cpi-offers.com Open in urlscan Pro
3.120.62.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKT...
Effective URL:
http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKT...
Submission: On March 04 via api (March 4th 2022, 11:31:45 am UTC) from DE — Scanned from DE

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 19 domains to perform 43 HTTP transactions. The main IP is 3.120.62.32, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com. The Cisco Umbrella rank of the primary domain is 31501.

This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 7	3.120.62.32 3.120.62.32	16509 (AMAZON-02) (AMAZON-02)
1 1	157.90.33.241 157.90.33.241	24940 (HETZNER-AS) (HETZNER-AS)
1 2	213.227.134.220 213.227.134.220	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.135.231 213.227.135.231	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4 4	212.7.209.71 212.7.209.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 4	104.92.96.135 104.92.96.135	16625 (AKAMAI-AS) (AKAMAI-AS)
3	185.33.87.146 185.33.87.146	202015 (HZ-US-AS) (HZ-US-AS)
1 2	213.227.135.229 213.227.135.229	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
11 30	5.9.7.122 5.9.7.122	24940 (HETZNER-AS) (HETZNER-AS)
3 5	213.227.134.202 213.227.134.202	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.135.227 213.227.135.227	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	116.202.135.114 116.202.135.114	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3036::ac43:d372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	84.110.34.196 84.110.34.196	8551 (BEZEQ-INT...) (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone)
1	52.222.236.57 52.222.236.57	16509 (AMAZON-02) (AMAZON-02)
1 1	173.212.201.66 173.212.201.66	51167 (CONTABO) (CONTABO)
1	144.91.99.171 144.91.99.171	51167 (CONTABO) (CONTABO)
1 1	213.227.156.13 213.227.156.13	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.156.11 213.227.156.11	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	199.127.206.101 199.127.206.101	26120 (RHYTHMONE) (RHYTHMONE)
1 4	213.227.156.19 213.227.156.19	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.227.135.209 213.227.135.209	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	188.114.96.7 188.114.96.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
43	14

7 3.120.62.32 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-62-32.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.33.241 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.241.33.90.157.clients.your-server.de

md412.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.134.220 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ad.mobcho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.135.231 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

olamob.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.7.209.71 (Netherlands) 4 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

t.9696.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.92.96.135 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-96-135.deploy.static.akamaitechnologies.com

offer.alibaba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.87.146 (Ashburn, United States)

ASN202015 (HZ-US-AS, BG)

direct2.knmasdfsdgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.135.229 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

go2.lkjlkjkljsdflkjsdfklsfjklsd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 5.9.7.122 (Germany) 11 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.122.7.9.5.clients.your-server.de

c.allontrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apts.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apply.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
armr.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.227.134.202 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

zildd.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.135.227 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

brainadv.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.135.114 (Falkenstein, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.114.135.202.116.clients.your-server.de

brainadv.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:d372 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.bidrivo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.110.34.196 (Netanya, Israel) 1 redirects

ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL)
PTR: bzq-84-110-34-196.static-ip.bezeqint.net

trxrc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-57.fra56.r.cloudfront.net

impression.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.212.201.66 (Nuremberg, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: m10082.contaboserver.net

ila3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.91.99.171 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: m12971.contaboserver.net

il32.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.156.13 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

bondika.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.156.11 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ermoza.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.206.101 (United States)

ASN26120 (RHYTHMONE, US)

clk.taptica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.227.156.19 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

