urlscan.io logo urlscan.io
SecurityTrails logo

cpi-offers.com Open in urlscan Pro
35.156.4.247  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://funwarcab.club/
Effective URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=E...
Submission Tags: falconsandbox
Submission: On December 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 19 domains to perform 53 HTTP transactions. The main IP is 35.156.4.247, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com.
TLS certificate: Issued by Amazon on October 26th 2021. Valid for: a year.
This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2607:fad0:380... 32244 (LIQUIDWEB)
1 1 198.134.116.30 27257 (WEBAIR-IN...)
2 5 35.156.4.247 16509 (AMAZON-02)
3 185.33.87.146 202015 (HZ-US-AS)
8 116.202.135.114 24940 (HETZNER-AS)
1 188.40.120.131 24940 (HETZNER-AS)
1 1 212.7.209.73 60781 (LEASEWEB-...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 3 213.227.156.21 60781 (LEASEWEB-...)
2 3.224.8.153 14618 (AMAZON-AES)
1 1 213.227.134.234 60781 (LEASEWEB-...)
1 1 213.227.135.231 60781 (LEASEWEB-...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 213.227.135.209 60781 (LEASEWEB-...)
1 1 52.222.236.18 16509 (AMAZON-02)
1 213.227.135.213 60781 (LEASEWEB-...)
1 1 213.227.134.198 60781 (LEASEWEB-...)
1 1 148.251.132.216 24940 (HETZNER-AS)
1 213.227.156.193 60781 (LEASEWEB-...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 172.67.166.138 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
53 13
2    2607:fad0:3801:4::1 (United States)

ASN32244 (LIQUIDWEB, US)
funwarcab.club
1    198.134.116.30 (Grapevine, United States)

ASN27257 (WEBAIR-INTERNET, US)
click.expmediadirect1.com
5    35.156.4.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-4-247.eu-central-1.compute.amazonaws.com
cpi-offers.com
3    185.33.87.146 (Ashburn, United States)

ASN202015 (HZ-US-AS, BG)
direct2.knmasdfsdgs.com
8    116.202.135.114 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.114.135.202.116.clients.your-server.de
apts.trckswrm.com
apply.trckswrm.com
1    188.40.120.131 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.131.120.40.188.clients.your-server.de
apnp.trckswrm.com
1    212.7.209.73 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
thingortwo.g2afse.com
2    2a02:26f0:6c00:288::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
apps.apple.com
3    213.227.156.21 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
nexamob.g2afse.com
2    3.224.8.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-8-153.compute-1.amazonaws.com
trk.ad-serving-ads.com
1    213.227.134.234 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ad-experience.g2afse.com
1    213.227.135.231 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
olamob.g2afse.com
2    2606:4700:10::6816:2356 (United States)

ASN13335 (CLOUDFLARENET, US)
settleads.gotrackier.com
1    213.227.135.209 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
cornerstore.go2affise.com
1    52.222.236.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-18.fra56.r.cloudfront.net
app.appsflyer.com
1    213.227.135.213 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
times25.go2affise.com
1    213.227.134.198 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
digitalfuture.g2afse.com
1    148.251.132.216 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.216.132.251.148.clients.your-server.de
md412.trckswrm.com
1    213.227.156.193 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
trafficred.g2afse.com
1    2606:4700:3036::ac43:d372 (United States)

ASN13335 (CLOUDFLARENET, US)
trk.bidrivo.com
1    172.67.166.138 (United States)

ASN13335 (CLOUDFLARENET, US)
zainzuri.com
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
6 apts.trckswrm.com cpi-offers.com
5 cpi-offers.com 2 redirects funwarcab.club
cpi-offers.com
3 nexamob.g2afse.com 3 redirects
3 direct2.knmasdfsdgs.com cpi-offers.com
2 apply.trckswrm.com cpi-offers.com
2 settleads.gotrackier.com cpi-offers.com
2 trk.ad-serving-ads.com cpi-offers.com
2 apps.apple.com cpi-offers.com
2 funwarcab.club funwarcab.club
1 www.google.com cpi-offers.com
1 zainzuri.com 1 redirects
1 trk.bidrivo.com cpi-offers.com
1 trafficred.g2afse.com cpi-offers.com
1 md412.trckswrm.com 1 redirects
1 digitalfuture.g2afse.com 1 redirects
1 times25.go2affise.com cpi-offers.com
1 app.appsflyer.com 1 redirects
1 cornerstore.go2affise.com 1 redirects
1 olamob.g2afse.com 1 redirects
1 ad-experience.g2afse.com 1 redirects
1 thingortwo.g2afse.com 1 redirects
1 apnp.trckswrm.com cpi-offers.com
1 click.expmediadirect1.com 1 redirects
0 clicks.rtad.io Failed cpi-offers.com
0 go.g2app.net Failed cpi-offers.com
0 c.allontrk.com Failed cpi-offers.com
0 brainadv.trckswrm.com Failed cpi-offers.com
0 il32.co Failed cpi-offers.com
0 mookomedia.g2afse.com Failed cpi-offers.com
0 imagineads.g2afse.com Failed cpi-offers.com
0 appitate.g2afse.com Failed cpi-offers.com
0 zorkamarket.g2afse.com Failed cpi-offers.com
0 zildd.g2afse.com Failed cpi-offers.com
0 offer.alibaba.com Failed cpi-offers.com
53 34

This site contains no links.

Subject Issuer Validity Valid
cpi-offers.com
Amazon		 2021-10-26 -
2022-11-23		 a year crt.sh
*.knmasdfsdgs.com
Go Daddy Secure Certificate Authority - G2		 2021-07-14 -
2022-08-15		 a year crt.sh
apts.trckswrm.com
ZeroSSL RSA Domain Secure Site CA		 2021-12-16 -
2022-03-16		 3 months crt.sh
apnp.trckswrm.com
ZeroSSL RSA Domain Secure Site CA		 2021-12-16 -
2022-03-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.go2affise.com
Go Daddy Secure Certificate Authority - G2		 2021-10-09 -
2022-11-10		 a year crt.sh
apply.trckswrm.com
ZeroSSL RSA Domain Secure Site CA		 2021-12-16 -
2022-03-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Frame ID: 9674EBB8FFB4BBC95F84B386780D957E
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://funwarcab.club/ Page URL
  2. http://funwarcab.club/page/bouncy.php?&bpae=GbhGd70m5Vx7jvMURpyjmk7JSaXQTRyQarcLrHupLGYt4f0iN75D%2... Page URL
  3. http://click.expmediadirect1.com/click?i=abjVLUvwUWU_0 HTTP 302
    https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.clu... Page URL

