cpi-offers.com Open in urlscan Pro
54.93.38.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKT...
Effective URL:
http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKT...
Submission: On January 19 via api (January 19th 2022, 12:31:15 am UTC) from DE — Scanned from DE

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 20 domains to perform 46 HTTP transactions. The main IP is 54.93.38.64, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com. The Cisco Umbrella rank of the primary domain is 28249.

This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11 16	54.93.38.64 54.93.38.64	16509 (AMAZON-02) (AMAZON-02)
4 7	213.227.135.235 213.227.135.235	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	5.9.6.124 5.9.6.124	24940 (HETZNER-AS) (HETZNER-AS)
1 2	213.227.134.198 213.227.134.198	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	2a02:26f0:170... 2a02:26f0:1700:798::374e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	185.33.87.146 185.33.87.146	202015 (HZ-US-AS) (HZ-US-AS)
5 8	213.227.134.202 213.227.134.202	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
8 8	212.7.209.71 212.7.209.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4 8	104.111.243.137 104.111.243.137	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	213.227.135.231 213.227.135.231	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	5.9.5.202 5.9.5.202	24940 (HETZNER-AS) (HETZNER-AS)
7	5.9.5.210 5.9.5.210	24940 (HETZNER-AS) (HETZNER-AS)
6 7	213.227.135.207 213.227.135.207	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 3	213.227.134.200 213.227.134.200	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4 4	213.227.134.240 213.227.134.240	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	2606:4700:303... 2606:4700:3039::6815:c09f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	5.9.6.203 5.9.6.203	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3037::6815:4dc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	88.99.70.114 88.99.70.114	24940 (HETZNER-AS) (HETZNER-AS)
2 2	83.147.204.15 83.147.204.15	202492 (SGHL1-AS) (SGHL1-AS)
2 2	18.66.97.59 18.66.97.59	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:170... 2a02:26f0:1700:394::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	213.227.135.229 213.227.135.229	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.135.209 213.227.135.209	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	104.21.66.249 104.21.66.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2 2	213.227.135.213 213.227.135.213	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	23.22.219.199 23.22.219.199	14618 (AMAZON-AES) (AMAZON-AES)
46	18

16 54.93.38.64 (Frankfurt am Main, Germany) 11 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-38-64.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 213.227.135.235 (Netherlands) 4 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

digitalfuture.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apply.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.9.6.124 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.124.6.9.5.clients.your-server.de

md412.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.134.198 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ad.mobcho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
appitate.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:798::374e (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.visitdubai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.87.146 (Ashburn, United States)

ASN202015 (HZ-US-AS, BG)

direct2.knmasdfsdgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.227.134.202 (Netherlands) 5 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

go2.lkjlkjkljsdflkjsdfklsfjklsd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zildd.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.7.209.71 (Netherlands) 8 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

t.9696.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.111.243.137 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-243-137.deploy.static.akamaitechnologies.com

offer.alibaba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.135.231 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

olamob.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.9.5.202 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.202.5.9.5.clients.your-server.de

apply.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 5.9.5.210 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.210.5.9.5.clients.your-server.de

apts.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 213.227.135.207 (Netherlands) 6 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

mookomedia.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.134.200 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appricotads.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.227.134.240 (Netherlands) 4 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ad-experience.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3039::6815:c09f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

adstory.gotrackier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adjar.gotrackier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 5.9.6.203 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.203.6.9.5.clients.your-server.de

c.allontrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:4dc9 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.bidrivo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.70.114 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.114.70.99.88.clients.your-server.de

aptrt.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 83.147.204.15 (Iran, Islamic Republic Of) 2 redirects

ASN202492 (SGHL1-AS, NL)

refpa.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.59 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-59.fra56.r.cloudfront.net

1xbet.onelink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:394::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

apps.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.135.229 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appitate.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.135.209 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appalgo.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.66.249 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zainzuri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.135.213 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ttmma.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.22.219.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-219-199.compute-1.amazonaws.com

trk.whisursand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	g2afse.com 24 redirects digitalfuture.g2afse.com — Cisco Umbrella Rank: 35599 olamob.g2afse.com — Cisco Umbrella Rank: 42121 zildd.g2afse.com — Cisco Umbrella Rank: 49223 mookomedia.g2afse.com — Cisco Umbrella Rank: 42611 appricotads.g2afse.com — Cisco Umbrella Rank: 53873 apply.g2afse.com — Cisco Umbrella Rank: 65536 ad-experience.g2afse.com — Cisco Umbrella Rank: 42316 imagineads.g2afse.com — Cisco Umbrella Rank: 53501 Failed appitate.g2afse.com — Cisco Umbrella Rank: 50459 appalgo.g2afse.com — Cisco Umbrella Rank: 43409	5 KB
16	cpi-offers.com 11 redirects cpi-offers.com — Cisco Umbrella Rank: 28249	8 KB
12	trckswrm.com 3 redirects md412.trckswrm.com — Cisco Umbrella Rank: 53514 apply.trckswrm.com — Cisco Umbrella Rank: 39300 apts.trckswrm.com — Cisco Umbrella Rank: 32730 aptrt.trckswrm.com — Cisco Umbrella Rank: 32968	1 KB
8	alibaba.com 4 redirects offer.alibaba.com — Cisco Umbrella Rank: 24953	5 KB
8	9696.me 8 redirects t.9696.me — Cisco Umbrella Rank: 35348	2 KB
6	allontrk.com 3 redirects c.allontrk.com — Cisco Umbrella Rank: 34748	771 B
4	lkjlkjkljsdflkjsdfklsfjklsd.com 3 redirects go2.lkjlkjkljsdflkjsdfklsfjklsd.com — Cisco Umbrella Rank: 40190	463 B
4	knmasdfsdgs.com direct2.knmasdfsdgs.com — Cisco Umbrella Rank: 40924	552 B
2	go2affise.com 2 redirects ttmma.go2affise.com — Cisco Umbrella Rank: 25667	572 B
2	apple.com apps.apple.com — Cisco Umbrella Rank: 798
2	onelink.me 2 redirects 1xbet.onelink.me — Cisco Umbrella Rank: 322921	619 B
2	refpa.top 2 redirects refpa.top — Cisco Umbrella Rank: 107987	893 B
2	gotrackier.com 1 redirects adstory.gotrackier.com — Cisco Umbrella Rank: 74149 adjar.gotrackier.com — Cisco Umbrella Rank: 45635	1 KB
2	visitdubai.com 1 redirects www.visitdubai.com — Cisco Umbrella Rank: 221064	222 B
1	whisursand.com trk.whisursand.com — Cisco Umbrella Rank: 28120
1	google.com www.google.com — Cisco Umbrella Rank: 13
1	zainzuri.com 1 redirects zainzuri.com — Cisco Umbrella Rank: 78406	520 B
1	bidrivo.com trk.bidrivo.com — Cisco Umbrella Rank: 80287	590 B
1	mobcho.com 1 redirects ad.mobcho.com — Cisco Umbrella Rank: 62445	266 B
0	soldbyphonder.com Failed direct4.soldbyphonder.com Failed
46	20

	Domain	Requested by
16	cpi-offers.com	11 redirects cpi-offers.com
8	offer.alibaba.com	4 redirects cpi-offers.com
8	t.9696.me	8 redirects
7	mookomedia.g2afse.com	6 redirects cpi-offers.com
7	apts.trckswrm.com	cpi-offers.com
6	c.allontrk.com	3 redirects cpi-offers.com
4	ad-experience.g2afse.com	4 redirects
4	zildd.g2afse.com	2 redirects cpi-offers.com
4	go2.lkjlkjkljsdflkjsdfklsfjklsd.com	3 redirects cpi-offers.com
4	direct2.knmasdfsdgs.com	cpi-offers.com
4	digitalfuture.g2afse.com	4 redirects
3	apply.g2afse.com	cpi-offers.com
3	appricotads.g2afse.com	2 redirects cpi-offers.com
3	olamob.g2afse.com	3 redirects
2	ttmma.go2affise.com	2 redirects
2	appalgo.g2afse.com	2 redirects
2	appitate.g2afse.com	1 redirects cpi-offers.com
2	apps.apple.com	cpi-offers.com
2	1xbet.onelink.me	2 redirects
2	refpa.top	2 redirects
2	aptrt.trckswrm.com	2 redirects
2	apply.trckswrm.com	cpi-offers.com
2	www.visitdubai.com	1 redirects cpi-offers.com
1	trk.whisursand.com	cpi-offers.com
1	www.google.com	cpi-offers.com
1	zainzuri.com	1 redirects
1	adjar.gotrackier.com	1 redirects
1	trk.bidrivo.com	cpi-offers.com
1	adstory.gotrackier.com	cpi-offers.com
1	ad.mobcho.com	1 redirects
1	md412.trckswrm.com	1 redirects
0	imagineads.g2afse.com Failed	cpi-offers.com
0	direct4.soldbyphonder.com Failed	cpi-offers.com
46	33

This site contains no links.

