cpi-offers.com Open in urlscan Pro
18.195.18.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&bloc...
Submission: On May 02 via manual (May 2nd 2022, 2:00:33 pm UTC) from IL — Scanned from GB

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 25 domains to perform 43 HTTP transactions. The main IP is 18.195.18.121, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com. The Cisco Umbrella rank of the primary domain is 27865.

This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 6	18.195.18.121 18.195.18.121	16509 (AMAZON-02) (AMAZON-02)
5 6	213.227.135.213 213.227.135.213	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
8	5.9.5.213 5.9.5.213	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2606:4700:303... 2606:4700:3031::ac43:b770	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	18.158.88.249 18.158.88.249	16509 (AMAZON-02) (AMAZON-02)
2 2	40.127.232.184 40.127.232.184	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.111.230.174 104.111.230.174	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	213.227.135.235 213.227.135.235	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.135.207 213.227.135.207	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4 6	85.17.54.17 85.17.54.17	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 4	136.243.5.30 136.243.5.30	24940 (HETZNER-AS) (HETZNER-AS)
6	3.220.81.193 3.220.81.193	14618 (AMAZON-AES) (AMAZON-AES)
10 10	212.7.209.71 212.7.209.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5 10	23.205.240.176 23.205.240.176	16625 (AKAMAI-AS) (AKAMAI-AS)
12 12	213.227.156.19 213.227.156.19	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	185.33.87.146 185.33.87.146	202015 (HZ-US-AS) (HZ-US-AS)
2 4	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.212.201.66 173.212.201.66	51167 (CONTABO) (CONTABO)
4 4	213.227.134.220 213.227.134.220	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	84.110.34.196 84.110.34.196	8551 (BEZEQ-INT...) (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone)
1 1	40.76.168.171 40.76.168.171	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 1	35.244.148.94 35.244.148.94	15169 (GOOGLE) (GOOGLE)
1 2	35.244.209.32 35.244.209.32	15169 (GOOGLE) (GOOGLE)
1 1	5.9.6.124 5.9.6.124	24940 (HETZNER-AS) (HETZNER-AS)
1 1	5.9.6.203 5.9.6.203	24940 (HETZNER-AS) (HETZNER-AS)
1 2	143.204.201.74 143.204.201.74	16509 (AMAZON-02) (AMAZON-02)
4 8	5.9.6.177 5.9.6.177	24940 (HETZNER-AS) (HETZNER-AS)
2 2	213.227.156.11 213.227.156.11	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	188.114.96.7 188.114.96.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
43	17

6 18.195.18.121 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-18-121.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.227.135.213 (Netherlands) 5 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

go2.lkjlkjkljsdflkjsdfklsfjklsd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zildd.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 5.9.5.213 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.5.9.5.clients.your-server.de

apts.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:b770 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

srv6.feed-apps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.88.249 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-88-249.eu-central-1.compute.amazonaws.com

trk.suprclicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.127.232.184 (Dublin, Ireland) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

wlskybetpartners.iaofr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.174 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-174.deploy.static.akamaitechnologies.com

www.skybet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.135.235 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

imagineads.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.135.207 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

cornerstore.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 85.17.54.17 (Netherlands) 4 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rvoh5.rdtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.5.30 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.30.5.243.136.clients.your-server.de

advdgt.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apply.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.220.81.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-81-193.compute-1.amazonaws.com

trk.ad-serving-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 212.7.209.71 (Netherlands) 10 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

t.9696.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.205.240.176 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-240-176.deploy.static.akamaitechnologies.com

offer.alibaba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 213.227.156.19 (Netherlands) 12 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appad.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
greengrass.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nexamob.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.87.146 (Ashburn, United States)

ASN202015 (HZ-US-AS, BG)

direct2.knmasdfsdgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::7 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

track.gowithads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.212.201.66 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: m10082.contaboserver.net

ila3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.227.134.220 (Netherlands) 4 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ad-experience.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.110.34.196 (Netanya, Israel) 2 redirects

ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL)
PTR: bzq-84-110-34-196.static-ip.bezeqint.net

rewardsctr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.76.168.171 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

click.gowadogo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.148.94 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 94.148.244.35.bc.googleusercontent.com

fkan.oakmastering.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.209.32 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 32.209.244.35.bc.googleusercontent.com

fd.allsaintsyrt.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.9.6.124 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.124.6.9.5.clients.your-server.de

md412.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.9.6.203 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.203.6.9.5.clients.your-server.de

appme.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.201.74 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-74.fra53.r.cloudfront.net

www.zaful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uk.zaful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 5.9.6.177 (Germany) 4 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.177.6.9.5.clients.your-server.de

c.allontrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.156.11 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ermoza.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.7 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zainzuri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	g2afse.com 22 redirects imagineads.g2afse.com — Cisco Umbrella Rank: 50617 appad.g2afse.com — Cisco Umbrella Rank: 32476 ad-experience.g2afse.com — Cisco Umbrella Rank: 55258 greengrass.g2afse.com — Cisco Umbrella Rank: 43793 zildd.g2afse.com — Cisco Umbrella Rank: 44561 nexamob.g2afse.com — Cisco Umbrella Rank: 45898 ermoza.g2afse.com — Cisco Umbrella Rank: 49688	5 KB
14	trckswrm.com 5 redirects apts.trckswrm.com — Cisco Umbrella Rank: 27321 advdgt.trckswrm.com — Cisco Umbrella Rank: 32504 md412.trckswrm.com — Cisco Umbrella Rank: 44006 appme.trckswrm.com — Cisco Umbrella Rank: 50787 apply.trckswrm.com — Cisco Umbrella Rank: 34751	2 KB
10	alibaba.com 5 redirects offer.alibaba.com — Cisco Umbrella Rank: 24681	7 KB
10	9696.me 10 redirects t.9696.me — Cisco Umbrella Rank: 32850	2 KB
8	allontrk.com 4 redirects c.allontrk.com — Cisco Umbrella Rank: 31260	1 KB
6	ad-serving-ads.com trk.ad-serving-ads.com — Cisco Umbrella Rank: 42753
6	rdtk.io 4 redirects rvoh5.rdtk.io — Cisco Umbrella Rank: 66535	2 KB
6	cpi-offers.com 4 redirects cpi-offers.com — Cisco Umbrella Rank: 27865	4 KB
4	gowithads.com 2 redirects track.gowithads.com — Cisco Umbrella Rank: 36315	1 KB
3	lkjlkjkljsdflkjsdfklsfjklsd.com 3 redirects go2.lkjlkjkljsdflkjsdfklsfjklsd.com — Cisco Umbrella Rank: 42490	508 B
2	zaful.com 1 redirects www.zaful.com — Cisco Umbrella Rank: 92061 uk.zaful.com — Cisco Umbrella Rank: 942286	326 B
2	allsaintsyrt.club 1 redirects fd.allsaintsyrt.club — Cisco Umbrella Rank: 89861	405 B
2	google.com play.google.com — Cisco Umbrella Rank: 69 www.google.com — Cisco Umbrella Rank: 20
2	rewardsctr.com 2 redirects rewardsctr.com — Cisco Umbrella Rank: 112270	678 B
2	knmasdfsdgs.com direct2.knmasdfsdgs.com — Cisco Umbrella Rank: 38714	276 B
2	go2affise.com 2 redirects cornerstore.go2affise.com — Cisco Umbrella Rank: 32312	575 B
2	iaofr.com 2 redirects wlskybetpartners.iaofr.com — Cisco Umbrella Rank: 74303	1 KB
1	zainzuri.com 1 redirects zainzuri.com — Cisco Umbrella Rank: 59688	520 B
1	oakmastering.site 1 redirects fkan.oakmastering.site — Cisco Umbrella Rank: 74836	349 B
1	gowadogo.com 1 redirects click.gowadogo.com — Cisco Umbrella Rank: 28219	152 B
1	ila3.co ila3.co — Cisco Umbrella Rank: 34386	100 B
1	skybet.com www.skybet.com — Cisco Umbrella Rank: 37616
1	suprclicks.com 1 redirects trk.suprclicks.com — Cisco Umbrella Rank: 70544	638 B
1	feed-apps.com 1 redirects srv6.feed-apps.com — Cisco Umbrella Rank: 168857	2 KB
0	soldbyphonder.com Failed direct4.soldbyphonder.com Failed
43	25

