadirect1.com/click?i=RETE5Ttu7FY_0 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.co... Page URL

Page Statistics

32
Requests

22 %
HTTPS

14 %
IPv6

14
Domains

28
Subdomains

11
IPs

5
Countries

6 kB
Transfer

10 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nur68cnnc5.com/ Page URL
http://nur68cnnc5.com/page/bouncy.php?&bpae=GbhGdK0mpUx%2FjnNU5oTpCDdhG%2B8xOimoQmiNBGGKPtfyv53A3LPrsFqedGryiYNWYyd3mFAuahtQqY9L%2FX3mVmg9pXl8OLBeL50%2BM5LlJ6TrYXcJPJXpufMJdtYWDGEaYZx7LmTo6QTreSyu8ZU0Dn1EeZEw%2FYHZT4WkL5vTtGSKxX3rDwjR10Vi8cnMIB3g8AEp62Qud2HqPE1uezAwbicOqtF4P30wcxRWOhk%2BuHlR6E%2By2r0FO7Nqj%2FI%2FcOYYuFNuh9qhI%2BzIbNMH3mM%2BLgD6UYi5wJyLoalyqV2HpEuasJ1elwRpqUyL%2BVvD6IvxS2swOz6%2BIUjQGSm7ci5jmBLgS4nrSG7y51MNxB32jGPgYZE1moR2TYyMwXVGVgUo9MWvLRZTxZ9ByoDIeV8Kj9leYGaTWRk1L5af1Fvo05znCkhzqnn4DAa4g66WfU7sdPdMaBDJ4A%3D%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
http://click.expmediadirect1.com/click?i=RETE5Ttu7FY_0 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_se_ofid10910945_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat1_sub4_sub5&sub1=729_48501032&sub2=729_48501032_225955_nur68cnnc5.com&sub3=id339532909&sub7=id339532909 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id339532909&sub1=729_48501032&sub2=729_48501032_225955_nur68cnnc5.com HTTP 302
https://offer.alibaba.com/cps/3ba4i0jh?tp1=61fac8b96e0cad000174d57d&pid=729_48501032&adid= HTTP 0
http://offer.alibaba.com/product/w404

Request Chain 6

https://labmediasolutions.g2afse.com/click?pid=3&offer_id=3173&sub1=NCT_iphone_se_ofid11038255_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat4_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.com&sub3=id339532909 HTTP 302
https://labmediasolutions.g2afse.com/click?pid=1&offer_id=73371 HTTP 302
https://www.freegames4play.com/

Request Chain 7

https://lambadapp.go2affise.com/click?pid=46&offer_id=4025176&sub1=NCT_iphone_se_ofid12103494_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat5_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.com&sub3=id339532909 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=429&cid=&sid=46&udid=&name=&info=LambadaSL&blockTime=0 HTTP 302
https://aptrt.trckswrm.com/click?offer_id=8766&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_se_ofid13227846_pid616_sub1_sub246_sub3LambadaSL_nat13_sub4_sub5&pub_sub_id=838400616&pub_sub_sub_id=46&app=id524153305

Request Chain 8

https://ermoza.g2afse.com/click?pid=31&offer_id=15109&sub1=NCT_iphone_se_ofid13186624_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat6_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.com&sub3=id339532909 HTTP 302
https://ermoza.g2afse.com/click?pid=1&offer_id=2171 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=600&cid=61fac8b9746e830001798826&sid=1_&udid=&name=&info=ExplorAdsSL&blockTime=0 HTTP 302
https://md412.trckswrm.com/click?offer_id=222303&pub_id=10&pub_click_id=NCT_iphone_se_ofid13103279_pid616_sub161fac8b9746e830001798826_sub21__sub3ExplorAdsSL_nat7_sub4_sub5&pub_sub_id=838400616&pub_sub_sub_id=1_&app=id1483008483 HTTP 302
https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AjChbuwAAAF-u6ATCQADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1483008483

Request Chain 9

https://gowith.go2affise.com/click?pid=141&offer_id=2322658&sub1=NCT_iphone_se_ofid12933535_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat7_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.com&sub4=id339532909 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=&sid=141&udid=&name=&info=GOWMsl&blockTime=0 HTTP 302
https://lambadapp.go2affise.com/click?pid=46&offer_id=2678861&sub1=NCT_iphone_se_ofid13225703_pid616_sub1_sub2141_sub3GOWMsl_nat12_sub4_sub5&sub2=838400616_141&sub3=id1400134578 HTTP 302
https://adsplus.g2afse.com/click?pid=554&offer_id=3479735&sub1=61fac8b95040bf000114c555&sub2=46_838400616_141&sub3=_&sub4=id1400134578

Request Chain 10

https://nexamob.g2afse.com/click?pid=15&offer_id=254198&sub1=NCT_iphone_se_ofid13203624_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat8_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.com&sub3=id339532909&sub5=id339532909 HTTP 302
https://cornerstore.go2affise.com/click?pid=144&offer_id=200960&sub1=61fac8b90b2ce0000113e873&sub2=15&sub3=id339532909&sub4=&sub8=|254198,15 HTTP 302
https://app.appsflyer.com/id463335337?af_prt=naturalint&pid=s7ahYyWN216xT3&af_sub2=61fac8b96592420001c0e92f&c=EURO_KC_SPB_NaturalIntelligence_CPR_SE_Generic_MO0000006388&af_adset=&af_ad=&af_siteid=144&af_ad_type=af_ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&af_c_id=&af_adset_id=&af_click_lookback=7d&clickid=61fac8b96592420001c0e92f&af_lang=de-DE&af_ip=217.64.151.28 HTTP 302
https://apps.apple.com/US/app/id463335337?mt=8

