cpi-offers.com Open in urlscan Pro
35.157.81.48 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://capitalonewest.com/
Effective URL:
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&in...
Submission: On December 26 via api (December 26th 2021, 9:01:13 am UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 19 domains to perform 49 HTTP transactions. The main IP is 35.157.81.48, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com.
TLS certificate: Issued by Amazon on October 26th 2021. Valid for: a year.

This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2607:fad0:380... 2607:fad0:3801:4::1	32244 (LIQUIDWEB) (LIQUIDWEB)
1 1	198.134.116.30 198.134.116.30	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
3 6	35.157.81.48 35.157.81.48	16509 (AMAZON-02) (AMAZON-02)
13	5.9.6.203 5.9.6.203	24940 (HETZNER-AS) (HETZNER-AS)
2	185.33.87.146 185.33.87.146	202015 (HZ-US-AS) (HZ-US-AS)
3 3	213.227.134.236 213.227.134.236	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	116.202.243.43 116.202.243.43	24940 (HETZNER-AS) (HETZNER-AS)
1	35.244.146.9 35.244.146.9	15169 (GOOGLE) (GOOGLE)
1 3	213.227.134.200 213.227.134.200	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	212.7.209.73 212.7.209.73	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2a02:26f0:6c0... 2a02:26f0:6c00:281::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	213.227.135.233 213.227.135.233	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.227.135.207 213.227.135.207	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.156.19 213.227.156.19	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.134.202 213.227.134.202	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.227.134.204 213.227.134.204	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.227.135.213 213.227.135.213	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2600:9000:215... 2600:9000:2156:4a00:c:cc88:5b00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.171.97.125 35.171.97.125	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.244.190.228 35.244.190.228	15169 (GOOGLE) (GOOGLE)
1 1	5.9.6.124 5.9.6.124	24940 (HETZNER-AS) (HETZNER-AS)
1	107.22.111.237 107.22.111.237	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.21.66.249 104.21.66.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
49	13

2 2607:fad0:3801:4::1 (United States)

ASN32244 (LIQUIDWEB, US)

capitalonewest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.134.116.30 (Grapevine, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

click.expmediadirect1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.157.81.48 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-81-48.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 5.9.6.203 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.203.6.9.5.clients.your-server.de

apply.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apts.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.87.146 (Ashburn, United States)

ASN202015 (HZ-US-AS, BG)

direct2.knmasdfsdgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.134.236 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

brainadv.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
digitalfuture.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.202.243.43 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.43.243.202.116.clients.your-server.de

brainadv.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.146.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.146.244.35.bc.googleusercontent.com

click.spinnx.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.134.200 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

apply.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
allmarketing.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.7.209.73 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

thingortwo.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:281::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

apps.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.135.233 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appscogent.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.135.207 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

mookomedia.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.156.19 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

allmarketing.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
appad.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.134.202 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ccapi.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.134.204 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ad2click.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.135.213 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

kraken.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:4a00:c:cc88:5b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.gamezop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.97.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-97-125.compute-1.amazonaws.com

trk.games-to-run123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.190.228 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 228.190.244.35.bc.googleusercontent.com

click.appmultiple.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.9.6.124 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.124.6.9.5.clients.your-server.de

advdgt.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.111.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-111-237.compute-1.amazonaws.com

trk.ad-serving-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.66.249 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zainzuri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	trckswrm.com 1 redirects apply.trckswrm.com brainadv.trckswrm.com apts.trckswrm.com advdgt.trckswrm.com	1 KB
14	g2afse.com imagineads.g2afse.com Failed brainadv.g2afse.com apply.g2afse.com appitate.g2afse.com Failed thingortwo.g2afse.com appscogent.g2afse.com mookomedia.g2afse.com allmarketing.g2afse.com ccapi.g2afse.com ad2click.g2afse.com kraken.g2afse.com appad.g2afse.com digitalfuture.g2afse.com zildd.g2afse.com Failed	2 KB
6	cpi-offers.com 3 redirects cpi-offers.com	4 KB
2	apple.com apps.apple.com
2	knmasdfsdgs.com direct2.knmasdfsdgs.com	276 B
2	capitalonewest.com capitalonewest.com	3 KB
1	google.com www.google.com
1	zainzuri.com 1 redirects zainzuri.com	554 B
1	ad-serving-ads.com trk.ad-serving-ads.com
1	appmultiple.net 1 redirects click.appmultiple.net	135 B
1	games-to-run123.com trk.games-to-run123.com
1	gamezop.com www.gamezop.com
1	go2affise.com 1 redirects allmarketing.go2affise.com	190 B
1	spinnx.co click.spinnx.co	171 B
1	expmediadirect1.com 1 redirects click.expmediadirect1.com	274 B
0	g2app.net Failed go.g2app.net Failed
0	appsdeku.com Failed 9h6ha0y.appsdeku.com Failed
0	il32.co Failed il32.co Failed
0	allontrk.com Failed c.allontrk.com Failed
49	19

	Domain	Requested by
11	apts.trckswrm.com	cpi-offers.com
6	cpi-offers.com	3 redirects capitalonewest.com cpi-offers.com
2	ccapi.g2afse.com	2 redirects cpi-offers.com
2	apps.apple.com	cpi-offers.com
2	apply.g2afse.com	cpi-offers.com
2	brainadv.trckswrm.com	cpi-offers.com
2	brainadv.g2afse.com	2 redirects
2	direct2.knmasdfsdgs.com	cpi-offers.com
2	apply.trckswrm.com	cpi-offers.com
2	capitalonewest.com	capitalonewest.com
1	www.google.com	cpi-offers.com
1	zainzuri.com	1 redirects
1	trk.ad-serving-ads.com	cpi-offers.com
1	advdgt.trckswrm.com	1 redirects
1	click.appmultiple.net	1 redirects
1	trk.games-to-run123.com	cpi-offers.com
1	digitalfuture.g2afse.com	1 redirects
1	appad.g2afse.com	1 redirects
1	www.gamezop.com	cpi-offers.com
1	kraken.g2afse.com	1 redirects
1	ad2click.g2afse.com	1 redirects
1	allmarketing.go2affise.com	1 redirects
1	allmarketing.g2afse.com	1 redirects
1	mookomedia.g2afse.com	1 redirects cpi-offers.com
1	appscogent.g2afse.com	1 redirects
1	thingortwo.g2afse.com	1 redirects
1	click.spinnx.co	cpi-offers.com
1	click.expmediadirect1.com	1 redirects
0	zildd.g2afse.com Failed	cpi-offers.com
0	go.g2app.net Failed	cpi-offers.com
0	9h6ha0y.appsdeku.com Failed	cpi-offers.com
0	il32.co Failed	cpi-offers.com
0	appitate.g2afse.com Failed	cpi-offers.com
0	c.allontrk.com Failed	cpi-offers.com
0	imagineads.g2afse.com Failed	cpi-offers.com
49	35

This site contains no links.