	Domain	Requested by
10	offer.alibaba.com	5 redirects cpi-offers.com
10	t.9696.me	10 redirects
8	c.allontrk.com	4 redirects cpi-offers.com
8	appad.g2afse.com	8 redirects
8	apts.trckswrm.com	cpi-offers.com
6	trk.ad-serving-ads.com	cpi-offers.com
6	rvoh5.rdtk.io	4 redirects cpi-offers.com
6	cpi-offers.com	4 redirects cpi-offers.com
4	ad-experience.g2afse.com	4 redirects
4	track.gowithads.com	2 redirects cpi-offers.com
3	nexamob.g2afse.com	3 redirects
3	zildd.g2afse.com	2 redirects cpi-offers.com
3	advdgt.trckswrm.com	3 redirects
3	go2.lkjlkjkljsdflkjsdfklsfjklsd.com	3 redirects
2	ermoza.g2afse.com	2 redirects
2	fd.allsaintsyrt.club	1 redirects cpi-offers.com
2	rewardsctr.com	2 redirects
2	direct2.knmasdfsdgs.com	cpi-offers.com
2	cornerstore.go2affise.com	2 redirects
2	imagineads.g2afse.com	2 redirects cpi-offers.com
2	wlskybetpartners.iaofr.com	2 redirects
1	www.google.com	cpi-offers.com
1	zainzuri.com	1 redirects
1	apply.trckswrm.com	cpi-offers.com
1	uk.zaful.com	cpi-offers.com
1	www.zaful.com	1 redirects
1	greengrass.g2afse.com	1 redirects
1	appme.trckswrm.com	1 redirects
1	md412.trckswrm.com	1 redirects
1	fkan.oakmastering.site	1 redirects
1	play.google.com	cpi-offers.com
1	click.gowadogo.com	1 redirects
1	ila3.co	cpi-offers.com
1	www.skybet.com	cpi-offers.com
1	trk.suprclicks.com	1 redirects
1	srv6.feed-apps.com	1 redirects
0	direct4.soldbyphonder.com Failed	cpi-offers.com
43	37

This site contains no links.

Subject Issuer	Validity	Valid
*.knmasdfsdgs.com Go Daddy Secure Certificate Authority - G2	`2021-07-14` - `2022-08-15`	a year	crt.sh
ila3.co R3	`2022-02-08` - `2022-05-09`	3 months	crt.sh
apts.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2022-04-17` - `2022-07-16`	3 months	crt.sh
apply.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2022-04-17` - `2022-07-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0
Frame ID: 1BFE3A36024177EC2A138BAD12020650
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

43
Requests

26 %
HTTPS

13 %
IPv6

25
Domains

37
Subdomains

17
IPs

5
Countries

5 kB
Transfer

12 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=764&offer_id=13244324&sub1=&sub2=813&sub3=YellowAppSL_nat1&sub4=431176A1-5B56-4FA6-A712-AEFA15F2CCCC&sub5=id1456989345&sub6=865320 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://apts.trckswrm.com/click?offer_id=810268&pub_id=9&pub_click_id=NCT_iphone_gb_ofid13324329_pid616_sub1_sub2_sub3TbLabq_nat14_sub4_sub5&pub_sub_id=865320616&pub_sub_sub_id=&app=id314487667

Request Chain 2

https://srv6.feed-apps.com/srv/click/?pid=61468459&p1=NCT_iphone_gb_ofid12994045_pid764_sub1_sub2813_sub3YellowAppSL_nat2_sub4_sub5&p2=865320764&p3=813&sub4=id1456989345&sub5=id1456989345 HTTP 302
https://trk.suprclicks.com/88f01963-baff-4f9b-a3c1-525c8a3c130d?pubid=489211685624&appnme=&cid=P6P40R6515000282781076775 HTTP 302
http://wlskybetpartners.iaofr.com/C.ashx?btag=a_30619b_15c_&affid=14002&siteid=30619&adid=15&c=wd9pqd5ehls2lesfi5c67ob0 HTTP 302
http://wlskybetpartners.iaofr.com/C.ashx?btag=a_30619b_15c_&affid=14002&siteid=30619&adid=15&c=wd9pqd5ehls2lesfi5c67ob0&AutoR=1 HTTP 302
https://www.skybet.com/secure/identity/app/affiliate/track/skybet?btag=a_30619b_15c_wd9pqd5ehls2lesfi5c67ob0

Request Chain 3

https://imagineads.g2afse.com/click?pid=59&offer_id=7683&sub1=NCT_iphone_gb_ofid13074425_pid764_sub1_sub2813_sub3YellowAppSL_nat3_sub4_sub5&sub2=865320764_813&sub4=id1456989345&sub5=id1456989345 HTTP 302
https://cornerstore.go2affise.com/click?pid=165&offer_id=204766&sub1=&sub2=59&sub3=&sub4=id1456989345 HTTP 302
https://rvoh5.rdtk.io/61379ec65617cb0001db8152?sub1=&sub2=59&sub3=&sub4=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&sub5=en-GB&sub6=217.138.196.102&sub7=165&ref_id=&sub19=204766&sub20=o_a HTTP 302
https://rvoh5.rdtk.io/ HTTP 301
https://rvoh5.rdtk.io/disabled.html

Request Chain 4

https://advdgt.trckswrm.com/click?offer_id=284447&pub_id=7&pub_click_id=NCT_iphone_gb_ofid13234440_pid764_sub1_sub2813_sub3YellowAppSL_nat4_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1456989345 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_865320764&creativeid=POP&category=01&androidid=

Request Chain 5

https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_gb_ofid10910945_pid764_sub1_sub2813_sub3YellowAppSL_nat5_sub4_sub5&sub1=729_4850764&sub2=729_4850764_813&sub3=id1456989345&sub7=id1456989345 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1456989345&sub1=729_4850764&sub2=729_4850764_813 HTTP 302
https://offer.alibaba.com/cps/3ba4i0jh?tp1=626fe3fbcca7ec0001b881f1&pid=729_4850764&adid= HTTP 302
https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=3ba4i0jh&e=7

Request Chain 6

https://appad.g2afse.com/click?pid=33&offer_id=57725&sub1=NCT_iphone_gb_ofid13311779_pid764_sub1_sub2813_sub3YellowAppSL_nat6_sub4_sub5&sub2=865320764_813&sub7=id1456989345 HTTP 302
https://appad.g2afse.com/click?pid=2&offer_id=462812&sub2=33_57725 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=880&sub1=880_2&sub2=880_2_33_57725&sub4=626fe3fbaba8320001d97a3a HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=&sub1=880_2&sub2=880_2_33_57725 HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=626fe3fb4627fc00010a2269&pid=880_2&adid= HTTP 302
https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=rq9rg325&e=7

Request Chain 9

https://kuno-gae.com/com.id1456989345?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd HTTP 302
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=38a27d64-ca20-11ec-928d-12a0ae29e06f

Request Chain 10

https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=764&offer_id=12789778&sub1=&sub2=813&sub3=YellowAppSL_nat10&sub4=431176A1-5B56-4FA6-A712-AEFA15F2CCCC&sub5=id1456989345&sub6=865320 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=12789778&sub1=&sub2=&sub3=TbLabq_nat9&sub4=2DA03468-BA4D-43D1-AEA1-959BBE15273B&sub5=id462678375&sub6=865320 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=7683&sub1=NCT_iphone_gb_ofid13074425_pid616_sub1_sub2_sub3TbLabq_nat3_sub4_sub5&sub2=865320616_&sub4=id1439785734&sub5=id1439785734 HTTP 302
https://cornerstore.go2affise.com/click?pid=165&offer_id=204766&sub1=&sub2=59&sub3=&sub4=id1439785734 HTTP 302
https://rvoh5.rdtk.io/61379ec65617cb0001db8152?sub1=&sub2=59&sub3=&sub4=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&sub5=en-GB&sub6=217.138.196.102&sub7=165&ref_id=&sub19=204766&sub20=o_a HTTP 302
https://rvoh5.rdtk.io/ HTTP 301
https://rvoh5.rdtk.io/disabled.html

Request Chain 11

https://track.gowithads.com/click?pid=141&offer_id=2347440&sub1=NCT_iphone_gb_ofid13300149_pid764_sub1_sub2813_sub3YellowAppSL_nat11_sub4_sub5&sub2=865320764_813&sub4=id1456989345 HTTP 302
http://track.gowithads.com/disabled.html

Request Chain 15

https://imagineads.g2afse.com/click?pid=38&offer_id=7059&sub1=NCT_iphone_gb_ofid13034735_pid764_sub1_sub2813_sub3YellowAppSL_nat15_sub4_sub5&sub2=865320764_813&sub4=id1456989345&sub5=id1456989345 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7059 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987