apply.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mookomedia.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.135.209 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appalgo.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.7 (Medellín, Colombia) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zainzuri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	allontrk.com 11 redirects c.allontrk.com — Cisco Umbrella Rank: 34171	3 KB
17	g2afse.com 12 redirects olamob.g2afse.com — Cisco Umbrella Rank: 42740 zildd.g2afse.com — Cisco Umbrella Rank: 38848 brainadv.g2afse.com — Cisco Umbrella Rank: 37553 imagineads.g2afse.com — Cisco Umbrella Rank: 55857 Failed bondika.g2afse.com ermoza.g2afse.com — Cisco Umbrella Rank: 64992 apply.g2afse.com — Cisco Umbrella Rank: 71744 mookomedia.g2afse.com — Cisco Umbrella Rank: 58554 appalgo.g2afse.com — Cisco Umbrella Rank: 52188	3 KB
10	trckswrm.com 2 redirects md412.trckswrm.com — Cisco Umbrella Rank: 63184 brainadv.trckswrm.com — Cisco Umbrella Rank: 43939 apts.trckswrm.com — Cisco Umbrella Rank: 31820 apply.trckswrm.com — Cisco Umbrella Rank: 39977 armr.trckswrm.com — Cisco Umbrella Rank: 66019	1 KB
7	cpi-offers.com 4 redirects cpi-offers.com — Cisco Umbrella Rank: 31501	5 KB
4	alibaba.com 2 redirects offer.alibaba.com — Cisco Umbrella Rank: 26559	3 KB
4	9696.me 4 redirects t.9696.me — Cisco Umbrella Rank: 42530	864 B
3	knmasdfsdgs.com direct2.knmasdfsdgs.com — Cisco Umbrella Rank: 50935	414 B
2	lkjlkjkljsdflkjsdfklsfjklsd.com 1 redirects go2.lkjlkjkljsdflkjsdfklsfjklsd.com — Cisco Umbrella Rank: 46018	115 B
2	mobcho.com 1 redirects ad.mobcho.com — Cisco Umbrella Rank: 82467	97 B
1	google.com www.google.com — Cisco Umbrella Rank: 2
1	zainzuri.com 1 redirects zainzuri.com — Cisco Umbrella Rank: 56237	514 B
1	taptica.com clk.taptica.com — Cisco Umbrella Rank: 73437
1	il32.co il32.co — Cisco Umbrella Rank: 56111
1	ila3.co 1 redirects ila3.co — Cisco Umbrella Rank: 38422	296 B
1	appsflyer.com impression.appsflyer.com — Cisco Umbrella Rank: 1711	310 B
1	trxrc.com 1 redirects trxrc.com — Cisco Umbrella Rank: 58810	520 B
1	bidrivo.com trk.bidrivo.com — Cisco Umbrella Rank: 125882	597 B
0	mapuravity.com Failed 3swhcc7.mapuravity.com Failed
0	soldbyphonder.com Failed direct4.soldbyphonder.com Failed
43	19

	Domain	Requested by
22	c.allontrk.com	11 redirects cpi-offers.com
7	cpi-offers.com	4 redirects cpi-offers.com
5	apts.trckswrm.com	cpi-offers.com
5	zildd.g2afse.com	3 redirects cpi-offers.com
4	offer.alibaba.com	2 redirects cpi-offers.com
4	t.9696.me	4 redirects
3	apply.g2afse.com	cpi-offers.com
3	direct2.knmasdfsdgs.com	cpi-offers.com
2	ermoza.g2afse.com	2 redirects
2	apply.trckswrm.com	cpi-offers.com
2	brainadv.g2afse.com	2 redirects
2	go2.lkjlkjkljsdflkjsdfklsfjklsd.com	1 redirects cpi-offers.com
2	olamob.g2afse.com	2 redirects
2	ad.mobcho.com	1 redirects cpi-offers.com
1	www.google.com	cpi-offers.com
1	zainzuri.com	1 redirects
1	appalgo.g2afse.com	1 redirects
1	mookomedia.g2afse.com	1 redirects
1	clk.taptica.com	cpi-offers.com
1	armr.trckswrm.com	cpi-offers.com
1	bondika.g2afse.com	1 redirects
1	il32.co	cpi-offers.com
1	ila3.co	1 redirects
1	impression.appsflyer.com	cpi-offers.com
1	trxrc.com	1 redirects
1	trk.bidrivo.com	cpi-offers.com
1	brainadv.trckswrm.com	1 redirects
1	md412.trckswrm.com	1 redirects
0	3swhcc7.mapuravity.com Failed	cpi-offers.com
0	imagineads.g2afse.com Failed	cpi-offers.com
0	direct4.soldbyphonder.com Failed	cpi-offers.com
43	31

This site contains no links.

Subject Issuer	Validity	Valid
cpi-offers.com Amazon	`2021-10-26` - `2022-11-23`	a year	crt.sh
*.knmasdfsdgs.com Go Daddy Secure Certificate Authority - G2	`2021-07-14` - `2022-08-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
apts.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2022-02-15` - `2022-05-16`	3 months	crt.sh
apply.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2022-02-15` - `2022-05-16`	3 months	crt.sh
*.taptica.com Go Daddy Secure Certificate Authority - G2	`2020-08-16` - `2022-08-22`	2 years	crt.sh
*.go2affise.com Go Daddy Secure Certificate Authority - G2	`2021-10-09` - `2022-11-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Frame ID: 5889BE2A034E3223CA5DE625EDE50F73
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

43
Requests

26 %
HTTPS

8 %
IPv6

19
Domains

31
Subdomains

14
IPs

5
Countries

7 kB
Transfer

13 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://md412.trckswrm.com/click?offer_id=234051&pub_id=10&pub_click_id=NCT_iphone_de_ofid13230989_pidundefined_sub1,_sub2,_sub3,_nat2_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id352509417 HTTP 302
https://ad.mobcho.com/click?pid=252&offer_id=33&sub2=Ak_15vcAAAF_VLMigAADSVkAAAAsAAAABQ&sub3=44_10&sub1=&sub4=&sub5=id352509417 HTTP 302
http://ad.mobcho.com/disabled.html