Request Chain 11

https://waardex.g2afse.com/click?pid=134&offer_id=96681&offer_id=5350&sub1=NCT_iphone_se_ofid13228611_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat9_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.com&sub4=id339532909&sub5=id339532909 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=931&cid=&sid=134&udid=&name=&info=WaardexSL&blockTime=0 HTTP 302
https://apts.trckswrm.com/click?offer_id=198023&pub_id=10&pub_click_id=NCT_iphone_se_ofid12922384_pid616_sub1_sub2134_sub3WaardexSL_nat10_sub4_sub5&pub_sub_id=838400616&pub_sub_sub_id=134&app=id358801284

Request Chain 14

https://t.9696.me/click?pid=868&offer_id=143683&sub4=NCT_iphone_se_ofid12597031_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat12_sub4_sub5&sub1=868_48501032&sub2=868_48501032_225955_nur68cnnc5.com&sub3=id339532909 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id339532909&sub1=868_48501032&sub2=868_48501032_225955_nur68cnnc5.com HTTP 302
https://offer.alibaba.com/cps/3ba4i0jh?tp1=61fac8b9cca7ec0001d15608&pid=868_48501032&adid=

Request Chain 18

https://appalgo.g2afse.com/click?pid=76&offer_id=86556&sub1=NCT_iphone_se_ofid11429569_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat16_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.com&sub5=id339532909 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=76&udid=&name=&info=appalgorem&blockTime=0 HTTP 302
https://waardex.g2afse.com/click?pid=134&offer_id=96681&offer_id=5350&sub1=NCT_iphone_se_ofid13228611_pid616_sub1_sub276_sub3appalgorem_nat9_sub4_sub5&sub2=838400616_76&sub4=id605569663&sub5=id605569663 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=931&cid=&sid=134&udid=&name=&info=WaardexSL&blockTime=0 HTTP 302
https://nexamob.g2afse.com/click?pid=15&offer_id=254198&sub1=NCT_iphone_se_ofid13203624_pid616_sub1_sub2134_sub3WaardexSL_nat8_sub4_sub5&sub2=838400616_134&sub3=id358801284&sub5=id358801284 HTTP 302
https://cornerstore.go2affise.com/click?pid=144&offer_id=200960&sub1=61fac8b92c2e1f000127274d&sub2=15&sub3=id358801284&sub4=&sub8=|254198,15 HTTP 302
https://app.appsflyer.com/id463335337?af_prt=naturalint&pid=JFdDneCZVYO&af_sub2=61fac8b9473aca000141b3e7&c=EURO_KC_SPB_NaturalIntelligence_CPR_SE_Generic_MO0000006388&af_adset=&af_ad=&af_siteid=144&af_ad_type=af_ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36&af_c_id=&af_adset_id=&af_click_lookback=7d&clickid=61fac8b9473aca000141b3e7&af_lang=de-DE&af_ip=217.64.151.28 HTTP 302
https://apps.apple.com/US/app/id463335337?mt=8

Request Chain 20

https://imagineads.g2afse.com/click?pid=38&offer_id=7464&sub1=NCT_iphone_se_ofid12895499_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat18_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.com&sub4=id339532909&sub5=id339532909 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294

Request Chain 21

https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
https://www.google.com/

Request Chain 23

https://lambadapp.go2affise.com/click?pid=46&offer_id=4025176&sub1=NCT_iphone_se_ofid12103494_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat5_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.com&sub3=id339532909 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=429&cid=&sid=46&udid=&name=&info=LambadaSL&blockTime=0 HTTP 302
https://t.9696.me/click?pid=868&offer_id=143683&sub4=NCT_iphone_se_ofid12597031_pid616_sub1_sub246_sub3LambadaSL_nat12_sub4_sub5&sub1=868_4850616&sub2=868_4850616_46&sub3=id1317231325 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1317231325&sub1=868_4850616&sub2=868_4850616_46 HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=61fac8b90c771900011ec51b&pid=868_4850616&adid= HTTP 0
http://offer.alibaba.com/product/w404

Request Chain 24

https://ermoza.g2afse.com/click?pid=31&offer_id=15109&sub1=NCT_iphone_se_ofid13186624_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat6_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.com&sub3=id339532909 HTTP 302
https://ermoza.g2afse.com/click?pid=1&offer_id=2171 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=600&cid=61fac8b95512ea0001191ed6&sid=1_&udid=&name=&info=ExplorAdsSL&blockTime=0 HTTP 302
https://brainadv.g2afse.com/click?pid=3&offer_id=220005&sub3=NCT_iphone_se_ofid13186397_pid616_sub161fac8b95512ea0001191ed6_sub21__sub3ExplorAdsSL_nat12_sub4_sub5&sub1=838400616_1_&sub2=id417571834 HTTP 302
https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=838400616_1_&idfa=&gaid=&app=id417571834 HTTP 0
http://brainadv.g2afse.com/sl?id=60e2066c8bff280d95069af4&pid=17&sub1=25.25&sub3=ApRy8jIAAAF-u6AWCwAAAAAAAAAZAAAABQ&sub2=id417571834&sub4=&sub5=&sub6=9gJf7FfkwDoFuRa1X9i__7