Subject Issuer	Validity	Valid
cpi-offers.com Amazon	`2021-10-26` - `2022-11-23`	a year	crt.sh
apply.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2021-12-16` - `2022-03-16`	3 months	crt.sh
*.knmasdfsdgs.com Go Daddy Secure Certificate Authority - G2	`2021-07-14` - `2022-08-15`	a year	crt.sh
apts.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2021-12-16` - `2022-03-16`	3 months	crt.sh
click.spinnx.co GTS CA 1D4	`2021-12-18` - `2022-03-18`	3 months	crt.sh
*.go2affise.com Go Daddy Secure Certificate Authority - G2	`2021-10-09` - `2022-11-10`	a year	crt.sh
trk.games-to-run123.com Amazon	`2021-10-07` - `2022-11-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0
Frame ID: F0E06D34E1FF2C2BE1E69CBBE92BBBDD
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://capitalonewest.com/ Page URL
http://capitalonewest.com/page/bouncy.php?&bpae=GbhGd70mYk1%2Fj3NU5oUUEDZgGy%2BLoDEEBgouPEUozHrPteV4q%... Page URL
http://click.expmediadirect1.com/click?i=CbsEyhP8Fls_0 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewes... Page URL

Page Statistics

49
Requests

37 %
HTTPS

17 %
IPv6

19
Domains

35
Subdomains

13
IPs

4
Countries

8 kB
Transfer

17 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://capitalonewest.com/ Page URL
http://capitalonewest.com/page/bouncy.php?&bpae=GbhGd70mYk1%2Fj3NU5oUUEDZgGy%2BLoDEEBgouPEUozHrPteV4q%2Fmz250T%2BCD64xK8OgJWZv59b%2BMM7PVeVHwVIxiWAutseilQ7mwc4upHcnIbOdtuV3WHvPsJ%2BtYWIIKcZBopRaum8YDqfWSEN5L11Xryv5r3Iv%2FBChAV3qDeN74kmrzOHYviD65ScT89Id2v9DEteSBgDwwqc%2FAIEEoWI6L%2BWdlOX%2FSLTzP%2BB4G72I3gcLvkpj9Vs68f0KDo2%2Byg4ypSpHEH8mDm8K1wMUxhCABSkj5I2UYkJu7myLXF4M%2F9z0M0KWJ01yE9%2BfUcUcqsedp6F0mJBspywJ%2FPEm6VAOUzcvVPX4wicGCMWwm8GR%2BkVuCHVhC87aCNDmfwhsk4uKOYx9ng9zrYojei8OWPy3Zq3eoR87fgr%2B%2Bl5Ijc%2FWragJsitZ7BOA%3D%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
http://click.expmediadirect1.com/click?i=CbsEyhP8Fls_0 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=1032&offer_id=12789778&sub1=,&sub2=225955_capitalonewest.com&sub3=ExplorAdsSL2_nat4&sub4=4BB1C34C-5339-46B6-B266-DDDF1B5124E6&sub5=id445338486&sub6=970090 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=4047&sub1=NCT_iphone_de_ofid12414015_pid616_sub1_sub2_sub3TbLabq_nat15_sub4_sub5&sub2=970090616_&sub4=id1407852246&sub5=id1407852246 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=4047 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987

Request Chain 7

https://brainadv.g2afse.com/click?pid=3&offer_id=386772&sub3=NCT_iphone_de_ofid10340661_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat5_sub4_sub5&sub1=9700901032_225955_capitalonewest.com&sub2=id445338486 HTTP 302
https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=9700901032_225955_capitalonewest.com&idfa=&gaid=&app=id445338486

Request Chain 12

https://adjar.gotrackier.com/click?campaign_id=1404&pub_id=104&p1=NCT_iphone_de_ofid11568078_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat10_sub4_sub5&source=9700901032_225955_capitalonewest.com&app_name=id445338486 HTTP 302
https://appitate.g2afse.com/click?pid=7789&offer_id=%20884020&sub161c82f3b23d885033f9fb70e&sub2=104_9700901032_225955_capitalonewest.com&sub3=&sub5=id445338486

Request Chain 14

https://thingortwo.g2afse.com/click?pid=75&offer_id=44283&sub1=NCT_iphone_de_ofid12917944_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat12_sub4_sub5&sub2=75_48501032&sub3=225955_capitalonewest.com&sub4=id445338486 HTTP 302
https://apps.apple.com/de/app/id1502397711

Request Chain 16

https://imagineads.g2afse.com/click?pid=38&offer_id=3909&sub1=NCT_iphone_de_ofid12650377_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat14_sub4_sub5&sub2=9700901032_225955_capitalonewest.com&sub4=id445338486&sub5=id445338486 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=3909 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987

Request Chain 17

https://zildd.g2afse.com/click?pid=35&offer_id=3307478&sub1=NCT_iphone_de_ofid12900132_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat15_sub4_sub5&sub2=9700901032_225955_capitalonewest.com&sub3=id445338486 HTTP 302
https://ila3.co/o/213838?p=3&aff_clickid=61c82f3be27a9f0001fde37d&sub2=9700901032_225955_capitalonewest.com&sub1=35_9700901032_225955_capitalonewest.com&app_name=id445338486&idfa=&gaid= HTTP 302
https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_zxa9uk8do49r0&target=571932135

Request Chain 18

https://imagineads.g2afse.com/click?pid=38&offer_id=7085&sub1=NCT_iphone_de_ofid13034752_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat16_sub4_sub5&sub2=9700901032_225955_capitalonewest.com&sub4=id445338486&sub5=id445338486 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7085 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987

Request Chain 19

https://appscogent.g2afse.com/click?pid=27&offer_id=616314&sub1=NCT_iphone_de_ofid13078942_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat17_sub4_sub5&sub2=9700901032_225955_capitalonewest.com&sub3=4BB1C34C-5339-46B6-B266-DDDF1B5124E6&sub4=4BB1C34C-5339-46B6-B266-DDDF1B5124E6&sub5=id445338486 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1011&cid=&sid=27_9700901032_225955_capitalonewest.com&udid=&name=&info=AppscogentSL&blockTime=0 HTTP 302
https://mookomedia.g2afse.com/click?pid=42&offer_id=223809&sub1=NCT_iphone_de_ofid12424934_pid616_sub1_sub227_9700901032_225955_capitalonewest.com_sub3AppscogentSL_nat11_sub4_sub5&sub4=970090616_27_9700901032_225955_capitalonewest.com&sub5=id352509417 HTTP 302
https://allmarketing.g2afse.com/click?pid=779&offer_id=4627350&sub1=61c82f3bd5b6960001fc8d56&sub2=42_970090616_27_9700901032_225955_capitalonewest.com&sub3=_&sub4=id352509417 HTTP 302
https://allmarketing.go2affise.com/sl?id=5f7bffbd1a6e4b187922525f&pid=652&sub1= HTTP 302
https://ccapi.g2afse.com/click?pid=255&offer_id=2716185 HTTP 302
https://ccapi.g2afse.com/sl?id=60c9cc5a0b35baea928aa34d&pid=2&sub1=2716185&sub2=255__ HTTP 302
https://ad2click.g2afse.com/click?pid=543&offer_id=183015&sub2=61c82f3b6adf6d00019bb137&sub1=2_255___&sub5=&sub5=&sub4=&sub3= HTTP 302
https://kraken.g2afse.com/click?pid=36&offer_id=171403&sub1=61c82f3bd271510001e39e80&sub2=543_2_255___&sub3=&sub4=&sub5= HTTP 302
https://www.gamezop.com/g/r1zG1h6m90H?id=rh1jUBoJS