Page Statistics

53
Requests

32 %
HTTPS

23 %
IPv6

19
Domains

34
Subdomains

13
IPs

3
Countries

9 kB
Transfer

16 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://funwarcab.club/ Page URL
  2. http://funwarcab.club/page/bouncy.php?&bpae=GbhGd70m5Vx7jvMURpyjmk7JSaXQTRyQarcLrHupLGYt4f0iN75D%2Fn6W%2FNDaH4eoZzaeuQLmz6S5IzFwb5FVfsaIGWqcCWphcxuJw286ZQXWQXlCpmfE62ra7slFZB9glIoc5%2FD%2Bzud8AbD1IQ4RB0ET0w53%2FgAFWgpYFYafN9LKjM1mzXl1BDNex5nI6kcst0%2BpcaZCQ9NgjeE6afMkOChH2i5c2pUQ%2BapXc1xuAygms5af860G3QU1ilxOLlUxTsBTK2TVEozOVxxMs5%2Bowe4AdReNPhyRnhcyom8dje%2BLDBF74wjfILsY0Y4MvA8kROZAyW6cXRCohna2yi%2BaJiy5CZhDkqqVALL1Jpn%2B4jRb9xu4WTMXgIUkiLUkaJO9EQ3zibaVzduoQNPCWeb%2F2EGPl95zHd3lR%2FWIVZxQ3d%2BRAbnKHZlmPC3Eeg%3D%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. http://click.expmediadirect1.com/click?i=abjVLUvwUWU_0 HTTP 302
    https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_de_ofid10910945_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat1_sub4_sub5&sub1=729_48501032&sub2=729_48501032_225955_funwarcab.club&sub3=id284819997&sub7=id284819997 HTTP 302
  • https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id284819997&sub1=729_48501032&sub2=729_48501032_225955_funwarcab.club HTTP 302
  • https://offer.alibaba.com/cps/rq9rg325?tp1=61cb629f4627fc0001796aa6&pid=729_48501032&adid= HTTP 0
  • http://offer.alibaba.com/product/w404
Request Chain 9
  • https://appscogent.g2afse.com/click?pid=27&offer_id=570238&sub1=NCT_iphone_de_ofid13026064_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat7_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub5=id284819997 HTTP 302
  • https://allmarketing.g2afse.com/click?pid=778&offer_id=3147132&sub1=61cb629fdc53df0001c96b68&sub2=27_1158301032_225955_funwarcab.club&sub3=&sub3=&sub4=id284819997 HTTP 302
  • https://zorkamarket.g2afse.com/click?pid=860&offer_id=1894903&sub1=61cb629f9524d80001bfc250&sub2=778&sub3=
Request Chain 10
  • https://thingortwo.g2afse.com/click?pid=75&offer_id=44283&sub1=NCT_iphone_de_ofid12917944_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat8_sub4_sub5&sub2=75_48501032&sub3=225955_funwarcab.club&sub4=id284819997&sub5=236B7EAE-07FE-4729-86FC-D8EBD6AC880F HTTP 302
  • https://apps.apple.com/de/app/id1502397711
Request Chain 11
  • https://mookomedia.g2afse.com/click?pid=42&offer_id=265658&sub1=NCT_iphone_de_ofid12986312_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat9_sub4_sub5&sub4=1158301032_225955_funwarcab.club&sub5=id284819997 HTTP 302
  • https://allmarketing.g2afse.com/click?pid=779&offer_id=4814200&sub1=61cb629f4600210001336c5b&sub2=42_1158301032_225955_funwarcab.club&sub3=_&sub4=id284819997 HTTP 302
  • https://allmarketing.go2affise.com/sl?id=5f7bffbd1a6e4b187922525f&pid=652&sub1= HTTP 302
  • https://go.g2app.net/click?pid=647&offer_id=2087210&sub1=61cb629f86ff3e0001f06197&sub2=652 HTTP 302
  • https://aptrt.trckswrm.com/click?offer_id=19794&pub_id=67&pub_click_id=61cb629f2f402d0001ab19f6&pub_sub_id=647_652&pub_sub_sub_id=647_652&idfa=&gaid=&app= HTTP 302
  • https://appitate.g2afse.com/click?pid=8530&offer_id=39854&sub1=AmkwH4UAAAF-AnlBNwAAwnQAAACAAAAABQ&sub2=128_67&sub3=&sub3=&sub4=&sub5=
Request Chain 12
  • https://nexamob.g2afse.com/click?pid=15&offer_id=254156&sub1=NCT_iphone_de_ofid12918038_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat10_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub3=id284819997&sub5=id284819997 HTTP 302
  • https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01
Request Chain 13
  • https://imagineads.g2afse.com/click?pid=38&offer_id=3909&sub1=NCT_iphone_de_ofid12650377_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat11_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub4=id284819997&sub5=id284819997 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=3909 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
Request Chain 14
  • https://imagineads.g2afse.com/click?pid=59&offer_id=7085&sub1=NCT_iphone_de_ofid13034678_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat12_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub4=id284819997&sub5=id284819997 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7085 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
Request Chain 16
  • https://ad-experience.g2afse.com/click?pid=2&offer_id=598334&sub1=NCT_iphone_de_ofid11579328_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat14_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub5=id284819997 HTTP 302
  • https://olamob.g2afse.com/click?pid=38&offer_id=20255&sub1=61cb629f1a33cb00010f73b2&sub2=2_1158301032_225955_funwarcab.club&sub3=&sub4=id284819997 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
  • https://settleads.gotrackier.com/t/MzMwXzk3MzYy/?p1=NCT_iphone_de_ofid11621466_pid616_sub1_sub238_sub3OlaMobSL_nat7_sub4_sub5&source=115830616_38&p4=id1119322983&p5=id1119322983
Request Chain 19
  • https://appscogent.g2afse.com/click?pid=27&offer_id=616314&sub1=NCT_iphone_de_ofid13078942_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat17_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub3=236B7EAE-07FE-4729-86FC-D8EBD6AC880F&sub4=236B7EAE-07FE-4729-86FC-D8EBD6AC880F&sub5=id284819997 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1011&cid=&sid=27_1158301032_225955_funwarcab.club&udid=&name=&info=AppscogentSL&blockTime=0 HTTP 302
  • https://t.9696.me/click?pid=868&offer_id=146523&sub4=NCT_iphone_de_ofid12251608_pid616_sub1_sub227_1158301032_225955_funwarcab.club_sub3AppscogentSL_nat5_sub4_sub5&sub1=868_4850616&sub2=868_4850616_27_1158301032_225955_funwarcab.club&sub3=id417571834 HTTP 302
  • https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id417571834&sub1=868_4850616&sub2=868_4850616_27_1158301032_225955_funwarcab.club HTTP 302
  • https://offer.alibaba.com/cps/3ba4i0jh?tp1=61cb629f6688f70001789636&pid=868_4850616&adid=
Request Chain 21
  • https://zildd.g2afse.com/click?pid=35&offer_id=2904497&sub1=NCT_iphone_de_ofid12946197_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat19_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub3=id284819997 HTTP 302
  • https://zildd.g2afse.com/click?pid=35&offer_id=3307414
Request Chain 22
  • https://zildd.g2afse.com/click?pid=35&offer_id=2482829&sub1=NCT_iphone_de_ofid12900114_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat20_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub3=id284819997 HTTP 302
  • https://ila3.co/o/15702?p=3&aff_clickid=61cb629f0e6f5c0001300ea1&sub2=1158301032_225955_funwarcab.club&sub1=35_1158301032_225955_funwarcab.club&app_name=id284819997&idfa=&gaid= HTTP 302
  • https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_z279hyq9646g4k&target=1014949597
Request Chain 23
  • https://nexamob.g2afse.com/click?pid=15&offer_id=254143&sub1=NCT_iphone_de_ofid12918025_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat21_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub3=id284819997&sub5=id284819997 HTTP 302
  • https://cornerstore.go2affise.com/click?pid=144&offer_id=203159&sub1=61cb629f368a7d0001bd3619&sub2=15&sub3=id284819997&sub4=&sub8=|254143,15 HTTP 302
  • https://app.appsflyer.com/id1540715900?af_prt=naturalint&pid=6WFPuy1sw8FSqV2o&c=&af_adset=&af_ad=&af_siteid=144&af_ad_type=af_ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&af_c_id=&af_adset_id=&af_click_lookback=7d&clickid=61cb629f0600ed0001e8197d&af_lang=de-DE&af_ip=194.36.108.21&af_channel=144 HTTP 302
  • https://apps.apple.com/DE/app/id1540715900?mt=8
Request Chain 24
  • https://brainadv.g2afse.com/click?pid=37&offer_id=220005&sub1=1158301032_225955_funwarcab.club&sub2=id284819997&sub3=NCT_iphone_de_ofid12842490_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat22_sub4_sub5 HTTP 302
  • https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=37&pub_sub_sub_id=1158301032_225955_funwarcab.club&idfa=&gaid=&app=id284819997
Request Chain 28
  • https://digitalfuture.g2afse.com/click?pid=2&offer_id=1737119&sub1=NCT_iphone_de_ofid12982714_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat26_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub5=id284819997 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
  • https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=115830616&q=
Request Chain 32
  • https://brainadv.g2afse.com/click?pid=3&offer_id=748175&sub3=NCT_iphone_de_ofid13082589_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat30_sub4_sub5&sub1=1158301032_225955_funwarcab.club&sub2=id284819997 HTTP 302
  • https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=1158301032_225955_funwarcab.club&idfa=&gaid=&app=id284819997
Request Chain 33
  • https://digitalfuture.g2afse.com/click?pid=2&offer_id=1412103&sub1=NCT_iphone_de_ofid11879455_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat31_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub5=id284819997 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
  • https://zildd.g2afse.com/click?pid=35&offer_id=3307478&sub1=NCT_iphone_de_ofid12900132_pid616_sub1_sub22_sub3ElishaSL_nat10_sub4_sub5&sub2=115830616_2&sub3=id285755462 HTTP 302
  • https://ila3.co/o/213838?p=3&aff_clickid=61cb629fcead3b0001375ebb&sub2=115830616_2&sub1=35_115830616_2&app_name=id285755462&idfa=&gaid= HTTP 302
  • https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_z1yvgf022h1f1o&target=571932135
Request Chain 34
  • https://md412.trckswrm.com/click?offer_id=231977&pub_id=10&pub_click_id=NCT_iphone_de_ofid13069125_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat32_sub4_sub5&pub_sub_id=1158301032&pub_sub_sub_id=225955_funwarcab.club&app=id284819997 HTTP 302
  • https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=Ah-lSNQAAAF-AnlAFwADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id284819997
Request Chain 39
  • https://appscogent.g2afse.com/click?pid=27&offer_id=618957&sub1=NCT_iphone_de_ofid13093276_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat37_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub3=236B7EAE-07FE-4729-86FC-D8EBD6AC880F&sub4=236B7EAE-07FE-4729-86FC-D8EBD6AC880F&sub5=id284819997 HTTP 302
  • https://allmarketing.g2afse.com/click?pid=778&offer_id=4848926&sub1=61cb629f2dfa5f0001c92a29&sub2=27_1158301032_225955_funwarcab.club&sub3=236B7EAE-07FE-4729-86FC-D8EBD6AC880F&sub3=236B7EAE-07FE-4729-86FC-D8EBD6AC880F&sub4=id284819997 HTTP 302
  • https://allmarketing.go2affise.com/sl?id=5f7bffbd1a6e4b187922525f&pid=652&sub1= HTTP 302
  • https://go.g2app.net/click?pid=647&offer_id=2104158&sub1=61cb629f082f410001836d3b&sub2=652
Request Chain 43
  • https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
  • https://www.google.com/
Request Chain 45
  • https://zildd.g2afse.com/click?pid=35&offer_id=3401902&sub1=NCT_iphone_de_ofid12954639_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat2_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub3=id284819997&sub4=236B7EAE-07FE-4729-86FC-D8EBD6AC880F HTTP 0
  • http://zildd.g2afse.com/disabled.html
Request Chain 46
  • https://appscogent.g2afse.com/click?pid=27&offer_id=570238&sub1=NCT_iphone_de_ofid13026064_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat7_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub5=id284819997 HTTP 302
  • https://allmarketing.g2afse.com/click?pid=778&offer_id=3147132&sub1=61cb62a02baecc0001c466b4&sub2=27_1158301032_225955_funwarcab.club&sub3=&sub3=&sub4=id284819997 HTTP 302
  • https://zorkamarket.g2afse.com/click?pid=860&offer_id=1894903&sub1=61cb62a0a51fa60001ee2ca1&sub2=778&sub3= HTTP 0
  • http://zorkamarket.g2afse.com/disabled.html
Request Chain 47
  • https://mookomedia.g2afse.com/click?pid=42&offer_id=265658&sub1=NCT_iphone_de_ofid12986312_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat9_sub4_sub5&sub4=1158301032_225955_funwarcab.club&sub5=id284819997 HTTP 302
  • https://allmarketing.g2afse.com/click?pid=779&offer_id=4814200&sub1=61cb62a0d5903200016880ca&sub2=42_1158301032_225955_funwarcab.club&sub3=_&sub4=id284819997 HTTP 302
  • https://allmarketing.go2affise.com/sl?id=5f7bffbd1a6e4b187922525f&pid=652&sub1= HTTP 302
  • https://go.g2app.net/click?pid=647&offer_id=2102027&sub1=61cb62a09524d80001bfc367&sub2=652 HTTP 0
  • http://go.g2app.net/disabled.html
Request Chain 48
  • https://nexamob.g2afse.com/click?pid=15&offer_id=254156&sub1=NCT_iphone_de_ofid12918038_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat10_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub3=id284819997&sub5=id284819997 HTTP 302
  • https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01
Request Chain 49
  • https://mookomedia.g2afse.com/click?pid=42&offer_id=239810&sub1=NCT_iphone_de_ofid12608414_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat16_sub4_sub5&sub4=1158301032_225955_funwarcab.club&sub5=id284819997 HTTP 0
  • http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106
Request Chain 50
  • https://appscogent.g2afse.com/click?pid=27&offer_id=616314&sub1=NCT_iphone_de_ofid13078942_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat17_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub3=236B7EAE-07FE-4729-86FC-D8EBD6AC880F&sub4=236B7EAE-07FE-4729-86FC-D8EBD6AC880F&sub5=id284819997 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1011&cid=&sid=27_1158301032_225955_funwarcab.club&udid=&name=&info=AppscogentSL&blockTime=0 HTTP 302
  • https://aptrt.trckswrm.com/click?offer_id=587&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid12263164_pid616_sub1_sub227_1158301032_225955_funwarcab.club_sub3AppscogentSL_nat5_sub4_sub5&pub_sub_id=115830616&pub_sub_sub_id=27_1158301032_225955_funwarcab.club&app=id1483008483 HTTP 302
  • https://appitate.g2afse.com/click?pid=8530&offer_id=39854&sub1=Aks79qgAAAF-AnlCjgAAwnQAAACAAAAABQ&sub2=128_29&sub3=&sub3=&sub4=&sub5=id1483008483 HTTP 0
  • http://clicks.rtad.io/tracking/click?clickid=61cb62a0b8748f0001d46ec0&trafficsource=1373695412&cid=Aks79qgAAAF-AnlCjgAAwnQAAACAAAAABQ&offerid=406166271879162355
Request Chain 51
  • https://zildd.g2afse.com/click?pid=35&offer_id=2904497&sub1=NCT_iphone_de_ofid12946197_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat19_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub3=id284819997 HTTP 302
  • https://zildd.g2afse.com/click?pid=35&offer_id=3307414 HTTP 0
  • http://zildd.g2afse.com/disabled.html