Request Chain 20

https://ad-experience.g2afse.com/click?pid=2&offer_id=709861&sub1=NCT_iphone_gb_ofid13320467_pid764_sub1_sub2813_sub3YellowAppSL_nat20_sub4_sub5&sub2=865320764_813&sub5=id1456989345 HTTP 302
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=709861&sub3=2 HTTP 302
https://rewardsctr.com/t/960197?A1=626fe3fba8055400014fb2e2&A5=1_709861&A4=&A3=2_&A2=2_&pip=217.138.196.102&plang=GB&pua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36 HTTP 302
https://click.gowadogo.com/click?offer_id=2009636&aff_id=1289&aff_sub=11ecca2038cb1400aff0c3cd1183e6cb_960197_73649&aff_sub2=2079_1_709861&aff_sub4=&google_aid=2_&ios_ifa=2_ HTTP 302
https://play.google.com/store/apps/details?id=com.unocoin.unocoinwallet&hl=en_IN&gl=US

Request Chain 21

https://ad-experience.g2afse.com/click?pid=2&offer_id=709561&sub1=NCT_iphone_gb_ofid13318998_pid764_sub1_sub2813_sub3YellowAppSL_nat21_sub4_sub5&sub2=865320764_813&sub5=id1456989345 HTTP 302
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=709561&sub3=2 HTTP 302
https://rewardsctr.com/t/958390?A1=626fe3fbe439cd000118ee14&A5=1_709561&A4=&A3=2_&A2=2_&pip=217.138.196.102&plang=GB&pua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36 HTTP 302
https://fkan.oakmastering.site/?sddtid=hyues&sdpi=13&pdco=5Vj30uDz7&pdos=4054959&pisc1=2079&pssc2=40040_81268&pdumid=2_2_ HTTP 302
https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=13&pssc2=0 HTTP 302
https://fd.allsaintsyrt.club/healthCheck?pisc1=286

Request Chain 22

https://md412.trckswrm.com/click?offer_id=231958&pub_id=10&pub_click_id=NCT_iphone_gb_ofid13251427_pid764_sub1_sub2813_sub3YellowAppSL_nat22_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1456989345 HTTP 302
https://appme.trckswrm.com/click?offer_id=12600&pub_id=5&pub_click_id=Ark6YqQAAAGAhRKPjQADilkAAAAsAAAABQ&pub_sub_id=44_10&pub_sub_sub_id=10&app_store_id=&gaid=&idfa=&app=id1456989345 HTTP 302
https://greengrass.g2afse.com/click?pid=346&offer_id=771&sub1=Av5SkWIAAAGAhRKQGAAAMTgAAAAFAAAAAA&sub2=5&sub5=&sub6=id1456989345 HTTP 302
https://www.zaful.com/?lkid=82490100&cid=626fe3fbb64a9f00014d2848&subid=346_5 HTTP 301
https://uk.zaful.com/?admitad_uid=6a40b769c9a05a2b3de31e12cf7d0525&utm_source=admitad&tagtag_uid=6a40b769c9a05a2b3de31e12cf7d0525

Request Chain 23

https://zildd.g2afse.com/click?pid=35&offer_id=3477379&sub1=NCT_iphone_gb_ofid13329444_pid764_sub1_sub2813_sub3YellowAppSL_nat23_sub4_sub5&sub2=865320764_813&sub3=id1456989345 HTTP 302
https://zildd.g2afse.com/click?pid=35&offer_id=3477380 HTTP 302
http://zildd.g2afse.com/disabled.html

Request Chain 24

https://advdgt.trckswrm.com/click?offer_id=288608&pub_id=7&pub_click_id=NCT_iphone_gb_ofid13196283_pid764_sub1_sub2813_sub3YellowAppSL_nat24_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1456989345 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_865320764&creativeid=POP&category=01&androidid=

Request Chain 25

https://appad.g2afse.com/click?pid=33&offer_id=320970&sub1=NCT_iphone_gb_ofid13301781_pid764_sub1_sub2813_sub3YellowAppSL_nat25_sub4_sub5&sub2=865320764_813&sub7=id1456989345 HTTP 302
https://appad.g2afse.com/click?pid=2&offer_id=462812&sub2=33_320970 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=880&sub1=880_2&sub2=880_2_33_320970&sub4=626fe3fb38eaed0001d3a603 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=&sub1=880_2&sub2=880_2_33_320970 HTTP 302
https://offer.alibaba.com/cps/3ba4i0jh?tp1=626fe3fbe93b660001b682ba&pid=880_2&adid= HTTP 302
https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=3ba4i0jh&e=7

Request Chain 26

https://imagineads.g2afse.com/click?pid=59&offer_id=7652&sub1=NCT_iphone_gb_ofid13331696_pid764_sub1_sub2813_sub3YellowAppSL_nat26_sub4_sub5&sub2=865320764_813&sub4=id1456989345&sub5=id1456989345 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7652 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987

Request Chain 27

https://appad.g2afse.com/click?pid=33&offer_id=450561&sub1=NCT_iphone_gb_ofid13338831_pid764_sub1_sub2813_sub3YellowAppSL_nat27_sub4_sub5&sub2=865320764_813&sub7=id1456989345 HTTP 302
https://appad.g2afse.com/click?pid=2&offer_id=462812&sub2=33_450561 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=880&sub1=880_2&sub2=880_2_33_450561&sub4=626fe3fb907a60000125245a HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=&sub1=880_2&sub2=880_2_33_450561 HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=626fe3fb5349bc0001552421&pid=880_2&adid= HTTP 302
https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=rq9rg325&e=7

Request Chain 28

https://c.allontrk.com/click?offer_id=179150&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_gb_ofid13073934_pid764_sub1_sub2813_sub3YellowAppSL_nat28_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1456989345 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 29

https://advdgt.trckswrm.com/click?offer_id=54444&pub_id=7&pub_click_id=NCT_iphone_gb_ofid13301335_pid764_sub1_sub2813_sub3YellowAppSL_nat29_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1456989345 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_865320764&creativeid=POP&category=01&androidid=

Request Chain 31

https://nexamob.g2afse.com/click?pid=15&offer_id=254182&sub1=NCT_iphone_gb_ofid13251449_pid764_sub1_sub2813_sub3YellowAppSL_nat31_sub4_sub5&sub2=865320764_813&sub3=id1456989345&sub5=id1456989345 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01

Request Chain 32

https://c.allontrk.com/click?offer_id=209227&pub_id=646&pub_click_id=NCT_iphone_gb_ofid13073217_pid764_sub1_sub2813_sub3YellowAppSL_nat32_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1456989345 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 33

https://imagineads.g2afse.com/click?pid=59&offer_id=7966&sub1=NCT_iphone_gb_ofid13332359_pid764_sub1_sub2813_sub3YellowAppSL_nat33_sub4_sub5&sub2=865320764_813&sub4=id1456989345&sub5=id1456989345 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7966 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987

Request Chain 34

https://c.allontrk.com/click?offer_id=210926&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_gb_ofid13071087_pid764_sub1_sub2813_sub3YellowAppSL_nat34_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1456989345 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 36

https://ermoza.g2afse.com/click?pid=31&offer_id=1162&sub1=NCT_iphone_gb_ofid12810774_pid764_sub1_sub2813_sub3YellowAppSL_nat36_sub4_sub5&sub2=865320764_813&sub3=id1456989345 HTTP 302
https://ermoza.g2afse.com/click?pid=1&offer_id=2171 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=600&cid=626fe3fbf370690001ae63d5&sid=1_&udid=&name=&info=ExplorAdsSL&blockTime=0 HTTP 302
https://appad.g2afse.com/click?pid=33&offer_id=271734&sub1=NCT_iphone_gb_ofid13311856_pid616_sub1626fe3fbf370690001ae63d5_sub21__sub3ExplorAdsSL_nat6_sub4_sub5&sub2=865320616_1_&sub7=id1400134578 HTTP 302
https://appad.g2afse.com/click?pid=2&offer_id=462812&sub2=33_271734 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=880&sub1=880_2&sub2=880_2_33_271734&sub4=626fe3fc907a600001252486 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=&sub1=880_2&sub2=880_2_33_271734 HTTP 302
https://offer.alibaba.com/cps/3ba4i0jh?tp1=626fe3fc4627fc00010a2274&pid=880_2&adid= HTTP 302
https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=3ba4i0jh&e=7