Request Chain 20

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1586966&sub1=NCT_iphone_de_ofid12686706_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat18_sub4_sub5&sub2=9700901032_225955_capitalonewest.com&sub5=id445338486 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://zildd.g2afse.com/click?pid=35&offer_id=3307485&sub1=NCT_iphone_de_ofid12900134_pid616_sub1_sub22_sub3ElishaSL_nat14_sub4_sub5&sub2=970090616_2&sub3=id1452992954 HTTP 302
https://ila3.co/o/213840?p=3&aff_clickid=61c82f3baf8fd10001325c22&sub2=970090616_2&sub1=35_970090616_2&app_name=id1452992954&idfa=&gaid= HTTP 302
https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_zpry1kpa29bqr&target=534506974

Request Chain 25

https://mookomedia.g2afse.com/click?pid=42&offer_id=260470&sub1=NCT_iphone_de_ofid12699274_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat23_sub4_sub5&sub4=9700901032_225955_capitalonewest.com&sub5=id445338486 HTTP 302
https://9h6ha0y.appsdeku.com/9h6ha0y?p=42_9700901032_225955_capitalonewest.com&sid=61c82f3b8c109500012a8dfb&android_id=&android_a_id=&idfa=&app_id=id445338486&param1=

Request Chain 29

https://appad.g2afse.com/click?pid=33&offer_id=398417&sub1=NCT_iphone_de_ofid13077921_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat27_sub4_sub5&sub2=9700901032_225955_capitalonewest.com&sub7=id445338486 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=947&cid=&sid=33&udid=&name=&info=appadppre&blockTime=0 HTTP 302
https://apts.trckswrm.com/click?offer_id=194182&pub_id=9&pub_click_id=NCT_iphone_de_ofid13082212_pid616_sub1_sub233_sub3appadppre_nat13_sub4_sub5&pub_sub_id=970090616&pub_sub_sub_id=33&app=id593715088

Request Chain 30

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1693649&sub1=NCT_iphone_de_ofid12782622_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat28_sub4_sub5&sub2=9700901032_225955_capitalonewest.com&sub5=id445338486 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://apts.trckswrm.com/click?offer_id=31826&pub_id=10&pub_click_id=NCT_iphone_de_ofid10123174_pid616_sub1_sub22_sub3ElishaSL_nat11_sub4_sub5&pub_sub_id=970090616&pub_sub_sub_id=2&app=id1132762804

Request Chain 34

https://mookomedia.g2afse.com/click?pid=42&offer_id=230439&sub1=NCT_iphone_de_ofid12421807_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat32_sub4_sub5&sub4=9700901032_225955_capitalonewest.com&sub3=4BB1C34C-5339-46B6-B266-DDDF1B5124E6&sub2=4BB1C34C-5339-46B6-B266-DDDF1B5124E6&sub5=id445338486 HTTP 302
https://allmarketing.g2afse.com/click?pid=779&offer_id=4685778&sub1=61c82f3b116f52000128f4f5&sub2=42_9700901032_225955_capitalonewest.com&sub3=4BB1C34C-5339-46B6-B266-DDDF1B5124E6_4BB1C34C-5339-46B6-B266-DDDF1B5124E6&sub4=id445338486 HTTP 302
https://allmarketing.go2affise.com/sl?id=5f7bffbd1a6e4b187922525f&pid=652&sub1= HTTP 302
https://go.g2app.net/click?pid=647&offer_id=2102021&sub1=61c82f3b198d130001511ac8&sub2=652

Request Chain 35

https://click.appmultiple.net/tracking/click?clickid=NCT_iphone_de_ofid12666131_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat33_sub4_sub5&trafficsource=1373692397&offerid=438613043419915485&pub_subid=9700901032_225955_capitalonewest.com&sub_placement=id445338486 HTTP 302
https://apps.apple.com/de/app/bildbet-sportwetten-online/id1540715900?uo=4

Request Chain 37

https://brainadv.g2afse.com/click?pid=37&offer_id=667661&sub1=9700901032_225955_capitalonewest.com&sub2=id445338486&sub3=NCT_iphone_de_ofid13082699_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat35_sub4_sub5 HTTP 302
https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=37&pub_sub_sub_id=9700901032_225955_capitalonewest.com&idfa=&gaid=&app=id445338486

Request Chain 38

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1680188&sub1=NCT_iphone_de_ofid12752843_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat36_sub4_sub5&sub2=9700901032_225955_capitalonewest.com&sub5=id445338486 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://zildd.g2afse.com/click?pid=35&offer_id=3307485&sub1=NCT_iphone_de_ofid12900134_pid616_sub1_sub22_sub3ElishaSL_nat14_sub4_sub5&sub2=970090616_2&sub3=id486154808 HTTP 302
https://ila3.co/o/213840?p=3&aff_clickid=61c82f3b80e0b0000110ee80&sub2=970090616_2&sub1=35_970090616_2&app_name=id486154808&idfa=&gaid= HTTP 302
https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_zpry1kpa29bqr&target=534506974

Request Chain 40

https://advdgt.trckswrm.com/click?offer_id=233863&pub_id=7&pub_click_id=NCT_iphone_de_ofid12723270_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat38_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&app=id445338486 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_9700901032&creativeid=POP&category=01

Request Chain 42

https://mookomedia.g2afse.com/click?pid=42&offer_id=219680&sub1=NCT_iphone_de_ofid12425347_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat40_sub4_sub5&sub4=9700901032_225955_capitalonewest.com&sub5=id445338486 HTTP 302
https://allmarketing.g2afse.com/click?pid=779&offer_id=4686074&sub1=61c82f3b408142000183b4b4&sub2=42_9700901032_225955_capitalonewest.com&sub3=_&sub4=id445338486 HTTP 302
https://allmarketing.go2affise.com/sl?id=5f7bffbd1a6e4b187922525f&pid=652&sub1= HTTP 302
https://ccapi.g2afse.com/click?pid=255&offer_id=2705880

Request Chain 43

https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
https://www.google.com/