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
funwarcab.club/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://funwarcab.club/
Protocol
HTTP/1.1
Server
2607:fad0:3801:4::1 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash
cc805b0027618a48c1404b57734d5854d330a10a41a2839f1b81fb4f46430992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 28 Dec 2021 19:16:46 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By
PHP/5.4.16
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
bouncy.php
funwarcab.club/page/ 		688 B
973 B 		Document
General
Check archive.org
Download Go to
Full URL
http://funwarcab.club/page/bouncy.php?&bpae=GbhGd70m5Vx7jvMURpyjmk7JSaXQTRyQarcLrHupLGYt4f0iN75D%2Fn6W%2FNDaH4eoZzaeuQLmz6S5IzFwb5FVfsaIGWqcCWphcxuJw286ZQXWQXlCpmfE62ra7slFZB9glIoc5%2FD%2Bzud8AbD1IQ4RB0ET0w53%2FgAFWgpYFYafN9LKjM1mzXl1BDNex5nI6kcst0%2BpcaZCQ9NgjeE6afMkOChH2i5c2pUQ%2BapXc1xuAygms5af860G3QU1ilxOLlUxTsBTK2TVEozOVxxMs5%2Bowe4AdReNPhyRnhcyom8dje%2BLDBF74wjfILsY0Y4MvA8kROZAyW6cXRCohna2yi%2BaJiy5CZhDkqqVALL1Jpn%2B4jRb9xu4WTMXgIUkiLUkaJO9EQ3zibaVzduoQNPCWeb%2F2EGPl95zHd3lR%2FWIVZxQ3d%2BRAbnKHZlmPC3Eeg%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: funwarcab.club
URL: http://funwarcab.club/
Protocol
HTTP/1.1
Server
2607:fad0:3801:4::1 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash
200053044a5f7e9edd2dd16eb29b6928fadb1cb6378a0bed0f8b6c4916261530