Request Chain 25

https://c.allontrk.com/click?offer_id=181192&pub_id=646&pub_click_id=NCT_iphone_se_ofid13072817_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat11_sub4_sub5&pub_sub_id=8384001032&pub_sub_sub_id=225955_nur68cnnc5.com&app=id339532909 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 26

https://t.9696.me/click?pid=868&offer_id=143683&sub4=NCT_iphone_se_ofid12597031_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat12_sub4_sub5&sub1=868_48501032&sub2=868_48501032_225955_nur68cnnc5.com&sub3=id339532909 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id339532909&sub1=868_48501032&sub2=868_48501032_225955_nur68cnnc5.com HTTP 302
https://offer.alibaba.com/cps/3ba4i0jh?tp1=61fac8b9cca7ec0001d1567d&pid=868_48501032&adid= HTTP 0
http://offer.alibaba.com/product/w404

Request Chain 27

https://c.allontrk.com/click?offer_id=145252&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_se_ofid13069154_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat13_sub4_sub5&pub_sub_id=8384001032&pub_sub_sub_id=225955_nur68cnnc5.com&app=id339532909 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 28

https://appricotads.g2afse.com/click?pid=251&offer_id=29613&ref_id=NCT_iphone_se_ofid12711076_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat14_sub4_sub5&sub1=251_48501032&sub2=225955_nur68cnnc5.com&sub6=id339532909 HTTP 0
http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_48501032&sub2=225955_nur68cnnc5.com&sub3=&sub4=&sub5=251&sub6=251_48501032&sub7=225955_nur68cnnc5.com&sub8=29613

Request Chain 29

https://appalgo.g2afse.com/click?pid=76&offer_id=86556&sub1=NCT_iphone_se_ofid11429569_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat16_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.com&sub5=id339532909 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=76&udid=&name=&info=appalgorem&blockTime=0 HTTP 302
https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=838400616&q=

32 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response nur68cnnc5.com/	2 KB 2 KB	750ms 631ms	Document text/html	2607:fad0:3801:4::1 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL http://nur68cnnc5.com/ Protocol HTTP/1.1 Server 2607:fad0:3801:4::1 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16 Resource Hash `ddcac0e6e9f152cdf73d5b3a791a8cff92a6468ed406f6c8650a0b8e60f9419a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Wed, 02 Feb 2022 18:08:55 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 X-Powered-By PHP/5.4.16 Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	bouncy.php Show response nur68cnnc5.com/page/	688 B 973 B	262ms 126ms	Document text/html	2607:fad0:3801:4::1 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL http://nur68cnnc5.com/page/bouncy.php?&bpae=GbhGdK0mpUx%2FjnNU5oTpCDdhG%2B8xOimoQmiNBGGKPtfyv53A3LPrsFqedGryiYNWYyd3mFAuahtQqY9L%2FX3mVmg9pXl8OLBeL50%2BM5LlJ6TrYXcJPJXpufMJdtYWDGEaYZx7LmTo6QTreSyu8ZU0Dn1EeZEw%2FYHZT4WkL5vTtGSKxX3rDwjR10Vi8cnMIB3g8AEp62Qud2HqPE1uezAwbicOqtF4P30wcxRWOhk%2BuHlR6E%2By2r0FO7Nqj%2FI%2FcOYYuFNuh9qhI%2BzIbNMH3mM%2BLgD6UYi5wJyLoalyqV2HpEuasJ1elwRpqUyL%2BVvD6IvxS2swOz6%2BIUjQGSm7ci5jmBLgS4nrSG7y51MNxB32jGPgYZE1moR2TYyMwXVGVgUo9MWvLRZTxZ9ByoDIeV8Kj9leYGaTWRk1L5af1Fvo05znCkhzqnn4DAa4g66WfU7sdPdMaBDJ4A%3D%3D&redirectType=js&inIframe=false&inPopUp=false Requested by Host: nur68cnnc5.com URL: http://nur68cnnc5.com/ Protocol HTTP/1.1 Server 2607:fad0:3801:4::1 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16 Resource Hash `a5fe97681323a620a607593a1ebefc496636d6e8662c678afb33f2f3f649282a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://nur68cnnc5.com/ Response headers Date Wed, 02 Feb 2022 18:08:56 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 X-Powered-By PHP/5.4.16 Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	Primary Request fantastic.html Show response cpi-offers.com/ Redirect Chain http://click.expmediadirect1.com/click?i=RETE5Ttu7FY_0 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0	5 KB 1 KB	52ms 16ms	Document text/html	18.195.230.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Requested by Host: nur68cnnc5.com URL: http://nur68cnnc5.com/page/bouncy.php?&bpae=GbhGdK0mpUx%2FjnNU5oTpCDdhG%2B8xOimoQmiNBGGKPtfyv53A3LPrsFqedGryiYNWYyd3mFAuahtQqY9L%2FX3mVmg9pXl8OLBeL50%2BM5LlJ6TrYXcJPJXpufMJdtYWDGEaYZx7LmTo6QTreSyu8ZU0Dn1EeZEw%2FYHZT4WkL5vTtGSKxX3rDwjR10Vi8cnMIB3g8AEp62Qud2HqPE1uezAwbicOqtF4P30wcxRWOhk%2BuHlR6E%2By2r0FO7Nqj%2FI%2FcOYYuFNuh9qhI%2BzIbNMH3mM%2BLgD6UYi5wJyLoalyqV2HpEuasJ1elwRpqUyL%2BVvD6IvxS2swOz6%2BIUjQGSm7ci5jmBLgS4nrSG7y51MNxB32jGPgYZE1moR2TYyMwXVGVgUo9MWvLRZTxZ9ByoDIeV8Kj9leYGaTWRk1L5af1Fvo05znCkhzqnn4DAa4g66WfU7sdPdMaBDJ4A%3D%3D&redirectType=js&inIframe=false&inPopUp=false Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.230.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-230-97.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `d7641ea99668e51877905a357dd38152281aafa5d839b5118b77a9be8461c3c9` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://nur68cnnc5.com/page/bouncy.php?&bpae=GbhGdK0mpUx%2FjnNU5oTpCDdhG%2B8xOimoQmiNBGGKPtfyv53A3LPrsFqedGryiYNWYyd3mFAuahtQqY9L%2FX3mVmg9pXl8OLBeL50%2BM5LlJ6TrYXcJPJXpufMJdtYWDGEaYZx7LmTo6QTreSyu8ZU0Dn1EeZEw%2FYHZT4WkL5vTtGSKxX3rDwjR10Vi8cnMIB3g8AEp62Qud2HqPE1uezAwbicOqtF4P30wcxRWOhk%2BuHlR6E%2By2r0FO7Nqj%2FI%2FcOYYuFNuh9qhI%2BzIbNMH3mM%2BLgD6UYi5wJyLoalyqV2HpEuasJ1elwRpqUyL%2BVvD6IvxS2swOz6%2BIUjQGSm7ci5jmBLgS4nrSG7y51MNxB32jGPgYZE1moR2TYyMwXVGVgUo9MWvLRZTxZ9ByoDIeV8Kj9leYGaTWRk1L5af1Fvo05znCkhzqnn4DAa4g66WfU7sdPdMaBDJ4A%3D%3D&redirectType=js&inIframe=false&inPopUp=false Response headers date Wed, 02 Feb 2022 18:08:56 GMT content-type text/html; charset=utf-8 server nginx/1.14.1 x-powered-by Express access-control-allow-origin * etag W/"1370-y1V1j6QflaAkoBsx/fLksasoM+I" vary Accept-Encoding content-encoding gzip Redirect headers Cache-Control no-store Content-Length 0 Age 0 Connection keep-alive Location https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Pragma no-cache
GET H2	200	main.js Show response cpi-offers.com/jsf/	3 KB 1 KB	8ms 7ms	Script application/javascript	18.195.230.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/jsf/main.js Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.230.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-230-97.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 18:08:56 GMT content-encoding gzip etag "415756-2720-1643558476000" last-modified Sun, 30 Jan 2022 16:01:16 GMT server nginx/1.14.1 x-powered-by Express vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=3600
GET		w404 offer.alibaba.com/product/ Redirect Chain https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_se_ofid10910945_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat1_sub4_sub5&sub1=729_48501032&sub2=729_48501032_225955_nu... https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id339532909&sub1=729_48501032&sub2=729_48501032_225955_nur68cnnc5.com https://offer.alibaba.com/cps/3ba4i0jh?tp1=61fac8b96e0cad000174d57d&pid=729_48501032&adid= http://offer.alibaba.com/product/w404	0 0

GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	413ms 191ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=8384001032&q= Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 02 Feb 2022 18:08:56 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	414ms 192ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=8384001032&q= Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 02 Feb 2022 18:08:56 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET H2	200	/ www.freegames4play.com/ Redirect Chain https://labmediasolutions.g2afse.com/click?pid=3&offer_id=3173&sub1=NCT_iphone_se_ofid11038255_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat4_sub4_sub5&sub2=8384001032_225955_nur68cn... https://labmediasolutions.g2afse.com/click?pid=1&offer_id=73371 https://www.freegames4play.com/	0 0	220ms 173ms	Stylesheet text/html	23.227.38.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.freegames4play.com/ Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Server 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location https://www.freegames4play.com/ date Wed, 02 Feb 2022 18:08:57 GMT server nginx access-control-allow-origin * content-length 0
GET		click aptrt.trckswrm.com/ Redirect Chain https://lambadapp.go2affise.com/click?pid=46&offer_id=4025176&sub1=NCT_iphone_se_ofid12103494_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat5_sub4_sub5&sub2=8384001032_225955_nur68cnn... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=429&cid=&sid=46&udid=&name=&info=LambadaSL&blockTime=0 https://aptrt.trckswrm.com/click?offer_id=8766&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_se_ofid13227846_pid616_sub1_sub246_sub3LambadaSL_nat13_sub4_sub5&pub_sub_id=838400616&pub_sub_sub_id=46&ap...	0 0