Request Chain 45

https://c.allontrk.com/click?offer_id=198349&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid12920196_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat6_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&app=id445338486 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 47

https://adjar.gotrackier.com/click?campaign_id=1404&pub_id=104&p1=NCT_iphone_de_ofid11568078_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat10_sub4_sub5&source=9700901032_225955_capitalonewest.com&app_name=id445338486 HTTP 302
https://appitate.g2afse.com/click?pid=7789&offer_id=%20884020&sub161c82f3c249c150343fce632&sub2=104_9700901032_225955_capitalonewest.com&sub3=&sub5=id445338486 HTTP 0
http://appitate.g2afse.com/disabled.html

49 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ capitalonewest.com/	2 KB 2 KB	708ms 597ms	Document text/html	2607:fad0:3801:4::1 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL http://capitalonewest.com/ Protocol HTTP/1.1 Server 2607:fad0:3801:4::1 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Sun, 26 Dec 2021 09:00:42 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 X-Powered-By PHP/5.4.16 Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	bouncy.php capitalonewest.com/page/	688 B 973 B	358ms 138ms	Document text/html	2607:fad0:3801:4::1 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL http://capitalonewest.com/page/bouncy.php?&bpae=GbhGd70mYk1%2Fj3NU5oUUEDZgGy%2BLoDEEBgouPEUozHrPteV4q%2Fmz250T%2BCD64xK8OgJWZv59b%2BMM7PVeVHwVIxiWAutseilQ7mwc4upHcnIbOdtuV3WHvPsJ%2BtYWIIKcZBopRaum8YDqfWSEN5L11Xryv5r3Iv%2FBChAV3qDeN74kmrzOHYviD65ScT89Id2v9DEteSBgDwwqc%2FAIEEoWI6L%2BWdlOX%2FSLTzP%2BB4G72I3gcLvkpj9Vs68f0KDo2%2Byg4ypSpHEH8mDm8K1wMUxhCABSkj5I2UYkJu7myLXF4M%2F9z0M0KWJ01yE9%2BfUcUcqsedp6F0mJBspywJ%2FPEm6VAOUzcvVPX4wicGCMWwm8GR%2BkVuCHVhC87aCNDmfwhsk4uKOYx9ng9zrYojei8OWPy3Zq3eoR87fgr%2B%2Bl5Ijc%2FWragJsitZ7BOA%3D%3D&redirectType=js&inIframe=false&inPopUp=false Requested by Host: capitalonewest.com URL: http://capitalonewest.com/ Protocol HTTP/1.1 Server 2607:fad0:3801:4::1 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://capitalonewest.com/ Response headers Date Sun, 26 Dec 2021 09:00:43 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 X-Powered-By PHP/5.4.16 Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	Primary Request fantastic.html Show response cpi-offers.com/ Redirect Chain http://click.expmediadirect1.com/click?i=CbsEyhP8Fls_0 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0	11 KB 2 KB	35ms 12ms	Document text/html	35.157.81.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Requested by Host: capitalonewest.com URL: http://capitalonewest.com/page/bouncy.php?&bpae=GbhGd70mYk1%2Fj3NU5oUUEDZgGy%2BLoDEEBgouPEUozHrPteV4q%2Fmz250T%2BCD64xK8OgJWZv59b%2BMM7PVeVHwVIxiWAutseilQ7mwc4upHcnIbOdtuV3WHvPsJ%2BtYWIIKcZBopRaum8YDqfWSEN5L11Xryv5r3Iv%2FBChAV3qDeN74kmrzOHYviD65ScT89Id2v9DEteSBgDwwqc%2FAIEEoWI6L%2BWdlOX%2FSLTzP%2BB4G72I3gcLvkpj9Vs68f0KDo2%2Byg4ypSpHEH8mDm8K1wMUxhCABSkj5I2UYkJu7myLXF4M%2F9z0M0KWJ01yE9%2BfUcUcqsedp6F0mJBspywJ%2FPEm6VAOUzcvVPX4wicGCMWwm8GR%2BkVuCHVhC87aCNDmfwhsk4uKOYx9ng9zrYojei8OWPy3Zq3eoR87fgr%2B%2Bl5Ijc%2FWragJsitZ7BOA%3D%3D&redirectType=js&inIframe=false&inPopUp=false Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.81.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-81-48.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `0729d883fb5cb20ff33e278ec21e0ad32c46b7a2571a99633f6032c0f73723f8` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://capitalonewest.com/page/bouncy.php?&bpae=GbhGd70mYk1%2Fj3NU5oUUEDZgGy%2BLoDEEBgouPEUozHrPteV4q%2Fmz250T%2BCD64xK8OgJWZv59b%2BMM7PVeVHwVIxiWAutseilQ7mwc4upHcnIbOdtuV3WHvPsJ%2BtYWIIKcZBopRaum8YDqfWSEN5L11Xryv5r3Iv%2FBChAV3qDeN74kmrzOHYviD65ScT89Id2v9DEteSBgDwwqc%2FAIEEoWI6L%2BWdlOX%2FSLTzP%2BB4G72I3gcLvkpj9Vs68f0KDo2%2Byg4ypSpHEH8mDm8K1wMUxhCABSkj5I2UYkJu7myLXF4M%2F9z0M0KWJ01yE9%2BfUcUcqsedp6F0mJBspywJ%2FPEm6VAOUzcvVPX4wicGCMWwm8GR%2BkVuCHVhC87aCNDmfwhsk4uKOYx9ng9zrYojei8OWPy3Zq3eoR87fgr%2B%2Bl5Ijc%2FWragJsitZ7BOA%3D%3D&redirectType=js&inIframe=false&inPopUp=false Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-type text/html; charset=utf-8 server nginx/1.14.1 x-powered-by Express access-control-allow-origin * etag W/"2d66-dsda5Jzwt7HNVx+Ahh+N6ZPi5jY" vary Accept-Encoding content-encoding gzip Redirect headers Cache-Control no-store Content-Length 0 Age 0 Connection keep-alive Location https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Pragma no-cache
GET H2	200	main.js Show response cpi-offers.com/jsf/	3 KB 1 KB	9ms 9ms	Script application/javascript	35.157.81.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/jsf/main.js Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.81.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-81-48.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-encoding gzip etag "292297-2720-1638443004000" last-modified Thu, 02 Dec 2021 11:03:24 GMT server nginx/1.14.1 x-powered-by Express vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=3600
GET H/1.1	200 OK	click apply.trckswrm.com/	0 75 B	59ms 11ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apply.trckswrm.com/click?offer_id=1359&pub_id=29&pub_click_id=NCT_iphone_de_ofid12586969_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat1_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&app=id445338486 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 0
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	569ms 346ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=9700901032&q= Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sun, 26 Dec 2021 09:00:43 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	637ms 414ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=9700901032&q= Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sun, 26 Dec 2021 09:00:43 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET		click imagineads.g2afse.com/ Redirect Chain https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=1032&offer_id=12789778&sub1=,&sub2=225955_capitalonewest.com&sub3=ExplorAdsSL2_nat4&sub4=4BB1C34C-5339-46B6-B266-DDDF1B5124E6&sub5=id445338486&... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://imagineads.g2afse.com/click?pid=59&offer_id=4047&sub1=NCT_iphone_de_ofid12414015_pid616_sub1_sub2_sub3TbLabq_nat15_sub4_sub5&sub2=970090616_&sub4=id1407852246&sub5=id1407852246 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=4047 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987	0 0