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://funwarcab.club/

Response headers

Date
Tue, 28 Dec 2021 19:16:47 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By
PHP/5.4.16
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request fantastic.html
cpi-offers.com/
Redirect Chain
  • http://click.expmediadirect1.com/click?i=abjVLUvwUWU_0
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
11 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Requested by
Host: funwarcab.club
URL: http://funwarcab.club/page/bouncy.php?&bpae=GbhGd70m5Vx7jvMURpyjmk7JSaXQTRyQarcLrHupLGYt4f0iN75D%2Fn6W%2FNDaH4eoZzaeuQLmz6S5IzFwb5FVfsaIGWqcCWphcxuJw286ZQXWQXlCpmfE62ra7slFZB9glIoc5%2FD%2Bzud8AbD1IQ4RB0ET0w53%2FgAFWgpYFYafN9LKjM1mzXl1BDNex5nI6kcst0%2BpcaZCQ9NgjeE6afMkOChH2i5c2pUQ%2BapXc1xuAygms5af860G3QU1ilxOLlUxTsBTK2TVEozOVxxMs5%2Bowe4AdReNPhyRnhcyom8dje%2BLDBF74wjfILsY0Y4MvA8kROZAyW6cXRCohna2yi%2BaJiy5CZhDkqqVALL1Jpn%2B4jRb9xu4WTMXgIUkiLUkaJO9EQ3zibaVzduoQNPCWeb%2F2EGPl95zHd3lR%2FWIVZxQ3d%2BRAbnKHZlmPC3Eeg%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.4.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-4-247.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.1 / Express
Resource Hash
281fe7a46eb848a3c027a96f65e98fcabe98dbc46eee16d84dc08f7f04e3de4a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://funwarcab.club/page/bouncy.php?&bpae=GbhGd70m5Vx7jvMURpyjmk7JSaXQTRyQarcLrHupLGYt4f0iN75D%2Fn6W%2FNDaH4eoZzaeuQLmz6S5IzFwb5FVfsaIGWqcCWphcxuJw286ZQXWQXlCpmfE62ra7slFZB9glIoc5%2FD%2Bzud8AbD1IQ4RB0ET0w53%2FgAFWgpYFYafN9LKjM1mzXl1BDNex5nI6kcst0%2BpcaZCQ9NgjeE6afMkOChH2i5c2pUQ%2BapXc1xuAygms5af860G3QU1ilxOLlUxTsBTK2TVEozOVxxMs5%2Bowe4AdReNPhyRnhcyom8dje%2BLDBF74wjfILsY0Y4MvA8kROZAyW6cXRCohna2yi%2BaJiy5CZhDkqqVALL1Jpn%2B4jRb9xu4WTMXgIUkiLUkaJO9EQ3zibaVzduoQNPCWeb%2F2EGPl95zHd3lR%2FWIVZxQ3d%2BRAbnKHZlmPC3Eeg%3D%3D&redirectType=js&inIframe=false&inPopUp=false

Response headers

date
Tue, 28 Dec 2021 19:16:47 GMT
content-type
text/html; charset=utf-8
server
nginx/1.14.1
x-powered-by
Express
access-control-allow-origin
*
etag
W/"2bcc-G/yF1YJxqDCJiD39CkoeeEVXRzI"
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

Cache-Control
no-store
Content-Length
0
Age
0
Connection
keep-alive
Location
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Pragma
no-cache
main.js
cpi-offers.com/jsf/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpi-offers.com/jsf/main.js
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.4.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-4-247.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.1 / Express
Resource Hash
3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 19:16:47 GMT
content-encoding
gzip
etag
"288229-2720-1640601730000"
last-modified
Mon, 27 Dec 2021 10:42:10 GMT
server
nginx/1.14.1
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
w404
offer.alibaba.com/product/
Redirect Chain
  • https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_de_ofid10910945_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat1_sub4_sub5&sub1=729_48501032&sub2=729_48501032_225955_fu...
  • https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id284819997&sub1=729_48501032&sub2=729_48501032_225955_funwarcab.club
  • https://offer.alibaba.com/cps/rq9rg325?tp1=61cb629f4627fc0001796aa6&pid=729_48501032&adid=
  • http://offer.alibaba.com/product/w404
0
0
click
zildd.g2afse.com/ 		0
0
redirect
direct2.knmasdfsdgs.com/ 		0
138 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=1158301032&q=
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 28 Dec 2021 19:16:46 GMT
Server
nginx
Connection
close
Content-Type
text/html; charset=utf-8
redirect
direct2.knmasdfsdgs.com/ 		0
138 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=1158301032&q=
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 28 Dec 2021 19:16:47 GMT
Server
nginx
Connection
close
Content-Type
text/html; charset=utf-8
click
apts.trckswrm.com/ 		0
75 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apts.trckswrm.com/click?offer_id=555873&pub_id=55&pub_click_id=NCT_iphone_de_ofid12764779_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat5_sub4_sub5&pub_sub_id=1158301032&pub_sub_sub_id=225955_funwarcab.club&app=id284819997
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.135.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.114.135.202.116.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 19:16:47 GMT
content-length
0
click
apnp.trckswrm.com/ 		0
75 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apnp.trckswrm.com/click?offer_id=77876&pub_id=7&pub_id=7&pub_click_id=NCT_iphone_de_ofid13094699_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat6_sub4_sub5&pub_sub_id=1158301032&pub_sub_sub_id=225955_funwarcab.club&app=id284819997
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.131.120.40.188.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 19:16:47 GMT
content-length
0
click
zorkamarket.g2afse.com/
Redirect Chain
  • https://appscogent.g2afse.com/click?pid=27&offer_id=570238&sub1=NCT_iphone_de_ofid13026064_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat7_sub4_sub5&sub2=1158301032_225955_funwarcab.c...
  • https://allmarketing.g2afse.com/click?pid=778&offer_id=3147132&sub1=61cb629fdc53df0001c96b68&sub2=27_1158301032_225955_funwarcab.club&sub3=&sub3=&sub4=id284819997
  • https://zorkamarket.g2afse.com/click?pid=860&offer_id=1894903&sub1=61cb629f9524d80001bfc250&sub2=778&sub3=
0
0
id1502397711
apps.apple.com/de/app/
Redirect Chain
  • https://thingortwo.g2afse.com/click?pid=75&offer_id=44283&sub1=NCT_iphone_de_ofid12917944_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat8_sub4_sub5&sub2=75_48501032&sub3=225955_funwar...
  • https://apps.apple.com/de/app/id1502397711
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps.apple.com/de/app/id1502397711
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
H2
Server
2a02:26f0:6c00:288::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