Subject Issuer	Validity	Valid
cpi-offers.com Amazon	`2021-10-26` - `2022-11-23`	a year	crt.sh
*.knmasdfsdgs.com Go Daddy Secure Certificate Authority - G2	`2021-07-14` - `2022-08-15`	a year	crt.sh
apts.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2021-12-16` - `2022-03-16`	3 months	crt.sh
apply.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2021-12-16` - `2022-03-16`	3 months	crt.sh
*.go2affise.com Go Daddy Secure Certificate Authority - G2	`2021-10-09` - `2022-11-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Frame ID: 143C3453636D12E3A1C3264A694E1C89
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

46
Requests

26 %
HTTPS

18 %
IPv6

20
Domains

33
Subdomains

18
IPs

5
Countries

7 kB
Transfer

12 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1065794&sub1=NCT_iphone_de_ofid12685126_pidundefined_sub1,_sub2,_sub3,_nat1_sub4_sub5&sub2=518700undefined_,&sub5=id1383187127 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://cpi-offers.com/aflinkref?prefix=https%3A//app.adjust.com/4ezb2sa%3F&idfa=7AC6438C-4C57-4084-93AC-4EE186AE7898&adgroup=518700616&creative=2&tracker_limit=10000000&event_callback_b919bt=http%3A%2F%2Fpostbacks.eu-central-1.elasticbeanstalk.com%2F1.php%3Fsum%3D40%26clickid%3DNCT_iphone_de_ofid7998344_pid616_sub1_sub22_sub3ElishaSL_nat2_sub4_sub5&redis=24

Request Chain 3

https://md412.trckswrm.com/click?offer_id=220260&pub_id=10&pub_click_id=NCT_iphone_de_ofid13045780_pidundefined_sub1,_sub2,_sub3,_nat3_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&app=id1383187127 HTTP 302
https://ad.mobcho.com/click?pid=252&offer_id=33&sub2=AtSTdw8AAAF-b76bcgADSVkAAAAHAAAAAw&sub3=7_10&sub1=&sub4=&sub5=id1383187127 HTTP 302
https://www.visitdubai.com/en/win-a-trip-with-rixos HTTP 301
https://www.visitdubai.com/en

Request Chain 6

https://nesto-dia.com/com.id1383187127?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd HTTP 302
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=193a71b9-78bf-11ec-9640-0a04092acbff

Request Chain 7

https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=12789778&sub1=,&sub2=,&sub3=,_nat7&sub4=CC1DE2F0-A869-4190-8A3D-94D4A0B97853&sub5=id1383187127&sub6=518700 HTTP 302
http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html

Request Chain 8

https://t.9696.me/click?pid=868&offer_id=148018&sub4=NCT_iphone_de_ofid12277221_pidundefined_sub1,_sub2,_sub3,_nat8_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id1383187127 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1383187127&sub1=868_4850undefined&sub2=868_4850undefined_, HTTP 302
https://offer.alibaba.com/cps/3ba4i0jh?tp1=61e75bcd4627fc0001e0e51f&pid=868_4850undefined&adid= HTTP 302
http://offer.alibaba.com/product/w404 HTTP 307
https://offer.alibaba.com/product/w404

Request Chain 9

https://olamob.g2afse.com/click?pid=7&offer_id=1162917&sub1=NCT_iphone_de_ofid13159613_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&sub2=518700undefined_,&sub4=id1383187127&sub8={sub8}|{offer_id},4850undefined HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=7&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://apply.trckswrm.com/click?offer_id=1359&pub_id=29&pub_click_id=NCT_iphone_de_ofid12586969_pid616_sub1_sub27_sub3OlaMobSL_nat3_sub4_sub5&pub_sub_id=518700616&pub_sub_sub_id=7&app=id1370475630

Request Chain 11

https://zildd.g2afse.com/click?pid=35&offer_id=3432353&sub1=NCT_iphone_de_ofid13076665_pidundefined_sub1,_sub2,_sub3,_nat11_sub4_sub5&sub2=518700undefined_,&sub3=id1383187127 HTTP 302
http://zildd.g2afse.com/disabled.html

Request Chain 13

https://mookomedia.g2afse.com/click?pid=42&offer_id=205494&sub1=NCT_iphone_de_ofid11976009_pidundefined_sub1,_sub2,_sub3,_nat13_sub4_sub5&sub4=518700undefined_,&sub3=CC1DE2F0-A869-4190-8A3D-94D4A0B97853&sub2=CC1DE2F0-A869-4190-8A3D-94D4A0B97853&sub5=id1383187127 HTTP 302
http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 HTTP 302
https://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 HTTP 302
http://mookomedia.g2afse.com/disabled.html HTTP 302
https://mookomedia.g2afse.com/disabled.html

Request Chain 14

https://appricotads.g2afse.com/click?pid=251&offer_id=439867&ref_id=NCT_iphone_de_ofid12781833_pidundefined_sub1,_sub2,_sub3,_nat14_sub4_sub5&sub1=251_4850undefined&sub2=,&sub6=id1383187127 HTTP 302
http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850undefined&sub2=,&sub3=&sub4=&sub5=251&sub6=251_4850undefined&sub7=,&sub8=439867 HTTP 302
http://appricotads.g2afse.com/disabled.html

Request Chain 15

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1744821&sub1=NCT_iphone_de_ofid13067266_pidundefined_sub1,_sub2,_sub3,_nat15_sub4_sub5&sub2=518700undefined_,&sub5=id1383187127 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://apply.g2afse.com/click?pid=3&offer_id=262112&sub1=NCT_iphone_de_ofid11601779_pid616_sub1_sub22_sub3ElishaSL_nat11_sub4_sub5&sub4=id1487602320&sub2=518700616_2

Request Chain 17

https://ad-experience.g2afse.com/click?pid=2&offer_id=685182&sub1=NCT_iphone_de_ofid13168978_pidundefined_sub1,_sub2,_sub3,_nat17_sub4_sub5&sub2=518700undefined_,&sub5=id1383187127 HTTP 302
https://olamob.g2afse.com/click?pid=38&offer_id=1157811&sub1=61e75bcdfb85d60001f71b44&sub2=2_518700undefined_,&sub3=&sub4=id1383187127&sub8=|685182,2 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://digitalfuture.g2afse.com/click?pid=2&offer_id=1065794&sub1=NCT_iphone_de_ofid12685126_pid616_sub1_sub238_sub3OlaMobSL_nat1_sub4_sub5&sub2=518700616_38&sub5=id1083982226 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13075408&sub1=&sub2=2&sub3=ElishaSL_nat10&sub4=37087771-2E46-4A9E-AD7A-BD01C5937268&sub5=id1400134578&sub6=518700 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=12789778&sub1=&sub2=&sub3=TbLabq_nat7&sub4=E9C5A23A-5A9D-40ED-B15A-5B001DD3BB55&sub5=id1407852246&sub6=518700 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_de_ofid10910945_pid616_sub1_sub2_sub3TbLabq_nat3_sub4_sub5&sub1=729_4850616&sub2=729_4850616_&sub3=id311785642&sub7=id311785642 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id311785642&sub1=729_4850616&sub2=729_4850616_ HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=61e75bcd15927100013330b0&pid=729_4850616&adid= HTTP 302
http://offer.alibaba.com/product/w404 HTTP 307
https://offer.alibaba.com/product/w404

Request Chain 18

https://imagineads.g2afse.com/click?pid=59&offer_id=7052&sub1=NCT_iphone_de_ofid13034877_pidundefined_sub1,_sub2,_sub3,_nat18_sub4_sub5&sub2=518700undefined_,&sub4=id1383187127&sub5=id1383187127 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7052 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294

Request Chain 19

https://imagineads.g2afse.com/click?pid=59&offer_id=7074&sub1=NCT_iphone_de_ofid13034893_pidundefined_sub1,_sub2,_sub3,_nat19_sub4_sub5&sub2=518700undefined_,&sub4=id1383187127&sub5=id1383187127 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7074 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
https://imagineads.g2afse.com/click?pid=5&offer_id=7294