GET H/1.1	200 OK	recommendation brainadv.trckswrm.com/ Redirect Chain https://brainadv.g2afse.com/click?pid=3&offer_id=386772&sub3=NCT_iphone_de_ofid10340661_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat5_sub4_sub5&sub1=9700901032_225955_capitalone... https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=9700901032_225955_capitalonewest.com&idfa=&gaid=&app=id445338486	0 75 B	45ms 12ms	Stylesheet text/plain	116.202.243.43 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=9700901032_225955_capitalonewest.com&idfa=&gaid=&app=id445338486 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Server 116.202.243.43 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.43.243.202.116.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 0 Redirect headers location https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=9700901032_225955_capitalonewest.com&idfa=&gaid=&app=id445338486 date Sun, 26 Dec 2021 09:00:43 GMT server nginx access-control-allow-origin * content-length 0
GET		click c.allontrk.com/	0 0

GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	60ms 12ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=607940&pub_id=10&pub_click_id=NCT_iphone_de_ofid12923347_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat7_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&gaid=4BB1C34C-5339-46B6-B266-DDDF1B5124E6&idfa=4BB1C34C-5339-46B6-B266-DDDF1B5124E6&app=id445338486 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 0
GET H2	200	click click.spinnx.co/tracking/	38 B 171 B	487ms 443ms	Stylesheet text/html	35.244.146.9 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://click.spinnx.co/tracking/click?clickid=NCT_iphone_de_ofid12703643_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat8_sub4_sub5&trafficsource=1373692397&offerid=438790820437805655&pub_subid=9700901032_225955_capitalonewest.com&sub_placement=id445338486 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.146.9 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 9.146.244.35.bc.googleusercontent.com Software / Express Resource Hash `52f9fdd3c4077c13e78ac5453347a79f5c2f18a5fec199a36052d19946d6e61c` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT via 1.1 google alt-svc clear x-powered-by Express etag W/"26-1e24f617" content-length 38 content-type text/html; charset=utf-8
GET H2	404	click apply.g2afse.com/	0 0	59ms 13ms	Stylesheet text/html	213.227.134.200 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apply.g2afse.com/click?pid=3&offer_id=262112&sub1=NCT_iphone_de_ofid11601779_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat9_sub4_sub5&sub4=id445338486&sub2=9700901032_225955_capitalonewest.com Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.134.200 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers
GET		click appitate.g2afse.com/ Redirect Chain https://adjar.gotrackier.com/click?campaign_id=1404&pub_id=104&p1=NCT_iphone_de_ofid11568078_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat10_sub4_sub5&source=9700901032_225955_ca... https://appitate.g2afse.com/click?pid=7789&offer_id=%20884020&sub161c82f3b23d885033f9fb70e&sub2=104_9700901032_225955_capitalonewest.com&sub3=&sub5=id445338486	0 0

GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	60ms 12ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=31826&pub_id=10&pub_click_id=NCT_iphone_de_ofid10123174_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat11_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&app=id445338486 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 0
GET H2	200	id1502397711 apps.apple.com/de/app/ Redirect Chain https://thingortwo.g2afse.com/click?pid=75&offer_id=44283&sub1=NCT_iphone_de_ofid12917944_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat12_sub4_sub5&sub2=75_48501032&sub3=225955_c... https://apps.apple.com/de/app/id1502397711	0 0	73ms 17ms	Stylesheet text/html	2a02:26f0:6c00:281::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/de/app/id1502397711 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Server 2a02:26f0:6c00:281::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Redirect headers location https://apps.apple.com/de/app/id1502397711 date Sun, 26 Dec 2021 09:00:43 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	59ms 12ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=494786&pub_id=10&pub_click_id=NCT_iphone_de_ofid12606153_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat13_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&app=id445338486 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 0
GET		click imagineads.g2afse.com/ Redirect Chain https://imagineads.g2afse.com/click?pid=38&offer_id=3909&sub1=NCT_iphone_de_ofid12650377_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat14_sub4_sub5&sub2=9700901032_225955_capitalo... https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=3909 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987	0 0

GET		ps il32.co/ Redirect Chain https://zildd.g2afse.com/click?pid=35&offer_id=3307478&sub1=NCT_iphone_de_ofid12900132_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat15_sub4_sub5&sub2=9700901032_225955_capitalone... https://ila3.co/o/213838?p=3&aff_clickid=61c82f3be27a9f0001fde37d&sub2=9700901032_225955_capitalonewest.com&sub1=35_9700901032_225955_capitalonewest.com&app_name=id445338486&idfa=&gaid= https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_zxa9uk8do49r0&target=571932135	0 0

GET		click imagineads.g2afse.com/ Redirect Chain https://imagineads.g2afse.com/click?pid=38&offer_id=7085&sub1=NCT_iphone_de_ofid13034752_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat16_sub4_sub5&sub2=9700901032_225955_capitalo... https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7085 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987	0 0