location
https://apps.apple.com/de/app/id1502397711
date
Tue, 28 Dec 2021 19:16:47 GMT
server
nginx
access-control-allow-origin
*
content-length
0
click
appitate.g2afse.com/
Redirect Chain
  • https://mookomedia.g2afse.com/click?pid=42&offer_id=265658&sub1=NCT_iphone_de_ofid12986312_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat9_sub4_sub5&sub4=1158301032_225955_funwarcab.c...
  • https://allmarketing.g2afse.com/click?pid=779&offer_id=4814200&sub1=61cb629f4600210001336c5b&sub2=42_1158301032_225955_funwarcab.club&sub3=_&sub4=id284819997
  • https://allmarketing.go2affise.com/sl?id=5f7bffbd1a6e4b187922525f&pid=652&sub1=
  • https://go.g2app.net/click?pid=647&offer_id=2087210&sub1=61cb629f86ff3e0001f06197&sub2=652
  • https://aptrt.trckswrm.com/click?offer_id=19794&pub_id=67&pub_click_id=61cb629f2f402d0001ab19f6&pub_sub_id=647_652&pub_sub_sub_id=647_652&idfa=&gaid=&app=
  • https://appitate.g2afse.com/click?pid=8530&offer_id=39854&sub1=AmkwH4UAAAF-AnlBNwAAwnQAAACAAAAABQ&sub2=128_67&sub3=&sub3=&sub4=&sub5=
0
0
click
trk.ad-serving-ads.com/
Redirect Chain
  • https://nexamob.g2afse.com/click?pid=15&offer_id=254156&sub1=NCT_iphone_de_ofid12918038_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat10_sub4_sub5&sub2=1158301032_225955_funwarcab.clu...
  • https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
H2
Server
3.224.8.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-8-153.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 19:16:48 GMT
content-length
13
content-type
text/html

Redirect headers

location
https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01
date
Tue, 28 Dec 2021 19:16:47 GMT
server
nginx
access-control-allow-origin
*
content-length
0
click
imagineads.g2afse.com/
Redirect Chain
  • https://imagineads.g2afse.com/click?pid=38&offer_id=3909&sub1=NCT_iphone_de_ofid12650377_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat11_sub4_sub5&sub2=1158301032_225955_funwarcab.cl...
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=3909
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
0
0
click
imagineads.g2afse.com/
Redirect Chain
  • https://imagineads.g2afse.com/click?pid=59&offer_id=7085&sub1=NCT_iphone_de_ofid13034678_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat12_sub4_sub5&sub2=1158301032_225955_funwarcab.cl...
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7085
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
  • https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
0
0
click
apts.trckswrm.com/ 		0
75 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apts.trckswrm.com/click?offer_id=538546&pub_id=9&pub_click_id=NCT_iphone_de_ofid12677667_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat13_sub4_sub5&pub_sub_id=1158301032&pub_sub_sub_id=225955_funwarcab.club&app=id284819997
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.135.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.114.135.202.116.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 19:16:47 GMT
content-length
0
/
settleads.gotrackier.com/t/MzMwXzk3MzYy/
Redirect Chain
  • https://ad-experience.g2afse.com/click?pid=2&offer_id=598334&sub1=NCT_iphone_de_ofid11579328_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat14_sub4_sub5&sub2=1158301032_225955_funwarca...
  • https://olamob.g2afse.com/click?pid=38&offer_id=20255&sub1=61cb629f1a33cb00010f73b2&sub2=2_1158301032_225955_funwarcab.club&sub3=&sub4=id284819997
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0
  • https://settleads.gotrackier.com/t/MzMwXzk3MzYy/?p1=NCT_iphone_de_ofid11621466_pid616_sub1_sub238_sub3OlaMobSL_nat7_sub4_sub5&source=115830616_38&p4=id1119322983&p5=id1119322983
22 B
277 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://settleads.gotrackier.com/t/MzMwXzk3MzYy/?p1=NCT_iphone_de_ofid11621466_pid616_sub1_sub238_sub3OlaMobSL_nat7_sub4_sub5&source=115830616_38&p4=id1119322983&p5=id1119322983
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
H2
Server
2606:4700:10::6816:2356 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-err
CSS_REQUEST
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 28 Dec 2021 19:16:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain; charset=utf-8
cf-ray
6c4d20071afa5a31-MXP
content-length
22
x-rt
0

Redirect headers

date
Tue, 28 Dec 2021 19:16:47 GMT
content-encoding
gzip
server
nginx/1.14.1
location
https://settleads.gotrackier.com/t/MzMwXzk3MzYy/?p1=NCT_iphone_de_ofid11621466_pid616_sub1_sub238_sub3OlaMobSL_nat7_sub4_sub5&source=115830616_38&p4=id1119322983&p5=id1119322983
x-powered-by
Express
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
click
apts.trckswrm.com/ 		0
75 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apts.trckswrm.com/click?offer_id=36686&pub_id=55&pub_click_id=NCT_iphone_de_ofid12305120_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat15_sub4_sub5&pub_sub_id=1158301032&pub_sub_sub_id=225955_funwarcab.club&app=id284819997
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.135.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.114.135.202.116.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 19:16:47 GMT
content-length
0
click
mookomedia.g2afse.com/ 		0
0
3ba4i0jh
offer.alibaba.com/cps/
Redirect Chain
  • https://appscogent.g2afse.com/click?pid=27&offer_id=616314&sub1=NCT_iphone_de_ofid13078942_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat17_sub4_sub5&sub2=1158301032_225955_funwarcab....
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1011&cid=&sid=27_1158301032_225955_funwarcab.club&udid=&name=&info=AppscogentSL&blockTime=0
  • https://t.9696.me/click?pid=868&offer_id=146523&sub4=NCT_iphone_de_ofid12251608_pid616_sub1_sub227_1158301032_225955_funwarcab.club_sub3AppscogentSL_nat5_sub4_sub5&sub1=868_4850616&sub2=868_4850616...
  • https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id417571834&sub1=868_4850616&sub2=868_4850616_27_1158301032_225955_funwarcab.club
  • https://offer.alibaba.com/cps/3ba4i0jh?tp1=61cb629f6688f70001789636&pid=868_4850616&adid=
0
0
/
settleads.gotrackier.com/t/MzMwXzE0MDUzNg/ 		22 B
459 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://settleads.gotrackier.com/t/MzMwXzE0MDUzNg/?p1=NCT_iphone_de_ofid11621389_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat18_sub4_sub5&source=1158301032_225955_funwarcab.club&p4=id284819997&p5=id284819997
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2356 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-err
CSS_REQUEST
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
date
Tue, 28 Dec 2021 19:16:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain; charset=utf-8
cf-ray
6c4d200699785a31-MXP
content-length
22
x-rt
0
click
zildd.g2afse.com/
Redirect Chain
  • https://zildd.g2afse.com/click?pid=35&offer_id=2904497&sub1=NCT_iphone_de_ofid12946197_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat19_sub4_sub5&sub2=1158301032_225955_funwarcab.club...
  • https://zildd.g2afse.com/click?pid=35&offer_id=3307414
0
0
ps
il32.co/
Redirect Chain
  • https://zildd.g2afse.com/click?pid=35&offer_id=2482829&sub1=NCT_iphone_de_ofid12900114_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat20_sub4_sub5&sub2=1158301032_225955_funwarcab.club...
  • https://ila3.co/o/15702?p=3&aff_clickid=61cb629f0e6f5c0001300ea1&sub2=1158301032_225955_funwarcab.club&sub1=35_1158301032_225955_funwarcab.club&app_name=id284819997&idfa=&gaid=
  • https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_z279hyq9646g4k&target=1014949597
0
0
id1540715900
apps.apple.com/DE/app/
Redirect Chain
  • https://nexamob.g2afse.com/click?pid=15&offer_id=254143&sub1=NCT_iphone_de_ofid12918025_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat21_sub4_sub5&sub2=1158301032_225955_funwarcab.clu...
  • https://cornerstore.go2affise.com/click?pid=144&offer_id=203159&sub1=61cb629f368a7d0001bd3619&sub2=15&sub3=id284819997&sub4=&sub8=|254143,15
  • https://app.appsflyer.com/id1540715900?af_prt=naturalint&pid=6WFPuy1sw8FSqV2o&c=&af_adset=&af_ad=&af_siteid=144&af_ad_type=af_ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F53...
  • https://apps.apple.com/DE/app/id1540715900?mt=8
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps.apple.com/DE/app/id1540715900?mt=8
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
H2
Server
2a02:26f0:6c00:288::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date
Tue, 28 Dec 2021 19:16:47 GMT
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
server
http-kit
x-amz-cf-pop
FRA56-P4
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Miss from cloudfront
content-type
application/octet-stream
location
https://apps.apple.com/DE/app/id1540715900?mt=8
content-length
0
x-amz-cf-id
n9DQhYLbbqoGjnuL8tr7FdnqzkE4Ku1an_MLp8UUR-uPwJ5owmGeCg==
recommendation
brainadv.trckswrm.com/
Redirect Chain
  • https://brainadv.g2afse.com/click?pid=37&offer_id=220005&sub1=1158301032_225955_funwarcab.club&sub2=id284819997&sub3=NCT_iphone_de_ofid12842490_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAds...
  • https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=37&pub_sub_sub_id=1158301032_225955_funwarcab.club&idfa=&gaid=&app=id284819997
0
0
click
times25.go2affise.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://times25.go2affise.com/click?pid=607&offer_id=93556&sub1=NCT_iphone_de_ofid12622743_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat23_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub5=id284819997
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.135.213 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
click
c.allontrk.com/ 		0
0
click
apts.trckswrm.com/ 		0
75 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apts.trckswrm.com/click?offer_id=256050&pub_id=9&pub_click_id=NCT_iphone_de_ofid11533970_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat25_sub4_sub5&pub_sub_id=1158301032&pub_sub_sub_id=225955_funwarcab.club&app=id284819997
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.135.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.114.135.202.116.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 19:16:47 GMT
content-length
0
redirect
direct2.knmasdfsdgs.com/
Redirect Chain
  • https://digitalfuture.g2afse.com/click?pid=2&offer_id=1737119&sub1=NCT_iphone_de_ofid12982714_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat26_sub4_sub5&sub2=1158301032_225955_funwarc...
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0
  • https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=115830616&q=
0
138 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=115830616&q=
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
HTTP/1.1
Server
185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 28 Dec 2021 19:16:47 GMT
Server
nginx
Connection
close
Content-Type
text/html; charset=utf-8