GET H2	404	click trafficred.g2afse.com/ Redirect Chain https://ermoza.g2afse.com/click?pid=31&offer_id=15109&sub1=NCT_iphone_se_ofid13186624_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat6_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.com&s... https://ermoza.g2afse.com/click?pid=1&offer_id=2171 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=600&cid=61fac8b9746e830001798826&sid=1_&udid=&name=&info=ExplorAdsSL&blockTime=0 https://md412.trckswrm.com/click?offer_id=222303&pub_id=10&pub_click_id=NCT_iphone_se_ofid13103279_pid616_sub161fac8b9746e830001798826_sub21__sub3ExplorAdsSL_nat7_sub4_sub5&pub_sub_id=838400616&pub... https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AjChbuwAAAF-u6ATCQADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1483008483	0 0	58ms 13ms	Stylesheet text/html	213.227.156.193 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AjChbuwAAAF-u6ATCQADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1483008483 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Server 213.227.156.193 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AjChbuwAAAF-u6ATCQADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1483008483 date Wed, 02 Feb 2022 18:08:57 GMT referrer-policy no-referrer content-length 0
GET H2	200	click adsplus.g2afse.com/ Redirect Chain https://gowith.go2affise.com/click?pid=141&offer_id=2322658&sub1=NCT_iphone_se_ofid12933535_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat7_sub4_sub5&sub2=8384001032_225955_nur68cnnc5... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=&sid=141&udid=&name=&info=GOWMsl&blockTime=0 https://lambadapp.go2affise.com/click?pid=46&offer_id=2678861&sub1=NCT_iphone_se_ofid13225703_pid616_sub1_sub2141_sub3GOWMsl_nat12_sub4_sub5&sub2=838400616_141&sub3=id1400134578 https://adsplus.g2afse.com/click?pid=554&offer_id=3479735&sub1=61fac8b95040bf000114c555&sub2=46_838400616_141&sub3=_&sub4=id1400134578	0 0	36ms 17ms	Stylesheet text/html	213.227.156.13 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://adsplus.g2afse.com/click?pid=554&offer_id=3479735&sub1=61fac8b95040bf000114c555&sub2=46_838400616_141&sub3=_&sub4=id1400134578 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Server 213.227.156.13 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location https://adsplus.g2afse.com/click?pid=554&offer_id=3479735&sub1=61fac8b95040bf000114c555&sub2=46_838400616_141&sub3=_&sub4=id1400134578 date Wed, 02 Feb 2022 18:08:57 GMT referer referrer-policy no-referrer server nginx access-control-allow-origin * content-length 0
GET H2	404	id463335337 apps.apple.com/US/app/ Redirect Chain https://nexamob.g2afse.com/click?pid=15&offer_id=254198&sub1=NCT_iphone_se_ofid13203624_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat8_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.com... https://cornerstore.go2affise.com/click?pid=144&offer_id=200960&sub1=61fac8b90b2ce0000113e873&sub2=15&sub3=id339532909&sub4=&sub8=\|254198,15 https://app.appsflyer.com/id463335337?af_prt=naturalint&pid=s7ahYyWN216xT3&af_sub2=61fac8b96592420001c0e92f&c=EURO_KC_SPB_NaturalIntelligence_CPR_SE_Generic_MO0000006388&af_adset=&af_ad=&af_siteid=... https://apps.apple.com/US/app/id463335337?mt=8	0 0	758ms 247ms	Stylesheet text/html	2a02:26f0:12d:5b6::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/US/app/id463335337?mt=8 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Server 2a02:26f0:12d:5b6::2a1 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Wed, 02 Feb 2022 18:08:57 GMT via 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront) server http-kit x-amz-cf-pop FRA53-C1 strict-transport-security max-age=31536000; includeSubDomains x-cache Miss from cloudfront content-type application/octet-stream location https://apps.apple.com/US/app/id463335337?mt=8 content-length 0 x-amz-cf-id Bc7Hl4RNa317FJe0CcMA5vf-lti5xEWtShpA6ijgy1DCRQobiM0esA==
GET H/1.1	200 OK	click apts.trckswrm.com/ Redirect Chain https://waardex.g2afse.com/click?pid=134&offer_id=96681&offer_id=5350&sub1=NCT_iphone_se_ofid13228611_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat9_sub4_sub5&sub2=8384001032_225955_... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=931&cid=&sid=134&udid=&name=&info=WaardexSL&blockTime=0 https://apts.trckswrm.com/click?offer_id=198023&pub_id=10&pub_click_id=NCT_iphone_se_ofid12922384_pid616_sub1_sub2134_sub3WaardexSL_nat10_sub4_sub5&pub_sub_id=838400616&pub_sub_sub_id=134&app=id358...	0 75 B	12ms 12ms	Stylesheet text/plain	157.90.7.51 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=198023&pub_id=10&pub_click_id=NCT_iphone_se_ofid12922384_pid616_sub1_sub2134_sub3WaardexSL_nat10_sub4_sub5&pub_sub_id=838400616&pub_sub_sub_id=134&app=id358801284 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Server 157.90.7.51 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.51.7.90.157.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 18:08:57 GMT content-length 0 Redirect headers date Wed, 02 Feb 2022 18:08:57 GMT content-encoding gzip server nginx/1.14.1 location https://apts.trckswrm.com/click?offer_id=198023&pub_id=10&pub_click_id=NCT_iphone_se_ofid12922384_pid616_sub1_sub2134_sub3WaardexSL_nat10_sub4_sub5&pub_sub_id=838400616&pub_sub_sub_id=134&app=id358801284 x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	73ms 12ms	Stylesheet text/plain	157.90.7.51 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=25723&pub_id=10&pub_click_id=NCT_iphone_se_ofid10141459_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat10_sub4_sub5&pub_sub_id=8384001032&pub_sub_sub_id=225955_nur68cnnc5.com&app=id339532909 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 157.90.7.51 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.51.7.90.157.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 18:08:57 GMT content-length 0
GET		click c.allontrk.com/	0 0

GET		3ba4i0jh offer.alibaba.com/cps/ Redirect Chain https://t.9696.me/click?pid=868&offer_id=143683&sub4=NCT_iphone_se_ofid12597031_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat12_sub4_sub5&sub1=868_48501032&sub2=868_48501032_225955_n... https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id339532909&sub1=868_48501032&sub2=868_48501032_225955_nur68cnnc5.com https://offer.alibaba.com/cps/3ba4i0jh?tp1=61fac8b9cca7ec0001d15608&pid=868_48501032&adid=	0 0