GET H2	200	r1zG1h6m90H www.gamezop.com/g/ Redirect Chain https://appscogent.g2afse.com/click?pid=27&offer_id=616314&sub1=NCT_iphone_de_ofid13078942_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat17_sub4_sub5&sub2=9700901032_225955_capita... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1011&cid=&sid=27_9700901032_225955_capitalonewest.com&udid=&name=&info=AppscogentSL&blockTime=0 https://mookomedia.g2afse.com/click?pid=42&offer_id=223809&sub1=NCT_iphone_de_ofid12424934_pid616_sub1_sub227_9700901032_225955_capitalonewest.com_sub3AppscogentSL_nat11_sub4_sub5&sub4=970090616_27... https://allmarketing.g2afse.com/click?pid=779&offer_id=4627350&sub1=61c82f3bd5b6960001fc8d56&sub2=42_970090616_27_9700901032_225955_capitalonewest.com&sub3=_&sub4=id352509417 https://allmarketing.go2affise.com/sl?id=5f7bffbd1a6e4b187922525f&pid=652&sub1= https://ccapi.g2afse.com/click?pid=255&offer_id=2716185 https://ccapi.g2afse.com/sl?id=60c9cc5a0b35baea928aa34d&pid=2&sub1=2716185&sub2=255__ https://ad2click.g2afse.com/click?pid=543&offer_id=183015&sub2=61c82f3b6adf6d00019bb137&sub1=2_255___&sub5=&sub5=&sub4=&sub3= https://kraken.g2afse.com/click?pid=36&offer_id=171403&sub1=61c82f3bd271510001e39e80&sub2=543_2_255___&sub3=&sub4=&sub5= https://www.gamezop.com/g/r1zG1h6m90H?id=rh1jUBoJS	0 0	644ms 601ms	Stylesheet text/html	2600:9000:2156:4a00:c:cc88:5b00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gamezop.com/g/r1zG1h6m90H?id=rh1jUBoJS Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Server 2600:9000:2156:4a00:c:cc88:5b00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Redirect headers location https://www.gamezop.com/g/r1zG1h6m90H?id=rh1jUBoJS date Sun, 26 Dec 2021 09:00:43 GMT server nginx access-control-allow-origin * content-length 0
GET		ps il32.co/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=1586966&sub1=NCT_iphone_de_ofid12686706_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat18_sub4_sub5&sub2=9700901032_225955_cap... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://zildd.g2afse.com/click?pid=35&offer_id=3307485&sub1=NCT_iphone_de_ofid12900134_pid616_sub1_sub22_sub3ElishaSL_nat14_sub4_sub5&sub2=970090616_2&sub3=id1452992954 https://ila3.co/o/213840?p=3&aff_clickid=61c82f3baf8fd10001325c22&sub2=970090616_2&sub1=35_970090616_2&app_name=id1452992954&idfa=&gaid= https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_zpry1kpa29bqr&target=534506974	0 0

GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	59ms 11ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=588482&pub_id=10&pub_click_id=NCT_iphone_de_ofid12890190_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat19_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&app=id445338486 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	59ms 12ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=106075&pub_id=9&pub_click_id=NCT_iphone_de_ofid10740754_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat20_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&app=id445338486 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 0
GET H/1.1	200 OK	click apply.trckswrm.com/	0 75 B	54ms 12ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apply.trckswrm.com/click?offer_id=19034&pub_id=29&pub_click_id=NCT_iphone_de_ofid12738041_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat21_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&app=id445338486 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	59ms 12ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=313108&pub_id=10&pub_click_id=NCT_iphone_de_ofid11723954_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat22_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&app=id445338486 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 0
GET		9h6ha0y 9h6ha0y.appsdeku.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=260470&sub1=NCT_iphone_de_ofid12699274_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat23_sub4_sub5&sub4=9700901032_225955_capita... https://9h6ha0y.appsdeku.com/9h6ha0y?p=42_9700901032_225955_capitalonewest.com&sid=61c82f3b8c109500012a8dfb&android_id=&android_a_id=&idfa=&app_id=id445338486&param1=	0 0

GET		click c.allontrk.com/	0 0

GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	69ms 11ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=291783&pub_id=10&pub_click_id=NCT_iphone_de_ofid11759855_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat25_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&app=id445338486 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	69ms 12ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=556173&pub_id=10&pub_click_id=NCT_iphone_de_ofid12949431_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat26_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&app=id445338486 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/ Redirect Chain https://appad.g2afse.com/click?pid=33&offer_id=398417&sub1=NCT_iphone_de_ofid13077921_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat27_sub4_sub5&sub2=9700901032_225955_capitalonew... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=947&cid=&sid=33&udid=&name=&info=appadppre&blockTime=0 https://apts.trckswrm.com/click?offer_id=194182&pub_id=9&pub_click_id=NCT_iphone_de_ofid13082212_pid616_sub1_sub233_sub3appadppre_nat13_sub4_sub5&pub_sub_id=970090616&pub_sub_sub_id=33&app=id593715088	0 75 B	12ms 12ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=194182&pub_id=9&pub_click_id=NCT_iphone_de_ofid13082212_pid616_sub1_sub233_sub3appadppre_nat13_sub4_sub5&pub_sub_id=970090616&pub_sub_sub_id=33&app=id593715088 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 0 Redirect headers date Sun, 26 Dec 2021 09:00:43 GMT content-encoding gzip server nginx/1.14.1 location https://apts.trckswrm.com/click?offer_id=194182&pub_id=9&pub_click_id=NCT_iphone_de_ofid13082212_pid616_sub1_sub233_sub3appadppre_nat13_sub4_sub5&pub_sub_id=970090616&pub_sub_sub_id=33&app=id593715088 x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H/1.1	200 OK	click apts.trckswrm.com/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=1693649&sub1=NCT_iphone_de_ofid12782622_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat28_sub4_sub5&sub2=9700901032_225955_cap... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://apts.trckswrm.com/click?offer_id=31826&pub_id=10&pub_click_id=NCT_iphone_de_ofid10123174_pid616_sub1_sub22_sub3ElishaSL_nat11_sub4_sub5&pub_sub_id=970090616&pub_sub_sub_id=2&app=id1132762804	0 75 B	12ms 12ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=31826&pub_id=10&pub_click_id=NCT_iphone_de_ofid10123174_pid616_sub1_sub22_sub3ElishaSL_nat11_sub4_sub5&pub_sub_id=970090616&pub_sub_sub_id=2&app=id1132762804 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 0 Redirect headers date Sun, 26 Dec 2021 09:00:43 GMT content-encoding gzip server nginx/1.14.1 location https://apts.trckswrm.com/click?offer_id=31826&pub_id=10&pub_click_id=NCT_iphone_de_ofid10123174_pid616_sub1_sub22_sub3ElishaSL_nat11_sub4_sub5&pub_sub_id=970090616&pub_sub_sub_id=2&app=id1132762804 x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H2	404	click trk.games-to-run123.com/	0 0	317ms 100ms	Stylesheet text/html	35.171.97.125 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.games-to-run123.com/click?affid=47&cmpid=9ccd8ba61cd8bafa&clickid=NCT_iphone_de_ofid13076537_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat29_sub4_sub5&siteid=9700901032_225955_capitalonewest.com Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.171.97.125 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-171-97-125.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 13 content-type text/html
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	69ms 13ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=332889&pub_id=10&pub_click_id=NCT_iphone_de_ofid11912208_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat30_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&app=id445338486 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 0
GET		click c.allontrk.com/	0 0

GET		click go.g2app.net/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=230439&sub1=NCT_iphone_de_ofid12421807_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat32_sub4_sub5&sub4=9700901032_225955_capita... https://allmarketing.g2afse.com/click?pid=779&offer_id=4685778&sub1=61c82f3b116f52000128f4f5&sub2=42_9700901032_225955_capitalonewest.com&sub3=4BB1C34C-5339-46B6-B266-DDDF1B5124E6_4BB1C34C-5339-46B... https://allmarketing.go2affise.com/sl?id=5f7bffbd1a6e4b187922525f&pid=652&sub1= https://go.g2app.net/click?pid=647&offer_id=2102021&sub1=61c82f3b198d130001511ac8&sub2=652	0 0