Redirect headers

date
Tue, 28 Dec 2021 19:16:47 GMT
content-encoding
gzip
server
nginx/1.14.1
location
https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=115830616&q=
x-powered-by
Express
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
click
apts.trckswrm.com/ 		0
75 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apts.trckswrm.com/click?offer_id=654243&pub_id=55&pub_click_id=NCT_iphone_de_ofid13077459_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat27_sub4_sub5&pub_sub_id=1158301032&pub_sub_sub_id=225955_funwarcab.club&app=id284819997
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.135.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.114.135.202.116.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 19:16:47 GMT
content-length
0
click
c.allontrk.com/ 		0
0
click
apts.trckswrm.com/ 		0
75 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apts.trckswrm.com/click?offer_id=202160&pub_id=9&pub_click_id=NCT_iphone_de_ofid11274117_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat29_sub4_sub5&pub_sub_id=1158301032&pub_sub_sub_id=225955_funwarcab.club&app=id284819997
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.135.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.114.135.202.116.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 19:16:47 GMT
content-length
0
recommendation
brainadv.trckswrm.com/
Redirect Chain
  • https://brainadv.g2afse.com/click?pid=3&offer_id=748175&sub3=NCT_iphone_de_ofid13082589_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat30_sub4_sub5&sub1=1158301032_225955_funwarcab.clu...
  • https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=1158301032_225955_funwarcab.club&idfa=&gaid=&app=id284819997
0
0
ps
il32.co/
Redirect Chain
  • https://digitalfuture.g2afse.com/click?pid=2&offer_id=1412103&sub1=NCT_iphone_de_ofid11879455_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat31_sub4_sub5&sub2=1158301032_225955_funwarc...
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0
  • https://zildd.g2afse.com/click?pid=35&offer_id=3307478&sub1=NCT_iphone_de_ofid12900132_pid616_sub1_sub22_sub3ElishaSL_nat10_sub4_sub5&sub2=115830616_2&sub3=id285755462
  • https://ila3.co/o/213838?p=3&aff_clickid=61cb629fcead3b0001375ebb&sub2=115830616_2&sub1=35_115830616_2&app_name=id285755462&idfa=&gaid=
  • https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_z1yvgf022h1f1o&target=571932135
0
0
click
trafficred.g2afse.com/
Redirect Chain
  • https://md412.trckswrm.com/click?offer_id=231977&pub_id=10&pub_click_id=NCT_iphone_de_ofid13069125_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat32_sub4_sub5&pub_sub_id=1158301032&pub...
  • https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=Ah-lSNQAAAF-AnlAFwADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id284819997
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=Ah-lSNQAAAF-AnlAFwADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id284819997
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
H2
Server
213.227.156.193 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