Request Chain 21

https://ad-experience.g2afse.com/click?pid=2&offer_id=668632&sub1=NCT_iphone_de_ofid12917220_pidundefined_sub1,_sub2,_sub3,_nat21_sub4_sub5&sub2=518700undefined_,&sub5=id1383187127 HTTP 302
https://adstory.gotrackier.com/click?campaign_id=219940&pub_id=103&p1=61e75bcd2d3a94000104dfc5&source=2_518700undefined_,&p2=518700undefined_,&gaid=&idfa=&app_name=id1383187127&app_id=

Request Chain 24

https://c.allontrk.com/click?offer_id=210931&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071147_pidundefined_sub1,_sub2,_sub3,_nat24_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&app=id1383187127 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 25

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1586966&sub1=NCT_iphone_de_ofid12686706_pidundefined_sub1,_sub2,_sub3,_nat25_sub4_sub5&sub2=518700undefined_,&sub5=id1383187127 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://nesto-dia.com/com.id1502447854?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd HTTP 302
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=193a71b6-78bf-11ec-90f4-126b985f9441

Request Chain 27

https://ad-experience.g2afse.com/click?pid=2&offer_id=687029&sub1=NCT_iphone_de_ofid13189303_pidundefined_sub1,_sub2,_sub3,_nat27_sub4_sub5&sub2=518700undefined_,&sub5=id1383187127 HTTP 302
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=687029&sub3=2 HTTP 302
https://olamob.g2afse.com/click?pid=38&offer_id=1179195&sub1=61e75bcd0ebe230001c7575b&sub2=1_687029&sub3=2&sub4=&sub8=|686862,1 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=518700616&q=

Request Chain 28

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1669287&sub1=NCT_iphone_de_ofid12705344_pidundefined_sub1,_sub2,_sub3,_nat28_sub4_sub5&sub2=518700undefined_,&sub5=id1383187127 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=12789778&sub1=&sub2=2&sub3=ElishaSL_nat7&sub4=9BE97FC2-CD95-4EA4-B2FA-15D89EC7BCEA&sub5=id1184083151&sub6=518700 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://nesto-dia.com/com.id1347129450?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd HTTP 302
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=193a4aa3-78bf-11ec-8e4a-12f0ebb20931

Request Chain 30

https://c.allontrk.com/click?offer_id=218102&pub_id=636&pub_click_id=NCT_iphone_de_ofid13195300_pidundefined_sub1,_sub2,_sub3,_nat30_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&app=id1383187127 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 31

https://c.allontrk.com/click?offer_id=206813&pub_id=636&pub_click_id=NCT_iphone_de_ofid13070667_pidundefined_sub1,_sub2,_sub3,_nat31_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&app=id1383187127 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 32

https://aptrt.trckswrm.com/click?offer_id=853&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid9525498_pidundefined_sub1,_sub2,_sub3,_nat32_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&app=id1383187127 HTTP 302
http://refpa.top/L?tag=d_925829m_36193c_128_{sale_amount}&pb=0cae1626b717456486334b85e6707e40&click_id=Aq7Wnk0AAAF-b76bfQAAA1UAAAAdAAAAAA HTTP 307
https://refpa.top/L?tag=d_925829m_36193c_128_{sale_amount}&pb=0cae1626b717456486334b85e6707e40&click_id=Aq7Wnk0AAAF-b76bfQAAA1UAAAAdAAAAAA HTTP 303
https://1xbet.onelink.me/2qRg?deep_link_value=registration&af_dp=1xbet%3A%2F%2Fregistration/registration&is_retargeting=true&tag=d_925829m_36193c_128_%7bsale_amount%7d&pb=0cae1626b717456486334b85e6707e40&click_id=Aq7Wnk0AAAF-b76bfQAAA1UAAAAdAAAAAA&pid=d_925829m_36193c_128_{sale_amount}&c=d_925829m_36193c_128_{sale_amount}&af_sub1=0cae1626b717456486334b85e6707e40&af_sub2=Aq7Wnk0AAAF-b76bfQAAA1UAAAAdAAAAAA HTTP 302
https://apps.apple.com/US/app/id844035425?mt=8

Request Chain 33

https://t.9696.me/click?pid=868&offer_id=149282&sub4=NCT_iphone_de_ofid12277218_pidundefined_sub1,_sub2,_sub3,_nat33_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id1383187127 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1383187127&sub1=868_4850undefined&sub2=868_4850undefined_, HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=61e75bcd7bf1650001589305&pid=868_4850undefined&adid= HTTP 302
http://offer.alibaba.com/product/w404 HTTP 307
https://offer.alibaba.com/product/w404

Request Chain 34

https://adjar.gotrackier.com/click?campaign_id=1405&pub_id=104&p1=NCT_iphone_de_ofid12786657_pidundefined_sub1,_sub2,_sub3,_nat34_sub4_sub5&source=518700undefined_,&app_name=id1383187127 HTTP 302
https://appitate.g2afse.com/click?pid=7789&offer_id=%20567150&sub161e75bcdce69cf034c29edf7&sub2=104_518700undefined_,&sub3=&sub5=id1383187127 HTTP 302
http://appitate.g2afse.com/disabled.html

Request Chain 35

https://mookomedia.g2afse.com/click?pid=42&offer_id=332985&sub1=NCT_iphone_de_ofid13173764_pidundefined_sub1,_sub2,_sub3,_nat35_sub4_sub5&sub4=518700undefined_,&sub5=id1383187127 HTTP 302
https://appalgo.g2afse.com/click?pid=304&offer_id=96331&sub1=61e75bcdd5b6960001083d72&sub2=42_518700undefined_,&sub3=&sub4=&sub5=id1383187127 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0 HTTP 302
https://cpi-offers.com/aflinkref?prefix=https%3A//app.adjust.com/d4qsr6r%3F&deeplink=com.tipp24.app%3A%2F%2Fopen_native_view%3Fname%3Dhome%26partnerId%3D1COAUAPHDR&idfa=AB3EEE3C-ACC1-4776-8270-20F55A38DDED&adgroup=518700616&creative=304&tracker_limit=10000000&event_callback_1vh3pr=http%3A%2F%2Fpostbacks.eu-central-1.elasticbeanstalk.com%2F1.php%3Fsum%3D25%26clickid%3DNCT_iphone_de_ofid7315478_pid616_sub1_sub2304_sub3appalgorem_nat1_sub4_sub5&redis=24

Request Chain 36

https://mookomedia.g2afse.com/click?pid=42&offer_id=203536&sub1=NCT_iphone_de_ofid11753492_pidundefined_sub1,_sub2,_sub3,_nat36_sub4_sub5&sub4=518700undefined_,&sub5=id1383187127 HTTP 302
https://appalgo.g2afse.com/click?pid=304&offer_id=88496&sub1=61e75bcd44b8750001b2954e&sub2=42_518700undefined_,&sub3=&sub4=&sub5=id1383187127 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0 HTTP 302
https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=518700616&q=

Request Chain 38

https://t.9696.me/click?pid=868&offer_id=147243&sub4=NCT_iphone_de_ofid12754665_pidundefined_sub1,_sub2,_sub3,_nat38_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id1383187127 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1383187127&sub1=868_4850undefined&sub2=868_4850undefined_, HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=61e75bcd451a82000153ea16&pid=868_4850undefined&adid= HTTP 302
http://offer.alibaba.com/product/w404 HTTP 307
https://offer.alibaba.com/product/w404

Request Chain 40

https://zildd.g2afse.com/click?pid=35&offer_id=3428509&sub1=NCT_iphone_de_ofid13063121_pidundefined_sub1,_sub2,_sub3,_nat40_sub4_sub5&sub2=518700undefined_,&sub3=id1383187127&sub4=CC1DE2F0-A869-4190-8A3D-94D4A0B97853 HTTP 302
http://zildd.g2afse.com/disabled.html

Request Chain 41

https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
https://www.google.com/

Request Chain 42

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1744821&sub1=NCT_iphone_de_ofid13067266_pidundefined_sub1,_sub2,_sub3,_nat15_sub4_sub5&sub2=518700undefined_,&sub5=id1383187127 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://ttmma.go2affise.com/click?pid=21&offer_id=543742&sub1=NCT_iphone_de_ofid13188837_pid616_sub1_sub22_sub3ElishaSL_nat13_sub4_sub5&sub2=518700616_2&sub3=EB0AE6A7-5447-43F4-9984-B7A00943A307&sub4=EB0AE6A7-5447-43F4-9984-B7A00943A307&sub5=id1452992954 HTTP 302
https://ttmma.go2affise.com/click?pid=17&offer_id=543704&sub1=&sub2=21&sub4=EB0AE6A7-5447-43F4-9984-B7A00943A307&sub5=id1452992954&sub6=&sub8= HTTP 302
https://trk.whisursand.com/click?affid=25&clickid=61e75bce146ed50001efb1c6&category=01&androidid=&iosidfa=EB0AE6A7-5447-43F4-9984-B7A00943A307