Request Chain 37

https://c.allontrk.com/click?offer_id=208532&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_gb_ofid13069607_pid764_sub1_sub2813_sub3YellowAppSL_nat37_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1456989345 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 38

https://nexamob.g2afse.com/click?pid=15&offer_id=254175&sub1=NCT_iphone_gb_ofid12918056_pid764_sub1_sub2813_sub3YellowAppSL_nat38_sub4_sub5&sub2=865320764_813&sub3=id1456989345&sub5=id1456989345 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01

Request Chain 39

https://track.gowithads.com/click?pid=141&offer_id=2347292&sub1=NCT_iphone_gb_ofid13299099_pid764_sub1_sub2813_sub3YellowAppSL_nat39_sub4_sub5&sub2=865320764_813&sub4=id1456989345 HTTP 302
http://track.gowithads.com/disabled.html

Request Chain 40

https://nexamob.g2afse.com/click?pid=15&offer_id=291535&sub1=NCT_iphone_gb_ofid13318552_pid764_sub1_sub2813_sub3YellowAppSL_nat40_sub4_sub5&sub2=865320764_813&sub3=id1456989345&sub5=id1456989345 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01

Request Chain 41

https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
https://www.google.com/

43 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request fantastic.html Show response cpi-offers.com/	9 KB 2 KB	88ms 42ms	Document text/html	18.195.18.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Server 18.195.18.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-18-121.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `b9274be4a6f83449c985dd21ec82665a88431a74336896b41e9b8957d48aaf9d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Access-Control-Allow-Origin * Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Mon, 02 May 2022 14:00:27 GMT ETag W/"24ca-BoyMXLyD2wOyd3Cw4kpcUJzKVzs" Server nginx/1.14.1 Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By Express
GET H/1.1	200 OK	main.js Show response cpi-offers.com/jsf/	3 KB 1 KB	42ms 41ms	Script application/javascript	18.195.18.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cpi-offers.com/jsf/main.js Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Server 18.195.18.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-18-121.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 02 May 2022 14:00:27 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Wed, 30 Mar 2022 13:05:34 GMT Server nginx/1.14.1 X-Powered-By Express Etag "159171-2720-1648645534000" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin * cache-control max-age=3600 Connection keep-alive
GET H/1.1	200 OK	click apts.trckswrm.com/ Redirect Chain https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=764&offer_id=13244324&sub1=&sub2=813&sub3=YellowAppSL_nat1&sub4=431176A1-5B56-4FA6-A712-AEFA15F2CCCC&sub5=id1456989345&sub6=865320 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://apts.trckswrm.com/click?offer_id=810268&pub_id=9&pub_click_id=NCT_iphone_gb_ofid13324329_pid616_sub1_sub2_sub3TbLabq_nat14_sub4_sub5&pub_sub_id=865320616&pub_sub_sub_id=&app=id314487667	0 75 B	45ms 45ms	Stylesheet text/plain	5.9.5.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=810268&pub_id=9&pub_click_id=NCT_iphone_gb_ofid13324329_pid616_sub1_sub2_sub3TbLabq_nat14_sub4_sub5&pub_sub_id=865320616&pub_sub_sub_id=&app=id314487667 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Server 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:27 GMT content-length 0 Redirect headers date Mon, 02 May 2022 14:00:27 GMT content-encoding gzip server nginx/1.14.1 location https://apts.trckswrm.com/click?offer_id=810268&pub_id=9&pub_click_id=NCT_iphone_gb_ofid13324329_pid616_sub1_sub2_sub3TbLabq_nat14_sub4_sub5&pub_sub_id=865320616&pub_sub_sub_id=&app=id314487667 x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H2	200	skybet www.skybet.com/secure/identity/app/affiliate/track/ Redirect Chain https://srv6.feed-apps.com/srv/click/?pid=61468459&p1=NCT_iphone_gb_ofid12994045_pid764_sub1_sub2813_sub3YellowAppSL_nat2_sub4_sub5&p2=865320764&p3=813&sub4=id1456989345&sub5=id1456989345 https://trk.suprclicks.com/88f01963-baff-4f9b-a3c1-525c8a3c130d?pubid=489211685624&appnme=&cid=P6P40R6515000282781076775 http://wlskybetpartners.iaofr.com/C.ashx?btag=a_30619b_15c_&affid=14002&siteid=30619&adid=15&c=wd9pqd5ehls2lesfi5c67ob0 http://wlskybetpartners.iaofr.com/C.ashx?btag=a_30619b_15c_&affid=14002&siteid=30619&adid=15&c=wd9pqd5ehls2lesfi5c67ob0&AutoR=1 https://www.skybet.com/secure/identity/app/affiliate/track/skybet?btag=a_30619b_15c_wd9pqd5ehls2lesfi5c67ob0	0 0	450ms 163ms	Stylesheet text/html	104.111.230.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.skybet.com/secure/identity/app/affiliate/track/skybet?btag=a_30619b_15c_wd9pqd5ehls2lesfi5c67ob0 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol H2 Server 104.111.230.174 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-174.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Redirect headers Date Mon, 02 May 2022 14:00:27 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 Location https://www.skybet.com/secure/identity/app/affiliate/track/skybet?btag=a_30619b_15c_wd9pqd5ehls2lesfi5c67ob0 X-Powered-By ASP.NET Vary Accept-Encoding p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * X-Cnection close Content-Type text/html; charset=utf-8 Content-Length 225 Cache-Control private
GET H/1.1	200 OK	disabled.html rvoh5.rdtk.io/ Redirect Chain https://imagineads.g2afse.com/click?pid=59&offer_id=7683&sub1=NCT_iphone_gb_ofid13074425_pid764_sub1_sub2813_sub3YellowAppSL_nat3_sub4_sub5&sub2=865320764_813&sub4=id1456989345&sub5=id1456989345 https://cornerstore.go2affise.com/click?pid=165&offer_id=204766&sub1=&sub2=59&sub3=&sub4=id1456989345 https://rvoh5.rdtk.io/61379ec65617cb0001db8152?sub1=&sub2=59&sub3=&sub4=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Saf... https://rvoh5.rdtk.io/ https://rvoh5.rdtk.io/disabled.html	0 0	39ms 39ms	Stylesheet text/html	85.17.54.17 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://rvoh5.rdtk.io/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Server 85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Redirect headers Date Mon, 02 May 2022 14:00:28 GMT Server nginx/1.21.3 Location /disabled.html Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 49
GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://advdgt.trckswrm.com/click?offer_id=284447&pub_id=7&pub_click_id=NCT_iphone_gb_ofid13234440_pid764_sub1_sub2813_sub3YellowAppSL_nat4_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1... https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_865320764&creativeid=POP&category=01&androidid=	0 0	362ms 116ms	Stylesheet text/html	3.220.81.193 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_865320764&creativeid=POP&category=01&androidid= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol H2 Server 3.220.81.193 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-220-81-193.compute-1.amazonaws.com Software / Resource Hash Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:28 GMT content-length 13 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_865320764&creativeid=POP&category=01&androidid= date Mon, 02 May 2022 14:00:27 GMT referrer-policy no-referrer content-length 0
GET H2	200	/ offer.alibaba.com/ Redirect Chain https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_gb_ofid10910945_pid764_sub1_sub2813_sub3YellowAppSL_nat5_sub4_sub5&sub1=729_4850764&sub2=729_4850764_813&sub3=id1456989345&sub7=id145... https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1456989345&sub1=729_4850764&sub2=729_4850764_813 https://offer.alibaba.com/cps/3ba4i0jh?tp1=626fe3fbcca7ec0001b881f1&pid=729_4850764&adid= https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=3ba4i0jh&e=7	0 0	159ms 159ms	Stylesheet text/html	23.205.240.176 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=3ba4i0jh&e=7 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol H2 Server 23.205.240.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-240-176.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Redirect headers strict-transport-security max-age=31536000 ; includeSubDomains, max-age=31536000 x-content-type-options nosniff timing-allow-origin * p3p CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' server-timing rt;dur=0.019,eagleid;desc=2103255016515000281812539efac7 content-length 10 x-xss-protection 1; mode=block x-application-context arcadia:7001 havana_s_tag 285873024335988\|134217728^\|^^ referrer-policy unsafe-url havana_s_v 4.0.2.6 x-frame-options DENY date Mon, 02 May 2022 14:00:28 GMT havana_s_ip 4547514b654945614e672f73333062315970493d location https://offer.alibaba.com?bm=cps&src=saf&cps_sk=3ba4i0jh&e=7 havana_s_group havana-session content-language en-GB pragma no-cache havana_s_tid 2103255016515000281812539efac7 havana_s_status STATUS_NOT_EXISTED cache-control max-age=0, no-cache, no-store edge-type akamai content-type text/html;charset=UTF-8 eagleid 2103255016515000281812539efac7 havana_s_ucode USEAST:USEAST expires Mon, 02 May 2022 14:00:28 GMT
GET H2	200	/ offer.alibaba.com/ Redirect Chain https://appad.g2afse.com/click?pid=33&offer_id=57725&sub1=NCT_iphone_gb_ofid13311779_pid764_sub1_sub2813_sub3YellowAppSL_nat6_sub4_sub5&sub2=865320764_813&sub7=id1456989345 https://appad.g2afse.com/click?pid=2&offer_id=462812&sub2=33_57725 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=880&sub1=880_2&sub2=880_2_33_57725&sub4=626fe3fbaba8320001d97a3a https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=&sub1=880_2&sub2=880_2_33_57725 https://offer.alibaba.com/cps/rq9rg325?tp1=626fe3fb4627fc00010a2269&pid=880_2&adid= https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=rq9rg325&e=7	0 0	165ms 165ms	Stylesheet text/html	23.205.240.176 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=rq9rg325&e=7 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol H2 Server 23.205.240.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-240-176.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Redirect headers strict-transport-security max-age=31536000 ; includeSubDomains, max-age=31536000 x-content-type-options nosniff timing-allow-origin * p3p CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' server-timing rt;dur=0.019,eagleid;desc=2103030a16515000281843691e44b7 content-length 10 x-xss-protection 1; mode=block x-application-context arcadia:7001 havana_s_tag 285873024335988\|134217728^\|^^ referrer-policy unsafe-url havana_s_v 4.0.2.6 x-frame-options DENY date Mon, 02 May 2022 14:00:28 GMT havana_s_ip 457079564942695553515a73 location https://offer.alibaba.com?bm=cps&src=saf&cps_sk=rq9rg325&e=7 havana_s_group havana-session content-language en-GB pragma no-cache havana_s_tid 2103030a16515000281843691e44b7 havana_s_status STATUS_NOT_EXISTED cache-control max-age=0, no-cache, no-store edge-type akamai content-type text/html;charset=UTF-8 eagleid 2103030a16515000281843691e44b7 havana_s_ucode USEAST:USEAST expires Mon, 02 May 2022 14:00:28 GMT
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	1498ms 1258ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10102&saff=865320764&q= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 02 May 2022 14:00:28 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	1499ms 1259ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10103&saff=865320764&q= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 02 May 2022 14:00:28 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET		redirect direct4.soldbyphonder.com/ Redirect Chain https://kuno-gae.com/com.id1456989345?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=38a27d64-ca20-11ec-928d-12a0ae29e06f	0 0