location
https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=Ah-lSNQAAAF-AnlAFwADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id284819997
date
Tue, 28 Dec 2021 19:16:47 GMT
referrer-policy
no-referrer
content-length
0
click
zildd.g2afse.com/ 		0
0
click
c.allontrk.com/ 		0
0
click
apply.trckswrm.com/ 		0
75 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apply.trckswrm.com/click?offer_id=28674&pub_id=29&pub_click_id=NCT_iphone_de_ofid12947105_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat35_sub4_sub5&pub_sub_id=1158301032&pub_sub_sub_id=225955_funwarcab.club&app=id284819997
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.135.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.114.135.202.116.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 19:16:47 GMT
content-length
0
click
trk.bidrivo.com/ 		22 B
624 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trk.bidrivo.com/click?campaign_id=398740&pub_id=75&p1=NCT_iphone_de_ofid13093844_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat36_sub4_sub5&source=1158301032_225955_funwarcab.club&app_name=id284819997
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-err
CSS_REQUEST
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
date
Tue, 28 Dec 2021 19:16:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8UoJrA1UaVFul9i89Y7oXIDPuS79vnx77y%2B0RMx9dO5WekUrxaoMDeK0J3f4d0yN8Io%2Bwk%2B1K21vcuD1CTa8MYk3xbBGE5FmiqAgTtDn6L3gFaFJ7MabVOakMn79l1WsXQS%2BMZ1Gop6B0r7Ywo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cf-ray
6c4d20069bb05a43-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22
x-rt
0
click
go.g2app.net/
Redirect Chain
  • https://appscogent.g2afse.com/click?pid=27&offer_id=618957&sub1=NCT_iphone_de_ofid13093276_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat37_sub4_sub5&sub2=1158301032_225955_funwarcab....
  • https://allmarketing.g2afse.com/click?pid=778&offer_id=4848926&sub1=61cb629f2dfa5f0001c92a29&sub2=27_1158301032_225955_funwarcab.club&sub3=236B7EAE-07FE-4729-86FC-D8EBD6AC880F&sub3=236B7EAE-07FE-47...
  • https://allmarketing.go2affise.com/sl?id=5f7bffbd1a6e4b187922525f&pid=652&sub1=
  • https://go.g2app.net/click?pid=647&offer_id=2104158&sub1=61cb629f082f410001836d3b&sub2=652
0
0
click
apply.trckswrm.com/ 		0
75 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apply.trckswrm.com/click?offer_id=5541&pub_id=29&pub_click_id=NCT_iphone_de_ofid12385118_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat38_sub4_sub5&pub_sub_id=1158301032&pub_sub_sub_id=225955_funwarcab.club&app=id284819997
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.135.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.114.135.202.116.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 19:16:47 GMT
content-length
0
click
c.allontrk.com/ 		0
0
click
c.allontrk.com/ 		0
0
/
www.google.com/
Redirect Chain
  • https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D
  • https://www.google.com/
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
H2
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date
Tue, 28 Dec 2021 19:16:47 GMT
referrer-policy
origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjnkqBF8y7NLmBJfgDqejFKO5EKMtMcEMDrvi7JI3CMq8mW5JG0ZERRATzwI45A4EsXMWcwc4bHBesmBYQOu2grTPwQf1oFCu%2FNQftQgbPc%2BPd962SR9vto%2F7xeayQg%3D"}],"group":"cf-nel","max_age":604800}
location
https://www.google.com
cf-ray
6c4d20068be0702e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
swback
cpi-offers.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpi-offers.com/swback
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/jsf/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.4.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-4-247.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.1 / Express
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 19:16:47 GMT
content-encoding
gzip
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
server
nginx/1.14.1
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
disabled.html
zildd.g2afse.com/
Redirect Chain
  • https://zildd.g2afse.com/click?pid=35&offer_id=3401902&sub1=NCT_iphone_de_ofid12954639_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat2_sub4_sub5&sub2=1158301032_225955_funwarcab.club&...
  • http://zildd.g2afse.com/disabled.html
0
0
disabled.html
zorkamarket.g2afse.com/
Redirect Chain
  • https://appscogent.g2afse.com/click?pid=27&offer_id=570238&sub1=NCT_iphone_de_ofid13026064_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat7_sub4_sub5&sub2=1158301032_225955_funwarcab.c...
  • https://allmarketing.g2afse.com/click?pid=778&offer_id=3147132&sub1=61cb62a02baecc0001c466b4&sub2=27_1158301032_225955_funwarcab.club&sub3=&sub3=&sub4=id284819997
  • https://zorkamarket.g2afse.com/click?pid=860&offer_id=1894903&sub1=61cb62a0a51fa60001ee2ca1&sub2=778&sub3=
  • http://zorkamarket.g2afse.com/disabled.html
0
0
disabled.html
go.g2app.net/
Redirect Chain
  • https://mookomedia.g2afse.com/click?pid=42&offer_id=265658&sub1=NCT_iphone_de_ofid12986312_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat9_sub4_sub5&sub4=1158301032_225955_funwarcab.c...
  • https://allmarketing.g2afse.com/click?pid=779&offer_id=4814200&sub1=61cb62a0d5903200016880ca&sub2=42_1158301032_225955_funwarcab.club&sub3=_&sub4=id284819997
  • https://allmarketing.go2affise.com/sl?id=5f7bffbd1a6e4b187922525f&pid=652&sub1=
  • https://go.g2app.net/click?pid=647&offer_id=2102027&sub1=61cb62a09524d80001bfc367&sub2=652
  • http://go.g2app.net/disabled.html
0
0
click
trk.ad-serving-ads.com/
Redirect Chain
  • https://nexamob.g2afse.com/click?pid=15&offer_id=254156&sub1=NCT_iphone_de_ofid12918038_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat10_sub4_sub5&sub2=1158301032_225955_funwarcab.clu...
  • https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01
Requested by
Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Protocol
H2
Server
3.224.8.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-8-153.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 19:16:48 GMT
content-length
13
content-type
text/html

Redirect headers

location
https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01
date
Tue, 28 Dec 2021 19:16:48 GMT
server
nginx
access-control-allow-origin
*
content-length
0
sl
mookomedia.g2afse.com/
Redirect Chain
  • https://mookomedia.g2afse.com/click?pid=42&offer_id=239810&sub1=NCT_iphone_de_ofid12608414_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat16_sub4_sub5&sub4=1158301032_225955_funwarcab....
  • http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106
0
0
click
clicks.rtad.io/tracking/
Redirect Chain
  • https://appscogent.g2afse.com/click?pid=27&offer_id=616314&sub1=NCT_iphone_de_ofid13078942_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat17_sub4_sub5&sub2=1158301032_225955_funwarcab....
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1011&cid=&sid=27_1158301032_225955_funwarcab.club&udid=&name=&info=AppscogentSL&blockTime=0
  • https://aptrt.trckswrm.com/click?offer_id=587&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid12263164_pid616_sub1_sub227_1158301032_225955_funwarcab.club_sub3AppscogentSL_nat5_sub4_sub5&pub_sub...
  • https://appitate.g2afse.com/click?pid=8530&offer_id=39854&sub1=Aks79qgAAAF-AnlCjgAAwnQAAACAAAAABQ&sub2=128_29&sub3=&sub3=&sub4=&sub5=id1483008483
  • http://clicks.rtad.io/tracking/click?clickid=61cb62a0b8748f0001d46ec0&trafficsource=1373695412&cid=Aks79qgAAAF-AnlCjgAAwnQAAACAAAAABQ&offerid=406166271879162355
0
0
disabled.html
zildd.g2afse.com/
Redirect Chain
  • https://zildd.g2afse.com/click?pid=35&offer_id=2904497&sub1=NCT_iphone_de_ofid12946197_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat19_sub4_sub5&sub2=1158301032_225955_funwarcab.club...
  • https://zildd.g2afse.com/click?pid=35&offer_id=3307414
  • http://zildd.g2afse.com/disabled.html
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
offer.alibaba.com
URL
http://offer.alibaba.com/product/w404
Domain
zildd.g2afse.com
URL
https://zildd.g2afse.com/click?pid=35&offer_id=3401902&sub1=NCT_iphone_de_ofid12954639_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat2_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub3=id284819997&sub4=236B7EAE-07FE-4729-86FC-D8EBD6AC880F
Domain
zorkamarket.g2afse.com
URL
https://zorkamarket.g2afse.com/click?pid=860&offer_id=1894903&sub1=61cb629f9524d80001bfc250&sub2=778&sub3=
Domain
appitate.g2afse.com
URL
https://appitate.g2afse.com/click?pid=8530&offer_id=39854&sub1=AmkwH4UAAAF-AnlBNwAAwnQAAACAAAAABQ&sub2=128_67&sub3=&sub3=&sub4=&sub5=
Domain
imagineads.g2afse.com
URL
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
Domain
imagineads.g2afse.com
URL
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
Domain
mookomedia.g2afse.com
URL
https://mookomedia.g2afse.com/click?pid=42&offer_id=239810&sub1=NCT_iphone_de_ofid12608414_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat16_sub4_sub5&sub4=1158301032_225955_funwarcab.club&sub5=id284819997
Domain
offer.alibaba.com
URL
https://offer.alibaba.com/cps/3ba4i0jh?tp1=61cb629f6688f70001789636&pid=868_4850616&adid=
Domain
zildd.g2afse.com
URL
https://zildd.g2afse.com/click?pid=35&offer_id=3307414
Domain
il32.co
URL
https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_z279hyq9646g4k&target=1014949597
Domain
brainadv.trckswrm.com
URL
https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=37&pub_sub_sub_id=1158301032_225955_funwarcab.club&idfa=&gaid=&app=id284819997
Domain
c.allontrk.com
URL
https://c.allontrk.com/click?offer_id=206813&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070671_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat24_sub4_sub5&pub_sub_id=1158301032&pub_sub_sub_id=225955_funwarcab.club&app=id284819997
Domain
c.allontrk.com
URL
https://c.allontrk.com/click?offer_id=178297&pub_id=646&pub_click_id=NCT_iphone_de_ofid13073785_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat28_sub4_sub5&pub_sub_id=1158301032&pub_sub_sub_id=225955_funwarcab.club&app=id284819997
Domain
brainadv.trckswrm.com
URL
https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=1158301032_225955_funwarcab.club&idfa=&gaid=&app=id284819997
Domain
il32.co
URL
https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_z1yvgf022h1f1o&target=571932135
Domain
zildd.g2afse.com
URL
https://zildd.g2afse.com/click?pid=35&offer_id=3428509&sub1=NCT_iphone_de_ofid13063121_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat33_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub3=id284819997&sub4=236B7EAE-07FE-4729-86FC-D8EBD6AC880F
Domain
c.allontrk.com
URL
https://c.allontrk.com/click?offer_id=210796&pub_id=636&pub_click_id=NCT_iphone_de_ofid13078378_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat34_sub4_sub5&pub_sub_id=1158301032&pub_sub_sub_id=225955_funwarcab.club&app=id284819997
Domain
go.g2app.net
URL
https://go.g2app.net/click?pid=647&offer_id=2104158&sub1=61cb629f082f410001836d3b&sub2=652
Domain
c.allontrk.com
URL
https://c.allontrk.com/click?offer_id=185967&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid12835276_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat39_sub4_sub5&pub_sub_id=1158301032&pub_sub_sub_id=225955_funwarcab.club&app=id284819997
Domain
c.allontrk.com
URL
https://c.allontrk.com/click?offer_id=207267&pub_id=646&pub_click_id=NCT_iphone_de_ofid13005099_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat40_sub4_sub5&pub_sub_id=1158301032&pub_sub_sub_id=225955_funwarcab.club&app=id284819997
Domain
zildd.g2afse.com
URL
http://zildd.g2afse.com/disabled.html
Domain
zorkamarket.g2afse.com
URL
http://zorkamarket.g2afse.com/disabled.html
Domain
go.g2app.net
URL
http://go.g2app.net/disabled.html
Domain
mookomedia.g2afse.com
URL
http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106
Domain
clicks.rtad.io
URL
http://clicks.rtad.io/tracking/click?clickid=61cb62a0b8748f0001d46ec0&trafficsource=1373695412&cid=Aks79qgAAAF-AnlCjgAAwnQAAACAAAAABQ&offerid=406166271879162355
Domain
zildd.g2afse.com
URL
http://zildd.g2afse.com/disabled.html