Request Chain 44

https://aptrt.trckswrm.com/click?offer_id=853&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid9525498_pidundefined_sub1,_sub2,_sub3,_nat32_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&app=id1383187127 HTTP 302
http://refpa.top/L?tag=d_925829m_36193c_128_{sale_amount}&pb=0cae1626b717456486334b85e6707e40&click_id=Av1fVU4AAAF-b76ecwAAA1UAAAAdAAAAAA HTTP 307
https://refpa.top/L?tag=d_925829m_36193c_128_{sale_amount}&pb=0cae1626b717456486334b85e6707e40&click_id=Av1fVU4AAAF-b76ecwAAA1UAAAAdAAAAAA HTTP 303
https://1xbet.onelink.me/2qRg?deep_link_value=registration&af_dp=1xbet%3A%2F%2Fregistration/registration&is_retargeting=true&tag=d_925829m_36193c_128_%7bsale_amount%7d&pb=0cae1626b717456486334b85e6707e40&click_id=Av1fVU4AAAF-b76ecwAAA1UAAAAdAAAAAA&pid=d_925829m_36193c_128_{sale_amount}&c=d_925829m_36193c_128_{sale_amount}&af_sub1=0cae1626b717456486334b85e6707e40&af_sub2=Av1fVU4AAAF-b76ecwAAA1UAAAAdAAAAAA HTTP 302
https://apps.apple.com/US/app/id844035425?mt=8

46 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request FANTASTIC.HTML Show response cpi-offers.com/	10 KB 2 KB	19ms 11ms	Document text/html	54.93.38.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 54.93.38.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-38-64.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `9d6f0216a60a76dcae913c3793bfcad99b1ec3b17b104f0f7d000042f00a412c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Wed, 19 Jan 2022 00:31:09 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Server nginx/1.14.1 X-Powered-By Express Access-Control-Allow-Origin * ETag W/"264a-0vdppYDWNT6OLwUVSBJI/FioH3I" Vary Accept-Encoding Content-Encoding gzip
GET H/1.1	200 OK	main.js Show response cpi-offers.com/jsf/	3 KB 1 KB	9ms 8ms	Script application/javascript	54.93.38.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cpi-offers.com/jsf/main.js Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 54.93.38.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-38-64.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 19 Jan 2022 00:31:09 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Mon, 27 Dec 2021 10:42:10 GMT Server nginx/1.14.1 X-Powered-By Express Etag "292075-2720-1640601730000" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin * cache-control max-age=3600 Connection keep-alive
GET H2	200	aflinkref cpi-offers.com/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=1065794&sub1=NCT_iphone_de_ofid12685126_pidundefined_sub1,_sub2,_sub3,_nat1_sub4_sub5&sub2=518700undefined_,&sub5=id1383187127 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://cpi-offers.com/aflinkref?prefix=https%3A//app.adjust.com/4ezb2sa%3F&idfa=7AC6438C-4C57-4084-93AC-4EE186AE7898&adgroup=518700616&creative=2&tracker_limit=10000000&event_callback_b919bt=http%...	2 B 230 B	13ms 13ms	Stylesheet text/plain	54.93.38.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/aflinkref?prefix=https%3A//app.adjust.com/4ezb2sa%3F&idfa=7AC6438C-4C57-4084-93AC-4EE186AE7898&adgroup=518700616&creative=2&tracker_limit=10000000&event_callback_b919bt=http%3A%2F%2Fpostbacks.eu-central-1.elasticbeanstalk.com%2F1.php%3Fsum%3D40%26clickid%3DNCT_iphone_de_ofid7998344_pid616_sub1_sub22_sub3ElishaSL_nat2_sub4_sub5&redis=24 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 54.93.38.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-38-64.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:09 GMT content-encoding gzip etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" server nginx/1.14.1 x-powered-by Express vary Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * Redirect headers date Wed, 19 Jan 2022 00:31:09 GMT content-encoding gzip server nginx/1.14.1 location https://cpi-offers.com/aflinkref?prefix=https%3A//app.adjust.com/4ezb2sa%3F&idfa=7AC6438C-4C57-4084-93AC-4EE186AE7898&adgroup=518700616&creative=2&tracker_limit=10000000&event_callback_b919bt=http%3A%2F%2Fpostbacks.eu-central-1.elasticbeanstalk.com%2F1.php%3Fsum%3D40%26clickid%3DNCT_iphone_de_ofid7998344_pid616_sub1_sub22_sub3ElishaSL_nat2_sub4_sub5&redis=24 x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H2	200	aflinkref cpi-offers.com/	2 B 231 B	31ms 9ms	Stylesheet text/plain	54.93.38.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/aflinkref?prefix=https%3A//app.adjust.com/4ezb2sa%3F&idfa=CC1DE2F0-A869-4190-8A3D-94D4A0B97853&adgroup=518700undefined&creative=,&tracker_limit=10000000&event_callback_b919bt=http%3A%2F%2Fpostbacks.eu-central-1.elasticbeanstalk.com%2F1.php%3Fsum%3D40%26clickid%3DNCT_iphone_de_ofid7998344_pidundefined_sub1,_sub2,_sub3,_nat2_sub4_sub5&redis=24 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.93.38.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-38-64.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:09 GMT content-encoding gzip etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" server nginx/1.14.1 x-powered-by Express vary Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H2	200	en www.visitdubai.com/ Redirect Chain https://md412.trckswrm.com/click?offer_id=220260&pub_id=10&pub_click_id=NCT_iphone_de_ofid13045780_pidundefined_sub1,_sub2,_sub3,_nat3_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&app=id13... https://ad.mobcho.com/click?pid=252&offer_id=33&sub2=AtSTdw8AAAF-b76bcgADSVkAAAAHAAAAAw&sub3=7_10&sub1=&sub4=&sub5=id1383187127 https://www.visitdubai.com/en/win-a-trip-with-rixos https://www.visitdubai.com/en	0 0	100ms 100ms	Stylesheet text/html	2a02:26f0:1700:798::374e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.visitdubai.com/en Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 2a02:26f0:1700:798::374e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Wed, 19 Jan 2022 00:31:09 GMT server AkamaiGHost strict-transport-security max-age=31536000 ; includeSubDomains ; preload location https://www.visitdubai.com/en cache-control max-age=0 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 0 expires Wed, 19 Jan 2022 00:31:09 GMT
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	351ms 161ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=518700undefined&q= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 19 Jan 2022 00:31:09 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	333ms 140ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=518700undefined&q= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 19 Jan 2022 00:31:09 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET		redirect direct4.soldbyphonder.com/ Redirect Chain https://nesto-dia.com/com.id1383187127?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=193a71b9-78bf-11ec-9640-0a04092acbff	0 0