GET		click c.allontrk.com/	0 0

GET		click appricotads.g2afse.com/	0 0

GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	72ms 13ms	Stylesheet text/plain	157.90.7.51 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=389930&pub_id=10&pub_click_id=NCT_iphone_se_ofid13015963_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat15_sub4_sub5&pub_sub_id=8384001032&pub_sub_sub_id=225955_nur68cnnc5.com&app=id339532909 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 157.90.7.51 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.51.7.90.157.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 18:08:57 GMT content-length 0
GET H2	404	id463335337 apps.apple.com/US/app/ Redirect Chain https://appalgo.g2afse.com/click?pid=76&offer_id=86556&sub1=NCT_iphone_se_ofid11429569_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat16_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.com... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=76&udid=&name=&info=appalgorem&blockTime=0 https://waardex.g2afse.com/click?pid=134&offer_id=96681&offer_id=5350&sub1=NCT_iphone_se_ofid13228611_pid616_sub1_sub276_sub3appalgorem_nat9_sub4_sub5&sub2=838400616_76&sub4=id605569663&sub5=id6055... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=931&cid=&sid=134&udid=&name=&info=WaardexSL&blockTime=0 https://nexamob.g2afse.com/click?pid=15&offer_id=254198&sub1=NCT_iphone_se_ofid13203624_pid616_sub1_sub2134_sub3WaardexSL_nat8_sub4_sub5&sub2=838400616_134&sub3=id358801284&sub5=id358801284 https://cornerstore.go2affise.com/click?pid=144&offer_id=200960&sub1=61fac8b92c2e1f000127274d&sub2=15&sub3=id358801284&sub4=&sub8=\|254198,15 https://app.appsflyer.com/id463335337?af_prt=naturalint&pid=JFdDneCZVYO&af_sub2=61fac8b9473aca000141b3e7&c=EURO_KC_SPB_NaturalIntelligence_CPR_SE_Generic_MO0000006388&af_adset=&af_ad=&af_siteid=144... https://apps.apple.com/US/app/id463335337?mt=8	0 0	732ms 271ms	Stylesheet text/html	2a02:26f0:12d:5b6::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/US/app/id463335337?mt=8 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Server 2a02:26f0:12d:5b6::2a1 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Wed, 02 Feb 2022 18:08:57 GMT via 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront) server http-kit x-amz-cf-pop FRA53-C1 strict-transport-security max-age=31536000; includeSubDomains x-cache Miss from cloudfront content-type application/octet-stream location https://apps.apple.com/US/app/id463335337?mt=8 content-length 0 x-amz-cf-id 7ugNGtIQ_jKFKdhE8G1U1lqxp64TqYBDgLwBvpx_9WZEHWJMl7Cafg==
GET H2	404	click apply.g2afse.com/	0 0	50ms 12ms	Stylesheet text/html	213.227.156.19 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apply.g2afse.com/click?pid=3&offer_id=1645&sub1=NCT_iphone_se_ofid8342331_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat17_sub4_sub5&sub4=id339532909&sub2=8384001032_225955_nur68cnnc5.com Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.156.19 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET		click imagineads.g2afse.com/ Redirect Chain https://imagineads.g2afse.com/click?pid=38&offer_id=7464&sub1=NCT_iphone_se_ofid12895499_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat18_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.c... https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=38&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294	0 0

GET H2	200	/ www.google.com/ Redirect Chain https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D https://www.google.com/	0 0	204ms 181ms	Stylesheet text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Wed, 02 Feb 2022 18:08:57 GMT referrer-policy origin cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SeL0bPb3Sye9PGo%2FaFfjoGsJbnE7wtsa5mXoJCvzCXp3P2U3xAjder81eP5bRbLusL9xNrgvwBxwRJS9AEygJ3linaJ2Rzl4g4ZDSZCD4peymLj1TUCtWQ95lQfx9YA%3D"}],"group":"cf-nel","max_age":604800} location https://www.google.com cf-ray 6d755e244d7a0be5-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	swback cpi-offers.com/	0 0	8ms 8ms	Fetch text/html	18.195.230.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/swback Requested by Host: cpi-offers.com URL: https://cpi-offers.com/jsf/main.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.230.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-230-97.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 18:08:56 GMT content-encoding gzip etag W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk" server nginx/1.14.1 x-powered-by Express vary Accept-Encoding content-type text/html; charset=utf-8 access-control-allow-origin *
GET		w404 offer.alibaba.com/product/ Redirect Chain https://lambadapp.go2affise.com/click?pid=46&offer_id=4025176&sub1=NCT_iphone_se_ofid12103494_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat5_sub4_sub5&sub2=8384001032_225955_nur68cnn... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=429&cid=&sid=46&udid=&name=&info=LambadaSL&blockTime=0 https://t.9696.me/click?pid=868&offer_id=143683&sub4=NCT_iphone_se_ofid12597031_pid616_sub1_sub246_sub3LambadaSL_nat12_sub4_sub5&sub1=868_4850616&sub2=868_4850616_46&sub3=id1317231325 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1317231325&sub1=868_4850616&sub2=868_4850616_46 https://offer.alibaba.com/cps/rq9rg325?tp1=61fac8b90c771900011ec51b&pid=868_4850616&adid= http://offer.alibaba.com/product/w404	0 0