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| urlB64ToUint8Array function| initializeUI function| subscribeUser function| updateSubscriptionOnServer

24 Cookies

Domain/Path Name / Value
ad-experience.g2afse.com/ Name: afclick
Value: 61cb629f1a33cb00010f73b2
ad-experience.g2afse.com/ Name: afoffers
Value: {"598334":1640719007}
nexamob.g2afse.com/ Name: afclick
Value: 61cb629f368a7d0001bd3619
nexamob.g2afse.com/ Name: afoffers
Value: {"254143":1640719007}
zildd.g2afse.com/ Name: afclick
Value: 61cb629fcead3b0001375ebb
zildd.g2afse.com/ Name: afoffers
Value: {"2482829":1640719007,"3307478":1640719007}
cornerstore.go2affise.com/ Name: afclick
Value: 61cb629f0600ed0001e8197d
cornerstore.go2affise.com/ Name: afoffers
Value: {"203159":1640719007}
t.9696.me/ Name: afclick
Value: 61cb629f6688f70001789636
.gotrackier.com/ Name: __cf_bm
Value: LffR7F4bO2_FS6ajfWRbJ8mSLIvjNSt_UH8d.pjmYmA-1640719007-0-Aez2NTgfpB6WEXMWeIbM6XFIhGpYomDaocE5QdoG+cVPo3Qr6TY648Rcy/O18cpZxzwHbRFJKhsXFxaOjefaRMo=
go.g2app.net/ Name: afclick
Value: 61cb629f2f402d0001ab19f6
go.g2app.net/ Name: afoffers
Value: {"2087210":1640719007}
.alibaba.com/ Name: cookie2
Value: afc71b9501ea9e7487084f9c7682b34d
.alibaba.com/ Name: t
Value: c54d30af8d48943589c9563c023de30c
.alibaba.com/ Name: _tb_token_
Value: ed3f5138541e
appscogent.g2afse.com/ Name: afclick
Value: 61cb62a02baecc0001c466b4
appscogent.g2afse.com/ Name: afoffers
Value: {"618957":1640719007,"570238":1640719008}
appitate.g2afse.com/ Name: afoffers
Value: {"39854":1640719008}
allmarketing.g2afse.com/ Name: afclick
Value: 61cb62a0a51fa60001ee2ca1
allmarketing.g2afse.com/ Name: afoffers
Value: {"3147132":1640719008}
mookomedia.g2afse.com/ Name: afclick
Value: 61cb62a0d5903200016880ca
mookomedia.g2afse.com/ Name: afoffers
Value: {"265658":1640719008}
allmarketing.go2affise.com/ Name: afclick
Value: 61cb62a09524d80001bfc367
appitate.g2afse.com/ Name: afclick
Value: 61cb62a0b8748f0001d46ec0

14 Console Messages

Source Level URL
Text
network error URL: https://times25.go2affise.com/click?pid=607&offer_id=93556&sub1=NCT_iphone_de_ofid12622743_pid1032_sub1,_sub2225955_funwarcab.club_sub3ExplorAdsSL2_nat23_sub4_sub5&sub2=1158301032_225955_funwarcab.club&sub5=id284819997
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network error URL: https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=Ah-lSNQAAAF-AnlAFwADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id284819997
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Message:
Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://offer.alibaba.com/product/w404'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Message:
Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://zildd.g2afse.com/disabled.html'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Message:
Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://zorkamarket.g2afse.com/disabled.html'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
security error URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Message:
Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://go.g2app.net/disabled.html'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Message:
Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Message:
Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://clicks.rtad.io/tracking/click?clickid=61cb62a0b8748f0001d46ec0&trafficsource=1373695412&cid=Aks79qgAAAF-AnlCjgAAwnQAAACAAAAABQ&offerid=406166271879162355'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0
Message:
Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_funwarcab.club&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://zildd.g2afse.com/disabled.html'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-experience.g2afse.com
apnp.trckswrm.com
app.appsflyer.com
appitate.g2afse.com
apply.trckswrm.com
apps.apple.com
apts.trckswrm.com
brainadv.trckswrm.com
c.allontrk.com
click.expmediadirect1.com
clicks.rtad.io
cornerstore.go2affise.com
cpi-offers.com
digitalfuture.g2afse.com
direct2.knmasdfsdgs.com
funwarcab.club
go.g2app.net
il32.co
imagineads.g2afse.com
md412.trckswrm.com
mookomedia.g2afse.com
nexamob.g2afse.com
offer.alibaba.com
olamob.g2afse.com
settleads.gotrackier.com
thingortwo.g2afse.com
times25.go2affise.com
trafficred.g2afse.com
trk.ad-serving-ads.com
trk.bidrivo.com
www.google.com
zainzuri.com
zildd.g2afse.com
zorkamarket.g2afse.com
appitate.g2afse.com
brainadv.trckswrm.com
c.allontrk.com
clicks.rtad.io
go.g2app.net
il32.co
imagineads.g2afse.com
mookomedia.g2afse.com
offer.alibaba.com
zildd.g2afse.com
zorkamarket.g2afse.com
116.202.135.114
148.251.132.216
172.67.166.138
185.33.87.146
188.40.120.131
198.134.116.30
212.7.209.73
213.227.134.198
213.227.134.234
213.227.135.209
213.227.135.213
213.227.135.231
213.227.156.193
213.227.156.21
2606:4700:10::6816:2356
2606:4700:3036::ac43:d372
2607:fad0:3801:4::1
2a00:1450:4001:80e::2004
2a02:26f0:6c00:288::2a1
3.224.8.153
35.156.4.247
52.222.236.18
1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6
200053044a5f7e9edd2dd16eb29b6928fadb1cb6378a0bed0f8b6c4916261530
281fe7a46eb848a3c027a96f65e98fcabe98dbc46eee16d84dc08f7f04e3de4a
3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1
cc805b0027618a48c1404b57734d5854d330a10a41a2839f1b81fb4f46430992
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855