GET H/1.1	200 OK	disabled.html go2.lkjlkjkljsdflkjsdfklsfjklsd.com/ Redirect Chain https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=12789778&sub1=,&sub2=,&sub3=,_nat7&sub4=CC1DE2F0-A869-4190-8A3D-94D4A0B97853&sub5=id1383187127&sub6=518700 http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html	0 0	31ms 16ms	Stylesheet text/html	213.227.134.202 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 213.227.134.202 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html date Wed, 19 Jan 2022 00:31:09 GMT server nginx access-control-allow-origin * content-length 0
GET H2	200	w404 offer.alibaba.com/product/ Redirect Chain https://t.9696.me/click?pid=868&offer_id=148018&sub4=NCT_iphone_de_ofid12277221_pidundefined_sub1,_sub2,_sub3,_nat8_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id1383187127 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1383187127&sub1=868_4850undefined&sub2=868_4850undefined_, https://offer.alibaba.com/cps/3ba4i0jh?tp1=61e75bcd4627fc0001e0e51f&pid=868_4850undefined&adid= http://offer.alibaba.com/product/w404 https://offer.alibaba.com/product/w404	0 0	122ms 122ms	Stylesheet text/html	104.111.243.137 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/product/w404 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-137.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers Location https://offer.alibaba.com/product/w404 Non-Authoritative-Reason HSTS
GET H/1.1	200 OK	click apply.trckswrm.com/ Redirect Chain https://olamob.g2afse.com/click?pid=7&offer_id=1162917&sub1=NCT_iphone_de_ofid13159613_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&sub2=518700undefined_,&sub4=id1383187127&sub8={sub8}\|{offer_id},... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=7&udid=&name=&info=OlaMobSL&blockTime=0 https://apply.trckswrm.com/click?offer_id=1359&pub_id=29&pub_click_id=NCT_iphone_de_ofid12586969_pid616_sub1_sub27_sub3OlaMobSL_nat3_sub4_sub5&pub_sub_id=518700616&pub_sub_sub_id=7&app=id1370475630	0 75 B	13ms 11ms	Stylesheet text/plain	5.9.5.202 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apply.trckswrm.com/click?offer_id=1359&pub_id=29&pub_click_id=NCT_iphone_de_ofid12586969_pid616_sub1_sub27_sub3OlaMobSL_nat3_sub4_sub5&pub_sub_id=518700616&pub_sub_sub_id=7&app=id1370475630 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 5.9.5.202 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.202.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:09 GMT content-length 0 Redirect headers date Wed, 19 Jan 2022 00:31:09 GMT content-encoding gzip server nginx/1.14.1 location https://apply.trckswrm.com/click?offer_id=1359&pub_id=29&pub_click_id=NCT_iphone_de_ofid12586969_pid616_sub1_sub27_sub3OlaMobSL_nat3_sub4_sub5&pub_sub_id=518700616&pub_sub_sub_id=7&app=id1370475630 x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	39ms 13ms	Stylesheet text/plain	5.9.5.210 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=607940&pub_id=10&pub_click_id=NCT_iphone_de_ofid12923347_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&gaid=CC1DE2F0-A869-4190-8A3D-94D4A0B97853&idfa=CC1DE2F0-A869-4190-8A3D-94D4A0B97853&app=id1383187127 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.5.210 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.210.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:09 GMT content-length 0
GET H/1.1	200 OK	disabled.html zildd.g2afse.com/ Redirect Chain https://zildd.g2afse.com/click?pid=35&offer_id=3432353&sub1=NCT_iphone_de_ofid13076665_pidundefined_sub1,_sub2,_sub3,_nat11_sub4_sub5&sub2=518700undefined_,&sub3=id1383187127 http://zildd.g2afse.com/disabled.html	0 0	31ms 16ms	Stylesheet text/html	213.227.134.202 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://zildd.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 213.227.134.202 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location http://zildd.g2afse.com/disabled.html date Wed, 19 Jan 2022 00:31:09 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	39ms 14ms	Stylesheet text/plain	5.9.5.210 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=256050&pub_id=10&pub_click_id=NCT_iphone_de_ofid11533942_pidundefined_sub1,_sub2,_sub3,_nat12_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&app=id1383187127 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.5.210 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.210.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:09 GMT content-length 0
GET H2	200	disabled.html mookomedia.g2afse.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=205494&sub1=NCT_iphone_de_ofid11976009_pidundefined_sub1,_sub2,_sub3,_nat13_sub4_sub5&sub4=518700undefined_,&sub3=CC1DE2F0-A869-4190-8A3D-94D4A0B... http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 https://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106 http://mookomedia.g2afse.com/disabled.html https://mookomedia.g2afse.com/disabled.html	0 0	14ms 14ms	Stylesheet text/html	213.227.135.207 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://mookomedia.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 213.227.135.207 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers Location https://mookomedia.g2afse.com/disabled.html Date Wed, 19 Jan 2022 00:31:09 GMT Server nginx Connection keep-alive Content-Length 138 Content-Type text/html
GET H/1.1	200 OK	disabled.html appricotads.g2afse.com/ Redirect Chain https://appricotads.g2afse.com/click?pid=251&offer_id=439867&ref_id=NCT_iphone_de_ofid12781833_pidundefined_sub1,_sub2,_sub3,_nat14_sub4_sub5&sub1=251_4850undefined&sub2=,&sub6=id1383187127 http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850undefined&sub2=,&sub3=&sub4=&sub5=251&sub6=251_4850undefined&sub7=,&sub8=439867 http://appricotads.g2afse.com/disabled.html	0 0	15ms 14ms	Stylesheet text/html	213.227.134.200 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://appricotads.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 213.227.134.200 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers Location http://appricotads.g2afse.com/disabled.html Date Wed, 19 Jan 2022 00:31:09 GMT Server nginx Connection keep-alive Access-Control-Allow-Origin * Content-Length 0
GET H2	404	click apply.g2afse.com/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=1744821&sub1=NCT_iphone_de_ofid13067266_pidundefined_sub1,_sub2,_sub3,_nat15_sub4_sub5&sub2=518700undefined_,&sub5=id1383187127 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://apply.g2afse.com/click?pid=3&offer_id=262112&sub1=NCT_iphone_de_ofid11601779_pid616_sub1_sub22_sub3ElishaSL_nat11_sub4_sub5&sub4=id1487602320&sub2=518700616_2	0 0	17ms 16ms	Stylesheet text/html	213.227.135.235 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apply.g2afse.com/click?pid=3&offer_id=262112&sub1=NCT_iphone_de_ofid11601779_pid616_sub1_sub22_sub3ElishaSL_nat11_sub4_sub5&sub4=id1487602320&sub2=518700616_2 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 213.227.135.235 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Wed, 19 Jan 2022 00:31:09 GMT content-encoding gzip server nginx/1.14.1 location https://apply.g2afse.com/click?pid=3&offer_id=262112&sub1=NCT_iphone_de_ofid11601779_pid616_sub1_sub22_sub3ElishaSL_nat11_sub4_sub5&sub4=id1487602320&sub2=518700616_2 x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	39ms 14ms	Stylesheet text/plain	5.9.5.210 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=194182&pub_id=10&pub_click_id=NCT_iphone_de_ofid13082240_pidundefined_sub1,_sub2,_sub3,_nat16_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&app=id1383187127 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.5.210 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.210.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:09 GMT content-length 0
GET H2	200	w404 offer.alibaba.com/product/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=685182&sub1=NCT_iphone_de_ofid13168978_pidundefined_sub1,_sub2,_sub3,_nat17_sub4_sub5&sub2=518700undefined_,&sub5=id1383187127 https://olamob.g2afse.com/click?pid=38&offer_id=1157811&sub1=61e75bcdfb85d60001f71b44&sub2=2_518700undefined_,&sub3=&sub4=id1383187127&sub8=\|685182,2 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 https://digitalfuture.g2afse.com/click?pid=2&offer_id=1065794&sub1=NCT_iphone_de_ofid12685126_pid616_sub1_sub238_sub3OlaMobSL_nat1_sub4_sub5&sub2=518700616_38&sub5=id1083982226 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13075408&sub1=&sub2=2&sub3=ElishaSL_nat10&sub4=37087771-2E46-4A9E-AD7A-BD01C5937268&sub5=id1400134578&sub6=518700 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=12789778&sub1=&sub2=&sub3=TbLabq_nat7&sub4=E9C5A23A-5A9D-40ED-B15A-5B001DD3BB55&sub5=id1407852246&sub6=518700 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_de_ofid10910945_pid616_sub1_sub2_sub3TbLabq_nat3_sub4_sub5&sub1=729_4850616&sub2=729_4850616_&sub3=id311785642&sub7=id311785642 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id311785642&sub1=729_4850616&sub2=729_4850616_ https://offer.alibaba.com/cps/rq9rg325?tp1=61e75bcd15927100013330b0&pid=729_4850616&adid= http://offer.alibaba.com/product/w404 https://offer.alibaba.com/product/w404	0 0	126ms 126ms	Stylesheet text/html	104.111.243.137 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/product/w404 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-137.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers Location https://offer.alibaba.com/product/w404 Non-Authoritative-Reason HSTS
GET		click imagineads.g2afse.com/ Redirect Chain https://imagineads.g2afse.com/click?pid=59&offer_id=7052&sub1=NCT_iphone_de_ofid13034877_pidundefined_sub1,_sub2,_sub3,_nat18_sub4_sub5&sub2=518700undefined_,&sub4=id1383187127&sub5=id1383187127 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7052 https://imagineads.g2afse.com/click?pid=59&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294	0 0

GET		click imagineads.g2afse.com/ Redirect Chain https://imagineads.g2afse.com/click?pid=59&offer_id=7074&sub1=NCT_iphone_de_ofid13034893_pidundefined_sub1,_sub2,_sub3,_nat19_sub4_sub5&sub2=518700undefined_,&sub4=id1383187127&sub5=id1383187127 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7074 https://imagineads.g2afse.com/click?pid=59&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294	0 0