GET H/1.1	200 OK	disabled.html rvoh5.rdtk.io/ Redirect Chain https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=764&offer_id=12789778&sub1=&sub2=813&sub3=YellowAppSL_nat10&sub4=431176A1-5B56-4FA6-A712-AEFA15F2CCCC&sub5=id1456989345&sub6=865320 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=12789778&sub1=&sub2=&sub3=TbLabq_nat9&sub4=2DA03468-BA4D-43D1-AEA1-959BBE15273B&sub5=id462678375&sub6=865320 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://imagineads.g2afse.com/click?pid=59&offer_id=7683&sub1=NCT_iphone_gb_ofid13074425_pid616_sub1_sub2_sub3TbLabq_nat3_sub4_sub5&sub2=865320616_&sub4=id1439785734&sub5=id1439785734 https://cornerstore.go2affise.com/click?pid=165&offer_id=204766&sub1=&sub2=59&sub3=&sub4=id1439785734 https://rvoh5.rdtk.io/61379ec65617cb0001db8152?sub1=&sub2=59&sub3=&sub4=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Saf... https://rvoh5.rdtk.io/ https://rvoh5.rdtk.io/disabled.html	0 0	39ms 39ms	Stylesheet text/html	85.17.54.17 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://rvoh5.rdtk.io/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Server 85.17.54.17 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Redirect headers Date Mon, 02 May 2022 14:00:28 GMT Server nginx/1.21.3 Location /disabled.html Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 49
GET H/1.1	200 OK	disabled.html track.gowithads.com/ Redirect Chain https://track.gowithads.com/click?pid=141&offer_id=2347440&sub1=NCT_iphone_gb_ofid13300149_pid764_sub1_sub2813_sub3YellowAppSL_nat11_sub4_sub5&sub2=865320764_813&sub4=id1456989345 http://track.gowithads.com/disabled.html	0 0	161ms 100ms	Stylesheet text/html	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://track.gowithads.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Redirect headers date Mon, 02 May 2022 14:00:27 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" location http://track.gowithads.com/disabled.html report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dx1Vcxq%2Fy57iYk5aO%2F8ZVjpjx63RMT1sBLF93j34nMnJjuOTtxwzTYIIFY0ryMKwnvi4JAqu7YaPzxSj%2Bt1sM1aBnDqbalQ%2FpKTXkkr3%2FKFXqg3zejsuK8NAj9hY%2FfYpvO7%2BB9FgjnbL8h3q7Udw8xB"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 705148861ce641d0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H/1.1	200 OK	249647 ila3.co/o/	0 100 B	170ms 58ms	Stylesheet text/html	173.212.201.66 CONTABO
General Check archive.org Show headers Download Go to Full URL https://ila3.co/o/249647?p=17&aff_clickid=NCT_iphone_gb_ofid13227113_pid764_sub1_sub2813_sub3YellowAppSL_nat12_sub4_sub5&sub1=865320764_813&app_name=id1456989345 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 173.212.201.66 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS m10082.contaboserver.net Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 02 May 2022 14:00:27 GMT content-length 0 content-type text/html
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	148ms 45ms	Stylesheet text/plain	5.9.5.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=645755&pub_id=9&pub_click_id=NCT_iphone_gb_ofid13259698_pid764_sub1_sub2813_sub3YellowAppSL_nat13_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1456989345 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:27 GMT content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	147ms 44ms	Stylesheet text/plain	5.9.5.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=810268&pub_id=55&pub_click_id=NCT_iphone_gb_ofid13324320_pid764_sub1_sub2813_sub3YellowAppSL_nat14_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1456989345 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:27 GMT content-length 0
GET		click imagineads.g2afse.com/ Redirect Chain https://imagineads.g2afse.com/click?pid=38&offer_id=7059&sub1=NCT_iphone_gb_ofid13034735_pid764_sub1_sub2813_sub3YellowAppSL_nat15_sub4_sub5&sub2=865320764_813&sub4=id1456989345&sub5=id1456989345 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7059 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987	0 0

GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	146ms 44ms	Stylesheet text/plain	5.9.5.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=827527&pub_id=55&pub_click_id=NCT_iphone_gb_ofid13337665_pid764_sub1_sub2813_sub3YellowAppSL_nat16_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1456989345 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:27 GMT content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	147ms 45ms	Stylesheet text/plain	5.9.5.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=741770&pub_id=10&pub_click_id=NCT_iphone_gb_ofid13285721_pid764_sub1_sub2813_sub3YellowAppSL_nat17_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1456989345 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:27 GMT content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	147ms 45ms	Stylesheet text/plain	5.9.5.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=802872&pub_id=10&pub_click_id=NCT_iphone_gb_ofid13318118_pid764_sub1_sub2813_sub3YellowAppSL_nat18_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1456989345 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:27 GMT content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	146ms 45ms	Stylesheet text/plain	5.9.5.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=815537&pub_id=9&pub_click_id=NCT_iphone_gb_ofid13326670_pid764_sub1_sub2813_sub3YellowAppSL_nat19_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1456989345 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:27 GMT content-length 0
GET H2	403	details play.google.com/store/apps/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=709861&sub1=NCT_iphone_gb_ofid13320467_pid764_sub1_sub2813_sub3YellowAppSL_nat20_sub4_sub5&sub2=865320764_813&sub5=id1456989345 http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=709861&sub3=2 https://rewardsctr.com/t/960197?A1=626fe3fba8055400014fb2e2&A5=1_709861&A4=&A3=2_&A2=2_&pip=217.138.196.102&plang=GB&pua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28... https://click.gowadogo.com/click?offer_id=2009636&aff_id=1289&aff_sub=11ecca2038cb1400aff0c3cd1183e6cb_960197_73649&aff_sub2=2079_1_709861&aff_sub4=&google_aid=2_&ios_ifa=2_ https://play.google.com/store/apps/details?id=com.unocoin.unocoinwallet&hl=en_IN&gl=US	0 0	206ms 92ms	Stylesheet text/html	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/store/apps/details?id=com.unocoin.unocoinwallet&hl=en_IN&gl=US Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol H2 Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Redirect headers location https://play.google.com/store/apps/details?id=com.unocoin.unocoinwallet&hl=en_IN&gl=US date Mon, 02 May 2022 14:00:28 GMT content-length 0 strict-transport-security max-age=15724800; includeSubDomains
GET H2	200	healthCheck fd.allsaintsyrt.club/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=709561&sub1=NCT_iphone_gb_ofid13318998_pid764_sub1_sub2813_sub3YellowAppSL_nat21_sub4_sub5&sub2=865320764_813&sub5=id1456989345 http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=709561&sub3=2 https://rewardsctr.com/t/958390?A1=626fe3fbe439cd000118ee14&A5=1_709561&A4=&A3=2_&A2=2_&pip=217.138.196.102&plang=GB&pua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28... https://fkan.oakmastering.site/?sddtid=hyues&sdpi=13&pdco=5Vj30uDz7&pdos=4054959&pisc1=2079&pssc2=40040_81268&pdumid=2_2_ https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=13&pssc2=0 https://fd.allsaintsyrt.club/healthCheck?pisc1=286	1 B 80 B	116ms 116ms	Stylesheet text/plain	35.244.209.32 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd.allsaintsyrt.club/healthCheck?pisc1=286 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol H2 Server 35.244.209.32 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 32.209.244.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash `6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:28 GMT via 1.1 google server nginx/1.17.9 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 content-type text/plain; charset=utf-8 Redirect headers access-control-allow-origin * date Mon, 02 May 2022 14:00:28 GMT via 1.1 google server nginx/1.17.9 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 location https://fd.allsaintsyrt.club/healthCheck?pisc1=286
GET H2	200	/ uk.zaful.com/ Redirect Chain https://md412.trckswrm.com/click?offer_id=231958&pub_id=10&pub_click_id=NCT_iphone_gb_ofid13251427_pid764_sub1_sub2813_sub3YellowAppSL_nat22_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id... https://appme.trckswrm.com/click?offer_id=12600&pub_id=5&pub_click_id=Ark6YqQAAAGAhRKPjQADilkAAAAsAAAABQ&pub_sub_id=44_10&pub_sub_sub_id=10&app_store_id=&gaid=&idfa=&app=id1456989345 https://greengrass.g2afse.com/click?pid=346&offer_id=771&sub1=Av5SkWIAAAGAhRKQGAAAMTgAAAAFAAAAAA&sub2=5&sub5=&sub6=id1456989345 https://www.zaful.com/?lkid=82490100&cid=626fe3fbb64a9f00014d2848&subid=346_5 https://uk.zaful.com/?admitad_uid=6a40b769c9a05a2b3de31e12cf7d0525&utm_source=admitad&tagtag_uid=6a40b769c9a05a2b3de31e12cf7d0525	0 0	86ms 50ms	Stylesheet text/html	143.204.201.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uk.zaful.com/?admitad_uid=6a40b769c9a05a2b3de31e12cf7d0525&utm_source=admitad&tagtag_uid=6a40b769c9a05a2b3de31e12cf7d0525 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol H2 Server 143.204.201.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-201-74.fra53.r.cloudfront.net Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Redirect headers date Mon, 02 May 2022 07:29:49 GMT via 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront) server CloudFront age 23438 x-cache Hit from cloudfront content-type text/html location https://uk.zaful.com/?admitad_uid=6a40b769c9a05a2b3de31e12cf7d0525&utm_source=admitad&tagtag_uid=6a40b769c9a05a2b3de31e12cf7d0525 x-amz-cf-pop FRA53-C1 content-length 216 x-amz-cf-id FgkPc8F2amslrvGoumxtAa9KDOYSnhvNH7kgozJi39nX77xVNCVvZA==
GET H/1.1	200 OK	disabled.html zildd.g2afse.com/ Redirect Chain https://zildd.g2afse.com/click?pid=35&offer_id=3477379&sub1=NCT_iphone_gb_ofid13329444_pid764_sub1_sub2813_sub3YellowAppSL_nat23_sub4_sub5&sub2=865320764_813&sub3=id1456989345 https://zildd.g2afse.com/click?pid=35&offer_id=3477380 http://zildd.g2afse.com/disabled.html	0 0	66ms 33ms	Stylesheet text/html	213.227.135.213 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://zildd.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Server 213.227.135.213 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Redirect headers location http://zildd.g2afse.com/disabled.html date Mon, 02 May 2022 14:00:27 GMT server nginx access-control-allow-origin * content-length 0
GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://advdgt.trckswrm.com/click?offer_id=288608&pub_id=7&pub_click_id=NCT_iphone_gb_ofid13196283_pid764_sub1_sub2813_sub3YellowAppSL_nat24_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id... https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_865320764&creativeid=POP&category=01&androidid=	0 0	360ms 116ms	Stylesheet text/html	3.220.81.193 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_865320764&creativeid=POP&category=01&androidid= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol H2 Server 3.220.81.193 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-220-81-193.compute-1.amazonaws.com Software / Resource Hash Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:28 GMT content-length 13 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_865320764&creativeid=POP&category=01&androidid= date Mon, 02 May 2022 14:00:27 GMT referrer-policy no-referrer content-length 0
GET H2	200	/ offer.alibaba.com/ Redirect Chain https://appad.g2afse.com/click?pid=33&offer_id=320970&sub1=NCT_iphone_gb_ofid13301781_pid764_sub1_sub2813_sub3YellowAppSL_nat25_sub4_sub5&sub2=865320764_813&sub7=id1456989345 https://appad.g2afse.com/click?pid=2&offer_id=462812&sub2=33_320970 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=880&sub1=880_2&sub2=880_2_33_320970&sub4=626fe3fb38eaed0001d3a603 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=&sub1=880_2&sub2=880_2_33_320970 https://offer.alibaba.com/cps/3ba4i0jh?tp1=626fe3fbe93b660001b682ba&pid=880_2&adid= https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=3ba4i0jh&e=7	0 0	326ms 324ms	Stylesheet text/html	23.205.240.176 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=3ba4i0jh&e=7 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol H2 Server 23.205.240.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-240-176.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Redirect headers strict-transport-security max-age=31536000 ; includeSubDomains, max-age=31536000 x-content-type-options nosniff timing-allow-origin * p3p CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' server-timing rt;dur=0.020,eagleid;desc=210325ca16515000281857178e3dab content-length 10 x-xss-protection 1; mode=block x-application-context arcadia:7001 havana_s_tag 285873024335988\|134217728^\|^^ referrer-policy unsafe-url havana_s_v 4.0.2.6 x-frame-options DENY date Mon, 02 May 2022 14:00:28 GMT havana_s_ip 45707956494269664e55687a7545733d location https://offer.alibaba.com?bm=cps&src=saf&cps_sk=3ba4i0jh&e=7 havana_s_group havana-session content-language en-GB pragma no-cache havana_s_tid 210325ca16515000281857178e3dab havana_s_status STATUS_NOT_EXISTED cache-control max-age=0, no-cache, no-store edge-type akamai content-type text/html;charset=UTF-8 eagleid 210325ca16515000281857178e3dab havana_s_ucode USEAST:USEAST expires Mon, 02 May 2022 14:00:28 GMT
GET		click imagineads.g2afse.com/ Redirect Chain https://imagineads.g2afse.com/click?pid=59&offer_id=7652&sub1=NCT_iphone_gb_ofid13331696_pid764_sub1_sub2813_sub3YellowAppSL_nat26_sub4_sub5&sub2=865320764_813&sub4=id1456989345&sub5=id1456989345 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7652 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987	0 0