GET		sl brainadv.g2afse.com/ Redirect Chain https://ermoza.g2afse.com/click?pid=31&offer_id=15109&sub1=NCT_iphone_se_ofid13186624_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat6_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.com&s... https://ermoza.g2afse.com/click?pid=1&offer_id=2171 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=600&cid=61fac8b95512ea0001191ed6&sid=1_&udid=&name=&info=ExplorAdsSL&blockTime=0 https://brainadv.g2afse.com/click?pid=3&offer_id=220005&sub3=NCT_iphone_se_ofid13186397_pid616_sub161fac8b95512ea0001191ed6_sub21__sub3ExplorAdsSL_nat12_sub4_sub5&sub1=838400616_1_&sub2=id417571834 https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=838400616_1_&idfa=&gaid=&app=id417571834 http://brainadv.g2afse.com/sl?id=60e2066c8bff280d95069af4&pid=17&sub1=25.25&sub3=ApRy8jIAAAF-u6AWCwAAAAAAAAAZAAAABQ&sub2=id417571834&sub4=&sub5=&sub6=9gJf7FfkwDoFuRa1X9i__7	0 0

GET		recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=181192&pub_id=646&pub_click_id=NCT_iphone_se_ofid13072817_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat11_sub4_sub5&pub_sub_id=8384001032&pub_su... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 0

GET		w404 offer.alibaba.com/product/ Redirect Chain https://t.9696.me/click?pid=868&offer_id=143683&sub4=NCT_iphone_se_ofid12597031_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat12_sub4_sub5&sub1=868_48501032&sub2=868_48501032_225955_n... https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id339532909&sub1=868_48501032&sub2=868_48501032_225955_nur68cnnc5.com https://offer.alibaba.com/cps/3ba4i0jh?tp1=61fac8b9cca7ec0001d1567d&pid=868_48501032&adid= http://offer.alibaba.com/product/w404	0 0

GET		recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=145252&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_se_ofid13069154_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat13_sub4_sub5&pub_sub_id=838400... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 0

GET		sl appricotads.g2afse.com/ Redirect Chain https://appricotads.g2afse.com/click?pid=251&offer_id=29613&ref_id=NCT_iphone_se_ofid12711076_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat14_sub4_sub5&sub1=251_48501032&sub2=225955_... http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_48501032&sub2=225955_nur68cnnc5.com&sub3=&sub4=&sub5=251&sub6=251_48501032&sub7=225955_nur68cnnc5.com&sub8=29613	0 0

GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/ Redirect Chain https://appalgo.g2afse.com/click?pid=76&offer_id=86556&sub1=NCT_iphone_se_ofid11429569_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat16_sub4_sub5&sub2=8384001032_225955_nur68cnnc5.com... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=76&udid=&name=&info=appalgorem&blockTime=0 https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=838400616&q=	0 138 B	323ms 136ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=838400616&q= Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 02 Feb 2022 18:08:57 GMT Server nginx Connection close Content-Type text/html; charset=utf-8 Redirect headers date Wed, 02 Feb 2022 18:08:58 GMT content-encoding gzip server nginx/1.14.1 location https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=838400616&q= x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H2	404	click apply.g2afse.com/	0 0	12ms 12ms	Stylesheet text/html	213.227.156.19 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apply.g2afse.com/click?pid=3&offer_id=1645&sub1=NCT_iphone_se_ofid8342331_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat17_sub4_sub5&sub4=id339532909&sub2=8384001032_225955_nur68cnnc5.com Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.156.19 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: offer.alibaba.com
URL: http://offer.alibaba.com/product/w404

Domain: aptrt.trckswrm.com
URL: https://aptrt.trckswrm.com/click?offer_id=8766&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_se_ofid13227846_pid616_sub1_sub246_sub3LambadaSL_nat13_sub4_sub5&pub_sub_id=838400616&pub_sub_sub_id=46&app=id524153305

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=181192&pub_id=646&pub_click_id=NCT_iphone_se_ofid13072817_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat11_sub4_sub5&pub_sub_id=8384001032&pub_sub_sub_id=225955_nur68cnnc5.com&app=id339532909

Domain: offer.alibaba.com
URL: https://offer.alibaba.com/cps/3ba4i0jh?tp1=61fac8b9cca7ec0001d15608&pid=868_48501032&adid=

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=145252&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_se_ofid13069154_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat13_sub4_sub5&pub_sub_id=8384001032&pub_sub_sub_id=225955_nur68cnnc5.com&app=id339532909

Domain: appricotads.g2afse.com
URL: https://appricotads.g2afse.com/click?pid=251&offer_id=29613&ref_id=NCT_iphone_se_ofid12711076_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat14_sub4_sub5&sub1=251_48501032&sub2=225955_nur68cnnc5.com&sub6=id339532909

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=5&offer_id=7294

Domain: offer.alibaba.com
URL: http://offer.alibaba.com/product/w404

Domain: brainadv.g2afse.com
URL: http://brainadv.g2afse.com/sl?id=60e2066c8bff280d95069af4&pid=17&sub1=25.25&sub3=ApRy8jIAAAF-u6AWCwAAAAAAAAAZAAAABQ&sub2=id417571834&sub4=&sub5=&sub6=9gJf7FfkwDoFuRa1X9i__7

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: offer.alibaba.com
URL: http://offer.alibaba.com/product/w404

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: appricotads.g2afse.com
URL: http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_48501032&sub2=225955_nur68cnnc5.com&sub3=&sub4=&sub5=251&sub6=251_48501032&sub7=225955_nur68cnnc5.com&sub8=29613

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| urlB64ToUint8Array function| initializeUI function| subscribeUser function| updateSubscriptionOnServer