GET H/1.1	200 OK	click apply.trckswrm.com/	0 75 B	42ms 12ms	Stylesheet text/plain	5.9.5.202 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apply.trckswrm.com/click?offer_id=36862&pub_id=29&pub_click_id=NCT_iphone_de_ofid13185683_pidundefined_sub1,_sub2,_sub3,_nat20_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&app=id1383187127&idfa=CC1DE2F0-A869-4190-8A3D-94D4A0B97853&gaid=CC1DE2F0-A869-4190-8A3D-94D4A0B97853 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.5.202 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.202.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:09 GMT content-length 0
GET H2	200	click adstory.gotrackier.com/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=668632&sub1=NCT_iphone_de_ofid12917220_pidundefined_sub1,_sub2,_sub3,_nat21_sub4_sub5&sub2=518700undefined_,&sub5=id1383187127 https://adstory.gotrackier.com/click?campaign_id=219940&pub_id=103&p1=61e75bcd2d3a94000104dfc5&source=2_518700undefined_,&p2=518700undefined_,&gaid=&idfa=&app_name=id1383187127&app_id=	73 B 385 B	143ms 142ms	Stylesheet text/html	2606:4700:3039::6815:c09f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adstory.gotrackier.com/click?campaign_id=219940&pub_id=103&p1=61e75bcd2d3a94000104dfc5&source=2_518700undefined_,&p2=518700undefined_,&gaid=&idfa=&app_name=id1383187127&app_id= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 2606:4700:3039::6815:c09f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `855b9690eae6e7c77720a0af402ce384989b86f3c55ad5caf6c960a0782dac32` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:09 GMT via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6cfbf565de616937-FRA report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqhbi7zsJUwPjHR2hiEtyzQvkpWWXwh9sHzWsYwuox8SUYGmiRRxHL7BXn%2BVTF2XNCTGIo%2BsJ8DL7keWWwCk4i93dduGCDrutlPdun5IPhl%2By8V%2BPhKQ7JraA%2FxEHEZf7ujohZzs8wVhGxqLBADbxSwMcFE0"}],"group":"cf-nel","max_age":604800} content-type text/html content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-rt 0 x-err OFFER_NOT_ACTIVE Redirect headers location https://adstory.gotrackier.com/click?campaign_id=219940&pub_id=103&p1=61e75bcd2d3a94000104dfc5&source=2_518700undefined_,&p2=518700undefined_,&gaid=&idfa=&app_name=id1383187127&app_id= date Wed, 19 Jan 2022 00:31:09 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	39ms 13ms	Stylesheet text/plain	5.9.5.210 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=332928&pub_id=10&pub_click_id=NCT_iphone_de_ofid11864299_pidundefined_sub1,_sub2,_sub3,_nat22_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&app=id1383187127 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.5.210 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.210.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:09 GMT content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	39ms 12ms	Stylesheet text/plain	5.9.5.210 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=427385&pub_id=55&pub_click_id=NCT_iphone_de_ofid12282048_pidundefined_sub1,_sub2,_sub3,_nat23_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&app=id1383187127 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.5.210 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.210.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:09 GMT content-length 0
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=210931&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071147_pidundefined_sub1,_sub2,_sub3,_nat24_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	26ms 15ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:09 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Wed, 19 Jan 2022 00:31:09 GMT referrer-policy no-referrer content-length 0
GET		redirect direct4.soldbyphonder.com/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=1586966&sub1=NCT_iphone_de_ofid12686706_pidundefined_sub1,_sub2,_sub3,_nat25_sub4_sub5&sub2=518700undefined_,&sub5=id1383187127 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://nesto-dia.com/com.id1502447854?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=193a71b6-78bf-11ec-90f4-126b985f9441	0 0

GET H2	404	click apply.g2afse.com/	0 0	60ms 13ms	Stylesheet text/html	213.227.135.235 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apply.g2afse.com/click?pid=3&offer_id=14467&sub1=NCT_iphone_de_ofid12667047_pidundefined_sub1,_sub2,_sub3,_nat26_sub4_sub5&sub4=id1383187127&sub2=518700undefined_, Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.235 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=687029&sub1=NCT_iphone_de_ofid13189303_pidundefined_sub1,_sub2,_sub3,_nat27_sub4_sub5&sub2=518700undefined_,&sub5=id1383187127 http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=687029&sub3=2 https://olamob.g2afse.com/click?pid=38&offer_id=1179195&sub1=61e75bcd0ebe230001c7575b&sub2=1_687029&sub3=2&sub4=&sub8=\|686862,1 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=518700616&q=	0 138 B	338ms 157ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=518700616&q= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 19 Jan 2022 00:31:09 GMT Server nginx Connection close Content-Type text/html; charset=utf-8 Redirect headers date Wed, 19 Jan 2022 00:31:09 GMT content-encoding gzip server nginx/1.14.1 location https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=518700616&q= x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET		redirect direct4.soldbyphonder.com/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=1669287&sub1=NCT_iphone_de_ofid12705344_pidundefined_sub1,_sub2,_sub3,_nat28_sub4_sub5&sub2=518700undefined_,&sub5=id1383187127 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=12789778&sub1=&sub2=2&sub3=ElishaSL_nat7&sub4=9BE97FC2-CD95-4EA4-B2FA-15D89EC7BCEA&sub5=id1184083151&sub6=518700 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://nesto-dia.com/com.id1347129450?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=193a4aa3-78bf-11ec-8e4a-12f0ebb20931	0 0