GET H2	200	id1540715900 apps.apple.com/de/app/bildbet-sportwetten-online/ Redirect Chain https://click.appmultiple.net/tracking/click?clickid=NCT_iphone_de_ofid12666131_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat33_sub4_sub5&trafficsource=1373692397&offerid=4386130... https://apps.apple.com/de/app/bildbet-sportwetten-online/id1540715900?uo=4	0 0	676ms 676ms	Stylesheet text/html	2a02:26f0:6c00:281::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/de/app/bildbet-sportwetten-online/id1540715900?uo=4 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Server 2a02:26f0:6c00:281::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Redirect headers location https://apps.apple.com/de/app/bildbet-sportwetten-online/id1540715900?uo=4 date Sun, 26 Dec 2021 09:00:43 GMT via 1.1 google x-powered-by Express alt-svc clear
GET		click mookomedia.g2afse.com/	0 0

GET H/1.1	200 OK	recommendation brainadv.trckswrm.com/ Redirect Chain https://brainadv.g2afse.com/click?pid=37&offer_id=667661&sub1=9700901032_225955_capitalonewest.com&sub2=id445338486&sub3=NCT_iphone_de_ofid13082699_pid1032_sub1,_sub2225955_capitalonewest.com_sub3E... https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=37&pub_sub_sub_id=9700901032_225955_capitalonewest.com&idfa=&gaid=&app=id445338486	0 75 B	41ms 12ms	Stylesheet text/plain	116.202.243.43 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=37&pub_sub_sub_id=9700901032_225955_capitalonewest.com&idfa=&gaid=&app=id445338486 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol HTTP/1.1 Server 116.202.243.43 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.43.243.202.116.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 0 Redirect headers location https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=37&pub_sub_sub_id=9700901032_225955_capitalonewest.com&idfa=&gaid=&app=id445338486 date Sun, 26 Dec 2021 09:00:43 GMT server nginx access-control-allow-origin * content-length 0
GET		ps il32.co/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=1680188&sub1=NCT_iphone_de_ofid12752843_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat36_sub4_sub5&sub2=9700901032_225955_cap... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://zildd.g2afse.com/click?pid=35&offer_id=3307485&sub1=NCT_iphone_de_ofid12900134_pid616_sub1_sub22_sub3ElishaSL_nat14_sub4_sub5&sub2=970090616_2&sub3=id486154808 https://ila3.co/o/213840?p=3&aff_clickid=61c82f3b80e0b0000110ee80&sub2=970090616_2&sub1=35_970090616_2&app_name=id486154808&idfa=&gaid= https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_zpry1kpa29bqr&target=534506974	0 0

GET		click zildd.g2afse.com/	0 0

GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://advdgt.trckswrm.com/click?offer_id=233863&pub_id=7&pub_click_id=NCT_iphone_de_ofid12723270_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat38_sub4_sub5&pub_sub_id=9700901032... https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_9700901032&creativeid=POP&category=01	0 0	312ms 102ms	Stylesheet text/html	107.22.111.237 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_9700901032&creativeid=POP&category=01 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Server 107.22.111.237 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-22-111-237.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-length 13 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_9700901032&creativeid=POP&category=01 date Sun, 26 Dec 2021 09:00:43 GMT referrer-policy no-referrer content-length 0
GET		click c.allontrk.com/	0 0

GET		click ccapi.g2afse.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=219680&sub1=NCT_iphone_de_ofid12425347_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat40_sub4_sub5&sub4=9700901032_225955_capita... https://allmarketing.g2afse.com/click?pid=779&offer_id=4686074&sub1=61c82f3b408142000183b4b4&sub2=42_9700901032_225955_capitalonewest.com&sub3=_&sub4=id445338486 https://allmarketing.go2affise.com/sl?id=5f7bffbd1a6e4b187922525f&pid=652&sub1= https://ccapi.g2afse.com/click?pid=255&offer_id=2705880	0 0

GET H2	200	/ www.google.com/ Redirect Chain https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D https://www.google.com/	0 0	188ms 103ms	Stylesheet text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Redirect headers date Sun, 26 Dec 2021 09:00:43 GMT referrer-policy origin cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqq7Quwy4HlkneLU4QD4bAD8ij7%2F%2BCrNvMdDKMndfgZjhfOQsiAE4iQn27F6n2iFOiH7cllymwFH0jOVGbbZfVtjeY6Pb3Swbkbfxc0xFhw3dMmY4LSthA1GPL%2FW610%3D"}],"group":"cf-nel","max_age":604800} location https://www.google.com cf-ray 6c391ed3fb7d5c98-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 0
GET H2	200	swback cpi-offers.com/	0 0	9ms 8ms	Fetch text/html	35.157.81.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/swback Requested by Host: cpi-offers.com URL: https://cpi-offers.com/jsf/main.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.81.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-81-48.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 26 Dec 2021 09:00:43 GMT content-encoding gzip etag W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk" server nginx/1.14.1 x-powered-by Express vary Accept-Encoding content-type text/html; charset=utf-8 access-control-allow-origin *
GET		recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=198349&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid12920196_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat6_sub4_sub5&pub_sub_id=970... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 0

GET H2	404	click apply.g2afse.com/	0 0	15ms 15ms	Stylesheet text/html	213.227.134.200 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apply.g2afse.com/click?pid=3&offer_id=262112&sub1=NCT_iphone_de_ofid11601779_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat9_sub4_sub5&sub4=id445338486&sub2=9700901032_225955_capitalonewest.com Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.134.200 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers
GET		disabled.html appitate.g2afse.com/ Redirect Chain https://adjar.gotrackier.com/click?campaign_id=1404&pub_id=104&p1=NCT_iphone_de_ofid11568078_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat10_sub4_sub5&source=9700901032_225955_ca... https://appitate.g2afse.com/click?pid=7789&offer_id=%20884020&sub161c82f3c249c150343fce632&sub2=104_9700901032_225955_capitalonewest.com&sub3=&sub5=id445338486 http://appitate.g2afse.com/disabled.html	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=198349&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid12920196_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat6_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&app=id445338486

Domain: appitate.g2afse.com
URL: https://appitate.g2afse.com/click?pid=7789&offer_id=%20884020&sub161c82f3b23d885033f9fb70e&sub2=104_9700901032_225955_capitalonewest.com&sub3=&sub5=id445338486

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987

Domain: il32.co
URL: https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_zxa9uk8do49r0&target=571932135

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987

Domain: il32.co
URL: https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_zpry1kpa29bqr&target=534506974

Domain: 9h6ha0y.appsdeku.com
URL: https://9h6ha0y.appsdeku.com/9h6ha0y?p=42_9700901032_225955_capitalonewest.com&sid=61c82f3b8c109500012a8dfb&android_id=&android_a_id=&idfa=&app_id=id445338486&param1=

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=210931&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071147_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat24_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&app=id445338486