GET H2	200	/ offer.alibaba.com/ Redirect Chain https://appad.g2afse.com/click?pid=33&offer_id=450561&sub1=NCT_iphone_gb_ofid13338831_pid764_sub1_sub2813_sub3YellowAppSL_nat27_sub4_sub5&sub2=865320764_813&sub7=id1456989345 https://appad.g2afse.com/click?pid=2&offer_id=462812&sub2=33_450561 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=880&sub1=880_2&sub2=880_2_33_450561&sub4=626fe3fb907a60000125245a https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=&sub1=880_2&sub2=880_2_33_450561 https://offer.alibaba.com/cps/rq9rg325?tp1=626fe3fb5349bc0001552421&pid=880_2&adid= https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=rq9rg325&e=7	0 0	171ms 171ms	Stylesheet text/html	23.205.240.176 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=rq9rg325&e=7 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol H2 Server 23.205.240.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-240-176.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Redirect headers strict-transport-security max-age=31536000 ; includeSubDomains, max-age=31536000 x-content-type-options nosniff timing-allow-origin * p3p CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' server-timing rt;dur=0.020,eagleid;desc=210325ca16515000281836022e3d87 content-length 10 x-xss-protection 1; mode=block x-application-context arcadia:7001 havana_s_tag 285873024335988\|134217728^\|^^ referrer-policy unsafe-url havana_s_v 4.0.2.6 x-frame-options DENY date Mon, 02 May 2022 14:00:28 GMT havana_s_ip 4570795649426962644f754e3078673d location https://offer.alibaba.com?bm=cps&src=saf&cps_sk=rq9rg325&e=7 havana_s_group havana-session content-language en-GB pragma no-cache havana_s_tid 210325ca16515000281836022e3d87 havana_s_status STATUS_NOT_EXISTED cache-control max-age=0, no-cache, no-store edge-type akamai content-type text/html;charset=UTF-8 eagleid 210325ca16515000281836022e3d87 havana_s_ucode USEAST:USEAST expires Mon, 02 May 2022 14:00:28 GMT
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=179150&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_gb_ofid13073934_pid764_sub1_sub2813_sub3YellowAppSL_nat28_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=81... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	87ms 43ms	Stylesheet text/plain	5.9.6.177 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Server 5.9.6.177 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.177.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:27 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Mon, 02 May 2022 14:00:27 GMT referrer-policy no-referrer content-length 0
GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://advdgt.trckswrm.com/click?offer_id=54444&pub_id=7&pub_click_id=NCT_iphone_gb_ofid13301335_pid764_sub1_sub2813_sub3YellowAppSL_nat29_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1... https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_865320764&creativeid=POP&category=01&androidid=	0 0	319ms 117ms	Stylesheet text/html	3.220.81.193 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_865320764&creativeid=POP&category=01&androidid= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol H2 Server 3.220.81.193 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-220-81-193.compute-1.amazonaws.com Software / Resource Hash Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:28 GMT content-length 13 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_865320764&creativeid=POP&category=01&androidid= date Mon, 02 May 2022 14:00:27 GMT referrer-policy no-referrer content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	190ms 44ms	Stylesheet text/plain	5.9.5.213 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=801193&pub_id=55&pub_click_id=NCT_iphone_gb_ofid13314966_pid764_sub1_sub2813_sub3YellowAppSL_nat30_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1456989345 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.5.213 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.5.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:27 GMT content-length 0
GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://nexamob.g2afse.com/click?pid=15&offer_id=254182&sub1=NCT_iphone_gb_ofid13251449_pid764_sub1_sub2813_sub3YellowAppSL_nat31_sub4_sub5&sub2=865320764_813&sub3=id1456989345&sub5=id1456989345 https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01	0 0	461ms 227ms	Stylesheet text/html	3.220.81.193 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol H2 Server 3.220.81.193 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-220-81-193.compute-1.amazonaws.com Software / Resource Hash Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:28 GMT content-length 13 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 date Mon, 02 May 2022 14:00:27 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=209227&pub_id=646&pub_click_id=NCT_iphone_gb_ofid13073217_pid764_sub1_sub2813_sub3YellowAppSL_nat32_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id145... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	87ms 43ms	Stylesheet text/plain	5.9.6.177 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Server 5.9.6.177 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.177.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:27 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Mon, 02 May 2022 14:00:27 GMT referrer-policy no-referrer content-length 0
GET		click imagineads.g2afse.com/ Redirect Chain https://imagineads.g2afse.com/click?pid=59&offer_id=7966&sub1=NCT_iphone_gb_ofid13332359_pid764_sub1_sub2813_sub3YellowAppSL_nat33_sub4_sub5&sub2=865320764_813&sub4=id1456989345&sub5=id1456989345 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=7966 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987	0 0

GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=210926&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_gb_ofid13071087_pid764_sub1_sub2813_sub3YellowAppSL_nat34_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=81... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	86ms 43ms	Stylesheet text/plain	5.9.6.177 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Server 5.9.6.177 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.177.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:27 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Mon, 02 May 2022 14:00:27 GMT referrer-policy no-referrer content-length 0
GET H/1.1	200 OK	click apply.trckswrm.com/	0 75 B	142ms 44ms	Stylesheet text/plain	136.243.5.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apply.trckswrm.com/click?offer_id=63763&pub_id=29&pub_click_id=NCT_iphone_gb_ofid13328589_pid764_sub1_sub2813_sub3YellowAppSL_nat35_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=813&app=id1456989345 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.243.5.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.30.5.243.136.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:27 GMT content-length 0
GET H2	200	/ offer.alibaba.com/ Redirect Chain https://ermoza.g2afse.com/click?pid=31&offer_id=1162&sub1=NCT_iphone_gb_ofid12810774_pid764_sub1_sub2813_sub3YellowAppSL_nat36_sub4_sub5&sub2=865320764_813&sub3=id1456989345 https://ermoza.g2afse.com/click?pid=1&offer_id=2171 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=600&cid=626fe3fbf370690001ae63d5&sid=1_&udid=&name=&info=ExplorAdsSL&blockTime=0 https://appad.g2afse.com/click?pid=33&offer_id=271734&sub1=NCT_iphone_gb_ofid13311856_pid616_sub1626fe3fbf370690001ae63d5_sub21__sub3ExplorAdsSL_nat6_sub4_sub5&sub2=865320616_1_&sub7=id1400134578 https://appad.g2afse.com/click?pid=2&offer_id=462812&sub2=33_271734 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=880&sub1=880_2&sub2=880_2_33_271734&sub4=626fe3fc907a600001252486 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=&sub1=880_2&sub2=880_2_33_271734 https://offer.alibaba.com/cps/3ba4i0jh?tp1=626fe3fc4627fc00010a2274&pid=880_2&adid= https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=3ba4i0jh&e=7	0 0	242ms 242ms	Stylesheet text/html	23.205.240.176 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=3ba4i0jh&e=7 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol H2 Server 23.205.240.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-240-176.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Redirect headers strict-transport-security max-age=31536000 ; includeSubDomains, max-age=31536000 x-content-type-options nosniff timing-allow-origin * p3p CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' server-timing rt;dur=0.020,eagleid;desc=210325ca16515000281902048e3d9a content-length 10 x-xss-protection 1; mode=block x-application-context arcadia:7001 havana_s_tag 285873024335988\|134217728^\|^^ referrer-policy unsafe-url havana_s_v 4.0.2.6 x-frame-options DENY date Mon, 02 May 2022 14:00:28 GMT havana_s_ip 4570795649426963582b6b5967673d3d location https://offer.alibaba.com?bm=cps&src=saf&cps_sk=3ba4i0jh&e=7 havana_s_group havana-session content-language en-GB pragma no-cache havana_s_tid 210325ca16515000281902048e3d9a havana_s_status STATUS_NOT_EXISTED cache-control max-age=0, no-cache, no-store edge-type akamai content-type text/html;charset=UTF-8 eagleid 210325ca16515000281902048e3d9a havana_s_ucode USEAST:USEAST expires Mon, 02 May 2022 14:00:28 GMT
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=208532&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_gb_ofid13069607_pid764_sub1_sub2813_sub3YellowAppSL_nat37_sub4_sub5&pub_sub_id=865320764&pub_sub_sub_id=81... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	86ms 43ms	Stylesheet text/plain	5.9.6.177 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Server 5.9.6.177 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.177.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:27 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Mon, 02 May 2022 14:00:27 GMT referrer-policy no-referrer content-length 0
GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://nexamob.g2afse.com/click?pid=15&offer_id=254175&sub1=NCT_iphone_gb_ofid12918056_pid764_sub1_sub2813_sub3YellowAppSL_nat38_sub4_sub5&sub2=865320764_813&sub3=id1456989345&sub5=id1456989345 https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01	0 0	366ms 115ms	Stylesheet text/html	3.220.81.193 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol H2 Server 3.220.81.193 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-220-81-193.compute-1.amazonaws.com Software / Resource Hash Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:28 GMT content-length 13 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 date Mon, 02 May 2022 14:00:27 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	disabled.html track.gowithads.com/ Redirect Chain https://track.gowithads.com/click?pid=141&offer_id=2347292&sub1=NCT_iphone_gb_ofid13299099_pid764_sub1_sub2813_sub3YellowAppSL_nat39_sub4_sub5&sub2=865320764_813&sub4=id1456989345 http://track.gowithads.com/disabled.html	0 0	178ms 109ms	Stylesheet text/html	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://track.gowithads.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol HTTP/1.1 Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Redirect headers date Mon, 02 May 2022 14:00:27 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" location http://track.gowithads.com/disabled.html report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGhMqH6p8y22TuRwTaRT9fpHDVdya1t5H2SAGVQft7PVVYBDRXz017iiJP0f%2FgMw3uy4%2FxmaWmV8PPLbtnKTWBwKfayFrv4kVIyToa8rhhO%2FZR3qjbdF8cD5QGt77zduDcLjhXcDAZx1MaplHY0Zh7tV"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 705148861cea41d0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://nexamob.g2afse.com/click?pid=15&offer_id=291535&sub1=NCT_iphone_gb_ofid13318552_pid764_sub1_sub2813_sub3YellowAppSL_nat40_sub4_sub5&sub2=865320764_813&sub3=id1456989345&sub5=id1456989345 https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01	0 0	357ms 116ms	Stylesheet text/html	3.220.81.193 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol H2 Server 3.220.81.193 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-220-81-193.compute-1.amazonaws.com Software / Resource Hash Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 14:00:28 GMT content-length 13 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 date Mon, 02 May 2022 14:00:27 GMT server nginx access-control-allow-origin * content-length 0
GET H2	200	/ www.google.com/ Redirect Chain https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D https://www.google.com/	0 0	197ms 102ms	Stylesheet text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=764&cid=&sid=813&udid=&name=&info=YellowAppSL&blockTime=0 Protocol H2 Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Redirect headers date Mon, 02 May 2022 14:00:27 GMT referrer-policy origin cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHbCNWCPU260nWFLpsLOcstvHoPg%2F2tBN7T7jqZjlKZ9FaKJXi8XKnjvyVsKQ%2F7jGJsC1TpOyGnXKPCw7JKvfY%2BS1kw0aXLh5vTGKbG5ZDtNLZudBBfJl1mG%2BrnlrUA%3D"}],"group":"cf-nel","max_age":604800} location https://www.google.com cf-ray 705148859a7c74e9-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: direct4.soldbyphonder.com
URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=38a27d64-ca20-11ec-928d-12a0ae29e06f