GET H2	200	click trk.bidrivo.com/	22 B 590 B	82ms 36ms	Stylesheet text/plain	2606:4700:3037::6815:4dc9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk.bidrivo.com/click?campaign_id=270344&pub_id=75&p1=NCT_iphone_de_ofid13165236_pidundefined_sub1,_sub2,_sub3,_nat29_sub4_sub5&source=518700undefined_,&app_name=id1383187127 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:4dc9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-err CSS_REQUEST via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare date Wed, 19 Jan 2022 00:31:09 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=872AP9oVS0VULcpd%2FYQ%2F7bbj7FbdSRqXCUWt3Oi6TkvGyoGXUZgHFmRvq0NtoMO6ju7a3KYdXhJ4UbNSspk%2BY7RiMj7XA6bCaAxYw6woPYH12UVkX53fvh43VepC2Gx8pjYMcGbBHk%2BrVykISzc%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 cf-ray 6cfbf565aa41535d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 22 x-rt 0
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=218102&pub_id=636&pub_click_id=NCT_iphone_de_ofid13195300_pidundefined_sub1,_sub2,_sub3,_nat30_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&app=id1383... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	26ms 16ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:09 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Wed, 19 Jan 2022 00:31:09 GMT referrer-policy no-referrer content-length 0
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=206813&pub_id=636&pub_click_id=NCT_iphone_de_ofid13070667_pidundefined_sub1,_sub2,_sub3,_nat31_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&app=id1383... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	26ms 15ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:09 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Wed, 19 Jan 2022 00:31:09 GMT referrer-policy no-referrer content-length 0
GET H2	404	id844035425 apps.apple.com/US/app/ Redirect Chain https://aptrt.trckswrm.com/click?offer_id=853&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid9525498_pidundefined_sub1,_sub2,_sub3,_nat32_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&a... http://refpa.top/L?tag=d_925829m_36193c_128_{sale_amount}&pb=0cae1626b717456486334b85e6707e40&click_id=Aq7Wnk0AAAF-b76bfQAAA1UAAAAdAAAAAA https://refpa.top/L?tag=d_925829m_36193c_128_{sale_amount}&pb=0cae1626b717456486334b85e6707e40&click_id=Aq7Wnk0AAAF-b76bfQAAA1UAAAAdAAAAAA https://1xbet.onelink.me/2qRg?deep_link_value=registration&af_dp=1xbet%3A%2F%2Fregistration/registration&is_retargeting=true&tag=d_925829m_36193c_128_%7bsale_amount%7d&pb=0cae1626b717456486334b85e6... https://apps.apple.com/US/app/id844035425?mt=8	0 0	275ms 213ms	Stylesheet text/html	2a02:26f0:1700:394::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/US/app/id844035425?mt=8 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 2a02:26f0:1700:394::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Wed, 19 Jan 2022 00:31:09 GMT via 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront) server http-kit x-amz-cf-pop FRA56-P2 strict-transport-security max-age=31536000; includeSubDomains x-cache Miss from cloudfront content-type application/octet-stream location https://apps.apple.com/US/app/id844035425?mt=8 content-length 0 x-amz-cf-id 2vf-8Shcl8DZS6vrK1X_CAzgpNdapPv5cpcWbbe8u6TiqEiRpdiEJA==
GET H2	200	w404 offer.alibaba.com/product/ Redirect Chain https://t.9696.me/click?pid=868&offer_id=149282&sub4=NCT_iphone_de_ofid12277218_pidundefined_sub1,_sub2,_sub3,_nat33_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id1383187127 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1383187127&sub1=868_4850undefined&sub2=868_4850undefined_, https://offer.alibaba.com/cps/rq9rg325?tp1=61e75bcd7bf1650001589305&pid=868_4850undefined&adid= http://offer.alibaba.com/product/w404 https://offer.alibaba.com/product/w404	0 0	124ms 124ms	Stylesheet text/html	104.111.243.137 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/product/w404 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-137.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers Location https://offer.alibaba.com/product/w404 Non-Authoritative-Reason HSTS
GET H/1.1	200 OK	disabled.html appitate.g2afse.com/ Redirect Chain https://adjar.gotrackier.com/click?campaign_id=1405&pub_id=104&p1=NCT_iphone_de_ofid12786657_pidundefined_sub1,_sub2,_sub3,_nat34_sub4_sub5&source=518700undefined_,&app_name=id1383187127 https://appitate.g2afse.com/click?pid=7789&offer_id=%20567150&sub161e75bcdce69cf034c29edf7&sub2=104_518700undefined_,&sub3=&sub5=id1383187127 http://appitate.g2afse.com/disabled.html	0 0	30ms 14ms	Stylesheet text/html	213.227.134.198 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://appitate.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 213.227.134.198 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location http://appitate.g2afse.com/disabled.html date Wed, 19 Jan 2022 00:31:09 GMT server nginx access-control-allow-origin * content-length 0
GET H2	200	aflinkref cpi-offers.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=332985&sub1=NCT_iphone_de_ofid13173764_pidundefined_sub1,_sub2,_sub3,_nat35_sub4_sub5&sub4=518700undefined_,&sub5=id1383187127 https://appalgo.g2afse.com/click?pid=304&offer_id=96331&sub1=61e75bcdd5b6960001083d72&sub2=42_518700undefined_,&sub3=&sub4=&sub5=id1383187127 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0 https://cpi-offers.com/aflinkref?prefix=https%3A//app.adjust.com/d4qsr6r%3F&deeplink=com.tipp24.app%3A%2F%2Fopen_native_view%3Fname%3Dhome%26partnerId%3D1COAUAPHDR&idfa=AB3EEE3C-ACC1-4776-8270-20F5...	2 B 230 B	31ms 31ms	Stylesheet text/plain	54.93.38.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/aflinkref?prefix=https%3A//app.adjust.com/d4qsr6r%3F&deeplink=com.tipp24.app%3A%2F%2Fopen_native_view%3Fname%3Dhome%26partnerId%3D1COAUAPHDR&idfa=AB3EEE3C-ACC1-4776-8270-20F55A38DDED&adgroup=518700616&creative=304&tracker_limit=10000000&event_callback_1vh3pr=http%3A%2F%2Fpostbacks.eu-central-1.elasticbeanstalk.com%2F1.php%3Fsum%3D25%26clickid%3DNCT_iphone_de_ofid7315478_pid616_sub1_sub2304_sub3appalgorem_nat1_sub4_sub5&redis=24 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 54.93.38.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-38-64.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:09 GMT content-encoding gzip etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" server nginx/1.14.1 x-powered-by Express vary Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * Redirect headers date Wed, 19 Jan 2022 00:31:09 GMT content-encoding gzip server nginx/1.14.1 location https://cpi-offers.com/aflinkref?prefix=https%3A//app.adjust.com/d4qsr6r%3F&deeplink=com.tipp24.app%3A%2F%2Fopen_native_view%3Fname%3Dhome%26partnerId%3D1COAUAPHDR&idfa=AB3EEE3C-ACC1-4776-8270-20F55A38DDED&adgroup=518700616&creative=304&tracker_limit=10000000&event_callback_1vh3pr=http%3A%2F%2Fpostbacks.eu-central-1.elasticbeanstalk.com%2F1.php%3Fsum%3D25%26clickid%3DNCT_iphone_de_ofid7315478_pid616_sub1_sub2304_sub3appalgorem_nat1_sub4_sub5&redis=24 x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=203536&sub1=NCT_iphone_de_ofid11753492_pidundefined_sub1,_sub2,_sub3,_nat36_sub4_sub5&sub4=518700undefined_,&sub5=id1383187127 https://appalgo.g2afse.com/click?pid=304&offer_id=88496&sub1=61e75bcd44b8750001b2954e&sub2=42_518700undefined_,&sub3=&sub4=&sub5=id1383187127 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0 https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=518700616&q=	0 138 B	281ms 98ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=518700616&q= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 19 Jan 2022 00:31:09 GMT Server nginx Connection close Content-Type text/html; charset=utf-8 Redirect headers date Wed, 19 Jan 2022 00:31:09 GMT content-encoding gzip server nginx/1.14.1 location https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=518700616&q= x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	37ms 12ms	Stylesheet text/plain	5.9.5.210 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=530912&pub_id=55&pub_click_id=NCT_iphone_de_ofid12627780_pidundefined_sub1,_sub2,_sub3,_nat37_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&app=id1383187127 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.5.210 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.210.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:09 GMT content-length 0
GET H2	200	w404 offer.alibaba.com/product/ Redirect Chain https://t.9696.me/click?pid=868&offer_id=147243&sub4=NCT_iphone_de_ofid12754665_pidundefined_sub1,_sub2,_sub3,_nat38_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id1383187127 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1383187127&sub1=868_4850undefined&sub2=868_4850undefined_, https://offer.alibaba.com/cps/rq9rg325?tp1=61e75bcd451a82000153ea16&pid=868_4850undefined&adid= http://offer.alibaba.com/product/w404 https://offer.alibaba.com/product/w404	0 0	127ms 127ms	Stylesheet text/html	104.111.243.137 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/product/w404 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-137.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers Location https://offer.alibaba.com/product/w404 Non-Authoritative-Reason HSTS
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	56ms 13ms	Stylesheet text/plain	5.9.5.210 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=603961&pub_id=55&pub_click_id=NCT_iphone_de_ofid13167212_pidundefined_sub1,_sub2,_sub3,_nat39_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&app=id1383187127 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.5.210 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.210.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:09 GMT content-length 0
GET H/1.1	200 OK	disabled.html zildd.g2afse.com/ Redirect Chain https://zildd.g2afse.com/click?pid=35&offer_id=3428509&sub1=NCT_iphone_de_ofid13063121_pidundefined_sub1,_sub2,_sub3,_nat40_sub4_sub5&sub2=518700undefined_,&sub3=id1383187127&sub4=CC1DE2F0-A869-419... http://zildd.g2afse.com/disabled.html	0 0	31ms 14ms	Stylesheet text/html	213.227.134.202 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://zildd.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 213.227.134.202 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location http://zildd.g2afse.com/disabled.html date Wed, 19 Jan 2022 00:31:09 GMT server nginx access-control-allow-origin * content-length 0
GET H2	200	/ www.google.com/ Redirect Chain https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D https://www.google.com/	0 0	227ms 141ms	Stylesheet text/html	2a00:1450:4001:82f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Wed, 19 Jan 2022 00:31:09 GMT referrer-policy origin cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XT%2BCWRJbyuTCIMzYw7TM11NkXf85pdU27knkumApAQpE369ToIHB%2FhKSUU2JJhyDw3zjMYQg7z0Bh6eYnFR3m812XD1SSUa8kDNf4b5M8gh%2FDfDH7E3Tou%2ByVZmnGI%3D"}],"group":"cf-nel","max_age":604800} location https://www.google.com cf-ray 6cfbf5657bc68bb1-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	404	click trk.whisursand.com/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=1744821&sub1=NCT_iphone_de_ofid13067266_pidundefined_sub1,_sub2,_sub3,_nat15_sub4_sub5&sub2=518700undefined_,&sub5=id1383187127 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://ttmma.go2affise.com/click?pid=21&offer_id=543742&sub1=NCT_iphone_de_ofid13188837_pid616_sub1_sub22_sub3ElishaSL_nat13_sub4_sub5&sub2=518700616_2&sub3=EB0AE6A7-5447-43F4-9984-B7A00943A307&su... https://ttmma.go2affise.com/click?pid=17&offer_id=543704&sub1=&sub2=21&sub4=EB0AE6A7-5447-43F4-9984-B7A00943A307&sub5=id1452992954&sub6=&sub8= https://trk.whisursand.com/click?affid=25&clickid=61e75bce146ed50001efb1c6&category=01&androidid=&iosidfa=EB0AE6A7-5447-43F4-9984-B7A00943A307	0 0	309ms 99ms	Stylesheet text/html	23.22.219.199 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.whisursand.com/click?affid=25&clickid=61e75bce146ed50001efb1c6&category=01&androidid=&iosidfa=EB0AE6A7-5447-43F4-9984-B7A00943A307 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 23.22.219.199 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-22-219-199.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 00:31:10 GMT content-length 13 content-type text/html Redirect headers location https://trk.whisursand.com/click?affid=25&clickid=61e75bce146ed50001efb1c6&category=01&androidid=&iosidfa=EB0AE6A7-5447-43F4-9984-B7A00943A307 date Wed, 19 Jan 2022 00:31:10 GMT referer referrer-policy no-referrer server nginx access-control-allow-origin * content-length 0
GET H2	404	click apply.g2afse.com/	0 0	14ms 14ms	Stylesheet text/html	213.227.135.235 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apply.g2afse.com/click?pid=3&offer_id=14467&sub1=NCT_iphone_de_ofid12667047_pidundefined_sub1,_sub2,_sub3,_nat26_sub4_sub5&sub4=id1383187127&sub2=518700undefined_, Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.235 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H2	404	id844035425 apps.apple.com/US/app/ Redirect Chain https://aptrt.trckswrm.com/click?offer_id=853&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid9525498_pidundefined_sub1,_sub2,_sub3,_nat32_sub4_sub5&pub_sub_id=518700undefined&pub_sub_sub_id=,&a... http://refpa.top/L?tag=d_925829m_36193c_128_{sale_amount}&pb=0cae1626b717456486334b85e6707e40&click_id=Av1fVU4AAAF-b76ecwAAA1UAAAAdAAAAAA https://refpa.top/L?tag=d_925829m_36193c_128_{sale_amount}&pb=0cae1626b717456486334b85e6707e40&click_id=Av1fVU4AAAF-b76ecwAAA1UAAAAdAAAAAA https://1xbet.onelink.me/2qRg?deep_link_value=registration&af_dp=1xbet%3A%2F%2Fregistration/registration&is_retargeting=true&tag=d_925829m_36193c_128_%7bsale_amount%7d&pb=0cae1626b717456486334b85e6... https://apps.apple.com/US/app/id844035425?mt=8	0 0	764ms 764ms	Stylesheet text/html	2a02:26f0:1700:394::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/US/app/id844035425?mt=8 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=409&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 2a02:26f0:1700:394::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Wed, 19 Jan 2022 00:31:10 GMT via 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront) server http-kit x-amz-cf-pop FRA56-P2 strict-transport-security max-age=31536000; includeSubDomains x-cache Miss from cloudfront content-type application/octet-stream location https://apps.apple.com/US/app/id844035425?mt=8 content-length 0 x-amz-cf-id NdYlEuo2Gevwmv9R2wRIClgtcFbGnc7n5tNiAtilqey4sgWoqvQBgg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: direct4.soldbyphonder.com
URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=193a71b9-78bf-11ec-9640-0a04092acbff