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=209494&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070231_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat31_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&app=id445338486

Domain: go.g2app.net
URL: https://go.g2app.net/click?pid=647&offer_id=2102021&sub1=61c82f3b198d130001511ac8&sub2=652

Domain: mookomedia.g2afse.com
URL: https://mookomedia.g2afse.com/click?pid=42&offer_id=208979&sub1=NCT_iphone_de_ofid12155981_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat34_sub4_sub5&sub4=9700901032_225955_capitalonewest.com&sub3=4BB1C34C-5339-46B6-B266-DDDF1B5124E6&sub2=4BB1C34C-5339-46B6-B266-DDDF1B5124E6&sub5=id445338486

Domain: il32.co
URL: https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_zpry1kpa29bqr&target=534506974

Domain: zildd.g2afse.com
URL: https://zildd.g2afse.com/click?pid=35&offer_id=3108565&sub1=NCT_iphone_de_ofid11570485_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat37_sub4_sub5&sub2=9700901032_225955_capitalonewest.com&sub3=id445338486

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=154929&pub_id=636&pub_click_id=NCT_iphone_de_ofid13082284_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat39_sub4_sub5&pub_sub_id=9700901032&pub_sub_sub_id=225955_capitalonewest.com&app=id445338486

Domain: ccapi.g2afse.com
URL: https://ccapi.g2afse.com/click?pid=255&offer_id=2705880

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: appitate.g2afse.com
URL: http://appitate.g2afse.com/disabled.html

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| urlB64ToUint8Array function| initializeUI function| subscribeUser function| updateSubscriptionOnServer

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gotrackier.com/	1970-01-19 23:41:51	Name: __cf_bm Value: DtphrPcSyrYRR_hiAsMP1rs5w_HdaUPzUtaGZgl6P8s-1640509243-0-ActBv3IKM4wPf+OQzlqLJLT2+vk3bq0b9ncHSWvVKAK8m+JveUUJnWUvB9RKNvRvD4QnUSj7LB/clrOH6pMLASI=
mookomedia.g2afse.com/	1970-01-20 08:27:25	Name: afclick Value: 61c82f3bd5b6960001fc8d56
mookomedia.g2afse.com/	1970-01-20 08:27:25	Name: afoffers Value: {"260470":1640509243,"223809":1640509243}
zildd.g2afse.com/	1970-01-20 08:27:25	Name: afoffers Value: {"3307478":1640509243,"3307485":1640509243}
zildd.g2afse.com/	1970-01-20 08:27:25	Name: afclick Value: 61c82f3b80e0b0000110ee80
allmarketing.go2affise.com/	1970-01-20 08:27:25	Name: afclick Value: 61c82f3b198d130001511ac8
ccapi.g2afse.com/	1970-01-20 08:27:25	Name: afoffers Value: {"2705880":1640509243}
ccapi.g2afse.com/	1970-01-20 08:27:25	Name: afclick Value: 61c82f3b6adf6d00019bb137
ad2click.g2afse.com/	1970-01-20 08:27:25	Name: afclick Value: 61c82f3bd271510001e39e80
ad2click.g2afse.com/	1970-01-20 08:27:25	Name: afoffers Value: {"183015":1640509243}

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=262112&sub1=NCT_iphone_de_ofid11601779_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat9_sub4_sub5&sub4=id445338486&sub2=9700901032_225955_capitalonewest.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://9h6ha0y.appsdeku.com/9h6ha0y?p=42_9700901032_225955_capitalonewest.com&sid=61c82f3b8c109500012a8dfb&android_id=&android_a_id=&idfa=&app_id=id445338486&param1= Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network	error	URL: https://trk.games-to-run123.com/click?affid=47&cmpid=9ccd8ba61cd8bafa&clickid=NCT_iphone_de_ofid13076537_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat29_sub4_sub5&siteid=9700901032_225955_capitalonewest.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_9700901032&creativeid=POP&category=01 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=262112&sub1=NCT_iphone_de_ofid11601779_pid1032_sub1,_sub2225955_capitalonewest.com_sub3ExplorAdsSL2_nat9_sub4_sub5&sub4=id445338486&sub2=9700901032_225955_capitalonewest.com Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0 Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1032&&sid=225955_capitalonewest.com&udid=&name=&info=ExplorAdsSL2&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://appitate.g2afse.com/disabled.html'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9h6ha0y.appsdeku.com
ad2click.g2afse.com
advdgt.trckswrm.com
allmarketing.g2afse.com
allmarketing.go2affise.com
appad.g2afse.com
appitate.g2afse.com
apply.g2afse.com
apply.trckswrm.com
apps.apple.com
appscogent.g2afse.com
apts.trckswrm.com
brainadv.g2afse.com
brainadv.trckswrm.com
c.allontrk.com
capitalonewest.com
ccapi.g2afse.com
click.appmultiple.net
click.expmediadirect1.com
click.spinnx.co
cpi-offers.com
digitalfuture.g2afse.com
direct2.knmasdfsdgs.com
go.g2app.net
il32.co
imagineads.g2afse.com
kraken.g2afse.com
mookomedia.g2afse.com
thingortwo.g2afse.com
trk.ad-serving-ads.com
trk.games-to-run123.com
www.gamezop.com
www.google.com
zainzuri.com
zildd.g2afse.com
9h6ha0y.appsdeku.com
appitate.g2afse.com
c.allontrk.com
ccapi.g2afse.com
go.g2app.net
il32.co
imagineads.g2afse.com
mookomedia.g2afse.com
zildd.g2afse.com
104.21.66.249
107.22.111.237
116.202.243.43
185.33.87.146
198.134.116.30
212.7.209.73
213.227.134.200
213.227.134.202
213.227.134.204
213.227.134.236
213.227.135.207
213.227.135.213
213.227.135.233
213.227.156.19
2600:9000:2156:4a00:c:cc88:5b00:93a1
2607:fad0:3801:4::1
2a00:1450:4001:80f::2004
2a02:26f0:6c00:281::2a1
35.157.81.48
35.171.97.125
35.244.146.9
35.244.190.228
5.9.6.124
5.9.6.203
0729d883fb5cb20ff33e278ec21e0ad32c46b7a2571a99633f6032c0f73723f8
3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1
52f9fdd3c4077c13e78ac5453347a79f5c2f18a5fec199a36052d19946d6e61c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cpi-offers.com Open in urlscan Pro 35.157.81.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

49 Requests

37 %HTTPS

17 %IPv6

19 Domains

35 Subdomains

13 IPs

4 Countries

8 kBTransfer

17 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

cpi-offers.com Open in urlscan Pro
35.157.81.48 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

37 %
HTTPS

17 %
IPv6

19
Domains

35
Subdomains

13
IPs

4
Countries

8 kB
Transfer

17 kB
Size

10
Cookies

49 HTTP transactions
0 data transactions