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ermoza.g2afse.com/	1970-01-20 11:30:36	Name: afclick Value: 626fe3fbf370690001ae63d5
ermoza.g2afse.com/	1970-01-20 11:30:36	Name: afoffers Value: {"2171":1651500027}
.gowithads.com/	1970-01-20 02:45:01	Name: __cf_bm Value: OB48UaR3PrI4ZaLq4Kh7IU56YDR_DSiW.V._tL8jKnE-1651500027-0-AVYgDst3q1KmlA8rb9LFdsYg2qxnLUZwhEru9pMHs0O0AOgJHgB9unmynCHf1iu8TdgZ9kVGCVhsAEk//AxCnkQ=
greengrass.g2afse.com/	1970-01-20 11:30:36	Name: afclick Value: 626fe3fbb64a9f00014d2848
greengrass.g2afse.com/	1970-01-20 11:30:36	Name: afoffers Value: {"771":1651500027}
appad.g2afse.com/	1970-01-20 11:30:36	Name: afclick Value: 626fe3fc907a600001252486
appad.g2afse.com/	1970-01-20 11:30:36	Name: afoffers Value: {"462812":1651500028}
t.9696.me/	1970-01-20 11:30:36	Name: afclick Value: 626fe3fc4627fc00010a2274
.alibaba.com/	1969-12-31 23:59:59	Name: cookie2 Value: a74b033013bae734cb63ee09c0a44a68
.alibaba.com/	1970-01-23 16:10:57	Name: t Value: 62a3009baa7775c776031ce3f9c3500d
.alibaba.com/	1969-12-31 23:59:59	Name: _tb_token_ Value: e1d5e35533eb5
.trk.suprclicks.com/	1970-01-20 02:46:26	Name: 88f01963-baff-4f9b-a3c1-525c8a3c130d-v4 Value: 2Yqwt_HLBKnwDUSSE5Xj1UbG5XWleiHVYWyWiPnGoy0
.trk.suprclicks.com/	1970-01-20 11:30:36	Name: cc-v4 Value: LmKAipPlnmryM5pTV1n3QSEMx%2FBJztWZGk0nq%2BRuOJ5zkRCLN7urSG9gLKgl4xrLZKt2%2Bsw69yqV%2FrKw%2FWstflrGRdDtWWhykTdEBRBl7MWHiq2zNPZLOAfVqG6bpWOtURpOJwgOn3YfkpsF28mIPA%3D%3D
.google.com/	1970-01-20 07:08:31	Name: NID Value: 511=pg1pkijgPlFanhz0nRaC65EYah1fhWefej5JBdXVi6mXrLHRL12TcPvlNx7WNpLPcAaZYnzLxsShwXaw-cJDQd5ZMYbLK4CI4-864I0KFzhNvvR9Il1kbuGIiEr_3X7_nN4pBV-k-9NWFU_TMuMkz_XB0tCtzsbE-XpP064YOaQ
.skybet.com/	1969-12-31 23:59:59	Name: SSOSESSID Value: rgsm7iaoudluhu2351nmqilve1
www.skybet.com/	1970-01-20 03:28:12	Name: akacd_core_CF_MM_01 Value: 1654092029~rv=3~id=0bfeb4cc03d43de878e54bd213ff7363

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=38a27d64-ca20-11ec-928d-12a0ae29e06f Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_865320764&creativeid=POP&category=01&androidid= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_865320764&creativeid=POP&category=01&androidid= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_865320764&creativeid=POP&category=01&androidid= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://imagineads.g2afse.com/click?pid=59&offer_id=6987&sub1=6987 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://play.google.com/store/apps/details?id=com.unocoin.unocoinwallet&hl=en_IN&gl=US Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-experience.g2afse.com
advdgt.trckswrm.com
appad.g2afse.com
apply.trckswrm.com
appme.trckswrm.com
apts.trckswrm.com
c.allontrk.com
click.gowadogo.com
cornerstore.go2affise.com
cpi-offers.com
direct2.knmasdfsdgs.com
direct4.soldbyphonder.com
ermoza.g2afse.com
fd.allsaintsyrt.club
fkan.oakmastering.site
go2.lkjlkjkljsdflkjsdfklsfjklsd.com
greengrass.g2afse.com
ila3.co
imagineads.g2afse.com
md412.trckswrm.com
nexamob.g2afse.com
offer.alibaba.com
play.google.com
rewardsctr.com
rvoh5.rdtk.io
srv6.feed-apps.com
t.9696.me
track.gowithads.com
trk.ad-serving-ads.com
trk.suprclicks.com
uk.zaful.com
wlskybetpartners.iaofr.com
www.google.com
www.skybet.com
www.zaful.com
zainzuri.com
zildd.g2afse.com
direct4.soldbyphonder.com
imagineads.g2afse.com
104.111.230.174
136.243.5.30
143.204.201.74
173.212.201.66
18.158.88.249
18.195.18.121
185.33.87.146
188.114.96.7
212.7.209.71
213.227.134.220
213.227.135.207
213.227.135.213
213.227.135.235
213.227.156.11
213.227.156.19
23.205.240.176
2606:4700:3031::ac43:b770
2a00:1450:4001:828::2004
2a00:1450:4001:830::200e
2a06:98c1:3121::7
3.220.81.193
35.244.148.94
35.244.209.32
40.127.232.184
40.76.168.171
5.9.5.213
5.9.6.124
5.9.6.177
5.9.6.203
84.110.34.196
85.17.54.17
3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
b9274be4a6f83449c985dd21ec82665a88431a74336896b41e9b8957d48aaf9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cpi-offers.com Open in urlscan Pro 18.195.18.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

43 Requests

26 %HTTPS

13 %IPv6

25 Domains

37 Subdomains

17 IPs

5 Countries

5 kBTransfer

12 kBSize

16 Cookies

0 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

cpi-offers.com Open in urlscan Pro
18.195.18.121 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

26 %
HTTPS

13 %
IPv6

25
Domains

37
Subdomains

17
IPs

5
Countries

5 kB
Transfer

12 kB
Size

16
Cookies

43 HTTP transactions
0 data transactions