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nexamob.g2afse.com/	1970-01-20 09:22:41	Name: afoffers Value: {"254198":1643825337}
ermoza.g2afse.com/	1970-01-20 09:22:41	Name: afoffers Value: {"2171":1643825337}
labmediasolutions.g2afse.com/	1970-01-20 09:22:41	Name: afclick Value: 61fac8b97b0f2c000190dc25
labmediasolutions.g2afse.com/	1970-01-20 09:22:41	Name: afoffers Value: {"73371":1643825337}
lambadapp.go2affise.com/	1970-01-20 09:22:41	Name: afclick Value: 61fac8b95040bf000114c555
lambadapp.go2affise.com/	1970-01-20 09:22:41	Name: afoffers Value: {"2678861":1643825337}
nexamob.g2afse.com/	1970-01-20 09:22:41	Name: afclick Value: 61fac8b92c2e1f000127274d
cornerstore.go2affise.com/	1970-01-20 09:22:41	Name: afoffers Value: {"200960":1643825337}
cornerstore.go2affise.com/	1970-01-20 09:22:41	Name: afclick Value: 61fac8b9473aca000141b3e7
.alibaba.com/	1969-12-31 23:59:59	Name: cookie2 Value: a8a2605d7cf522c1ed084b741dbcf3e8
.alibaba.com/	1970-01-23 14:03:02	Name: t Value: 2f8de73834927f7d332a2df063e53c1c
.alibaba.com/	1969-12-31 23:59:59	Name: _tb_token_ Value: ee18e9e743e7a
ermoza.g2afse.com/	1970-01-20 09:22:41	Name: afclick Value: 61fac8b95512ea0001191ed6
t.9696.me/	1970-01-20 09:22:41	Name: afclick Value: 61fac8b9cca7ec0001d1567d

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=1645&sub1=NCT_iphone_se_ofid8342331_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat17_sub4_sub5&sub4=id339532909&sub2=8384001032_225955_nur68cnnc5.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AjChbuwAAAF-u6ATCQADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1483008483 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://imagineads.g2afse.com/click?pid=5&offer_id=7294 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://offer.alibaba.com/product/w404'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://offer.alibaba.com/product/w404'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://brainadv.g2afse.com/sl?id=60e2066c8bff280d95069af4&pid=17&sub1=25.25&sub3=ApRy8jIAAAF-u6AWCwAAAAAAAAAZAAAABQ&sub2=id417571834&sub4=&sub5=&sub6=9gJf7FfkwDoFuRa1X9i__7'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://apps.apple.com/US/app/id463335337?mt=8 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://apps.apple.com/US/app/id463335337?mt=8 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://offer.alibaba.com/product/w404'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_nur68cnnc5.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_48501032&sub2=225955_nur68cnnc5.com&sub3=&sub4=&sub5=251&sub6=251_48501032&sub7=225955_nur68cnnc5.com&sub8=29613'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=1645&sub1=NCT_iphone_se_ofid8342331_pid1032_sub1,_sub2225955_nur68cnnc5.com_sub3ExplorAdsSL2_nat17_sub4_sub5&sub4=id339532909&sub2=8384001032_225955_nur68cnnc5.com Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsplus.g2afse.com
app.appsflyer.com
appalgo.g2afse.com
apply.g2afse.com
appricotads.g2afse.com
apps.apple.com
aptrt.trckswrm.com
apts.trckswrm.com
brainadv.g2afse.com
c.allontrk.com
click.expmediadirect1.com
cornerstore.go2affise.com
cpi-offers.com
direct2.knmasdfsdgs.com
ermoza.g2afse.com
gowith.go2affise.com
imagineads.g2afse.com
labmediasolutions.g2afse.com
lambadapp.go2affise.com
md412.trckswrm.com
nexamob.g2afse.com
nur68cnnc5.com
offer.alibaba.com
trafficred.g2afse.com
waardex.g2afse.com
www.freegames4play.com
www.google.com
zainzuri.com
appricotads.g2afse.com
aptrt.trckswrm.com
brainadv.g2afse.com
c.allontrk.com
imagineads.g2afse.com
offer.alibaba.com
104.21.66.249
143.204.215.26
157.90.7.51
18.195.230.97
185.33.87.146
198.134.116.30
212.32.254.77
212.7.209.71
213.227.134.204
213.227.134.242
213.227.135.209
213.227.156.11
213.227.156.13
213.227.156.19
213.227.156.193
213.227.156.234
23.227.38.74
2607:fad0:3801:4::1
2a00:1450:4001:831::2004
2a02:26f0:12d:5b6::2a1
5.9.6.203
3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1
a5fe97681323a620a607593a1ebefc496636d6e8662c678afb33f2f3f649282a
d7641ea99668e51877905a357dd38152281aafa5d839b5118b77a9be8461c3c9
ddcac0e6e9f152cdf73d5b3a791a8cff92a6468ed406f6c8650a0b8e60f9419a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cpi-offers.com Open in urlscan Pro 18.195.230.97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

32 Requests

22 %HTTPS

14 %IPv6

14 Domains

28 Subdomains

11 IPs

5 Countries

6 kBTransfer

10 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

14 Cookies

14 Console Messages

Indicators

cpi-offers.com Open in urlscan Pro
18.195.230.97 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

22 %
HTTPS

14 %
IPv6

14
Domains

28
Subdomains

11
IPs

5
Countries

6 kB
Transfer

10 kB
Size

14
Cookies

32 HTTP transactions
0 data transactions