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=5&offer_id=7294

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=5&offer_id=7294

Domain: direct4.soldbyphonder.com
URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=193a71b6-78bf-11ec-90f4-126b985f9441

Domain: direct4.soldbyphonder.com
URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=193a4aa3-78bf-11ec-8e4a-12f0ebb20931

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| urlB64ToUint8Array function| initializeUI function| subscribeUser function| updateSubscriptionOnServer

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mookomedia.g2afse.com/	1970-01-20 09:01:28	Name: afclick Value: 61e75bcd44b8750001b2954e
mookomedia.g2afse.com/	1970-01-20 09:01:28	Name: afoffers Value: {"203536":1642552269}
ad-experience.g2afse.com/	1970-01-20 09:01:28	Name: afclick Value: 61e75bcdfb85d60001f71b44
ad-experience.g2afse.com/	1970-01-20 09:01:28	Name: afoffers Value: {"685182":1642552269}
ad.mobcho.com/	1970-01-20 09:01:28	Name: afclick Value: 61e75bcd3e14e2000181391b
ad.mobcho.com/	1970-01-20 09:01:28	Name: afoffers Value: {"33":1642552269}
t.9696.me/	1970-01-20 09:01:28	Name: afclick Value: 61e75bcd15927100013330b0
.alibaba.com/	1969-12-31 23:59:59	Name: cookie2 Value: a9b73e7a5602aa2e298056f1c65c7a9d
.alibaba.com/	1970-01-23 13:41:53	Name: t Value: 0cd0d8b5c69445a8243b2826f835713e
.alibaba.com/	1969-12-31 23:59:59	Name: _tb_token_ Value: eb81a3e95a3a8
ttmma.go2affise.com/	1970-01-20 09:01:28	Name: afclick Value: 61e75bce146ed50001efb1c6
ttmma.go2affise.com/	1970-01-20 09:01:28	Name: afoffers Value: {"543704":1642552270}

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=14467&sub1=NCT_iphone_de_ofid12667047_pidundefined_sub1,_sub2,_sub3,_nat26_sub4_sub5&sub4=id1383187127&sub2=518700undefined_, Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=262112&sub1=NCT_iphone_de_ofid11601779_pid616_sub1_sub22_sub3ElishaSL_nat11_sub4_sub5&sub4=id1487602320&sub2=518700616_2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=193a71b6-78bf-11ec-90f4-126b985f9441 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=193a71b9-78bf-11ec-9640-0a04092acbff Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=193a4aa3-78bf-11ec-8e4a-12f0ebb20931 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://imagineads.g2afse.com/click?pid=5&offer_id=7294 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://imagineads.g2afse.com/click?pid=5&offer_id=7294 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://apps.apple.com/US/app/id844035425?mt=8 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.whisursand.com/click?affid=25&clickid=61e75bce146ed50001efb1c6&category=01&androidid=&iosidfa=EB0AE6A7-5447-43F4-9984-B7A00943A307 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=14467&sub1=NCT_iphone_de_ofid12667047_pidundefined_sub1,_sub2,_sub3,_nat26_sub4_sub5&sub4=id1383187127&sub2=518700undefined_, Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://apps.apple.com/US/app/id844035425?mt=8 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1xbet.onelink.me
ad-experience.g2afse.com
ad.mobcho.com
adjar.gotrackier.com
adstory.gotrackier.com
appalgo.g2afse.com
appitate.g2afse.com
apply.g2afse.com
apply.trckswrm.com
appricotads.g2afse.com
apps.apple.com
aptrt.trckswrm.com
apts.trckswrm.com
c.allontrk.com
cpi-offers.com
digitalfuture.g2afse.com
direct2.knmasdfsdgs.com
direct4.soldbyphonder.com
go2.lkjlkjkljsdflkjsdfklsfjklsd.com
imagineads.g2afse.com
md412.trckswrm.com
mookomedia.g2afse.com
offer.alibaba.com
olamob.g2afse.com
refpa.top
t.9696.me
trk.bidrivo.com
trk.whisursand.com
ttmma.go2affise.com
www.google.com
www.visitdubai.com
zainzuri.com
zildd.g2afse.com
direct4.soldbyphonder.com
imagineads.g2afse.com
104.111.243.137
104.21.66.249
18.66.97.59
185.33.87.146
212.7.209.71
213.227.134.198
213.227.134.200
213.227.134.202
213.227.134.240
213.227.135.207
213.227.135.209
213.227.135.213
213.227.135.229
213.227.135.231
213.227.135.235
23.22.219.199
2606:4700:3037::6815:4dc9
2606:4700:3039::6815:c09f
2a00:1450:4001:82f::2004
2a02:26f0:1700:394::2a1
2a02:26f0:1700:798::374e
5.9.5.202
5.9.5.210
5.9.6.124
5.9.6.203
54.93.38.64
83.147.204.15
88.99.70.114
1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6
3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
855b9690eae6e7c77720a0af402ce384989b86f3c55ad5caf6c960a0782dac32
9d6f0216a60a76dcae913c3793bfcad99b1ec3b17b104f0f7d000042f00a412c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cpi-offers.com Open in urlscan Pro 54.93.38.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

46 Requests

26 %HTTPS

18 %IPv6

20 Domains

33 Subdomains

18 IPs

5 Countries

7 kBTransfer

12 kBSize

12 Cookies

0 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

cpi-offers.com Open in urlscan Pro
54.93.38.64 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

26 %
HTTPS

18 %
IPv6

20
Domains

33
Subdomains

18
IPs

5
Countries

7 kB
Transfer

12 kB
Size

12
Cookies

46 HTTP transactions
0 data transactions