Request Chain 3

https://olamob.g2afse.com/click?pid=101&offer_id=1049187&sub1=NCT_iphone_de_ofid13237519_pidundefined_sub1,_sub2,_sub3,_nat3_sub4_sub5&sub2=522690undefined_,&sub4=id352509417&sub8={sub8}|{offer_id},4850undefined HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=101&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://olamob.g2afse.com/click?pid=101&offer_id=1049187&sub1=NCT_iphone_de_ofid13237519_pid616_sub1_sub2101_sub3OlaMobSL_nat3_sub4_sub5&sub2=522690616_101&sub4=id1489425493&sub8=%7Bsub8%7D%7C%7Boffer_id%7D,4850616 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=101&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_de_ofid10910945_pid616_sub1_sub2101_sub3OlaMobSL_nat2_sub4_sub5&sub1=729_4850616&sub2=729_4850616_101&sub3=id1052744467&sub7=id1052744467 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1052744467&sub1=729_4850616&sub2=729_4850616_101 HTTP 302
https://offer.alibaba.com/cps/3ba4i0jh?tp1=6221f89c46b24700019dee24&pid=729_4850616&adid= HTTP 302
http://offer.alibaba.com/product/w404 HTTP 307
https://offer.alibaba.com/product/w404

Request Chain 6

https://kuno-gae.com/com.id352509417?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd HTTP 302
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=a913baa0-9bae-11ec-9c41-0a1eee875ba7

Request Chain 7

https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=12789778&sub1=,&sub2=,&sub3=,_nat7&sub4=A0BB6459-C770-410E-AFC9-196618A4A5B1&sub5=id352509417&sub6=522690 HTTP 302
http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html

Request Chain 8

https://c.allontrk.com/click?offer_id=209238&pub_id=646&pub_click_id=NCT_iphone_de_ofid13073281_pidundefined_sub1,_sub2,_sub3,_nat8_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id352509417 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 9

https://zildd.g2afse.com/click?pid=35&offer_id=3312509&sub1=NCT_iphone_de_ofid13220501_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&sub2=522690undefined_,&sub3=id352509417&sub4=A0BB6459-C770-410E-AFC9-196618A4A5B1 HTTP 302
http://zildd.g2afse.com/disabled.html

Request Chain 10

https://c.allontrk.com/click?offer_id=210617&pub_id=646&pub_click_id=NCT_iphone_de_ofid13072958_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id352509417 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 11

https://brainadv.g2afse.com/click?pid=3&offer_id=694762&sub3=NCT_iphone_de_ofid13187393_pidundefined_sub1,_sub2,_sub3,_nat11_sub4_sub5&sub1=522690undefined_,&sub2=id352509417&sub4=A0BB6459-C770-410E-AFC9-196618A4A5B1&sub5=A0BB6459-C770-410E-AFC9-196618A4A5B1 HTTP 302
https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=522690undefined_,&idfa=A0BB6459-C770-410E-AFC9-196618A4A5B1&gaid=A0BB6459-C770-410E-AFC9-196618A4A5B1&app=id352509417 HTTP 302
http://brainadv.g2afse.com/sl?id=60e2066c8bff280d95069af4&pid=17&sub1=25.25&sub3=AvL_JPkAAAF_VLMiygAAAAAAAAAZAAAABQ&sub2=id352509417&sub4=A0BB6459-C770-410E-AFC9-196618A4A5B1&sub5=A0BB6459-C770-410E-AFC9-196618A4A5B1&sub8=9gJf7FfkwDoFuRa1X9i__28 HTTP 302
https://apts.trckswrm.com/click?offer_id=217396&pub_id=42&pub_click_id=6221f89c70fc81000118b8dd&pub_sub_id=17&pub_sub_sub_id=25.25&idfa=A0BB6459-C770-410E-AFC9-196618A4A5B1&gaid=A0BB6459-C770-410E-AFC9-196618A4A5B1&app=id352509417&ext_offer_id=685166&ext_pub_id=17

Request Chain 14

https://trxrc.com/t/951595?A1=NCT_iphone_de_ofid13258665_pidundefined_sub1,_sub2,_sub3,_nat14_sub4_sub5&A5=522690undefined_, HTTP 302
https://impression.appsflyer.com/id1230088754?af_prt=cygobelmedia&pid=goplaym_int&af_siteid=1681_522690undefined_%2C_951595_71792_Sparkasse%20Ihre%20mobile%20Filiale&c=IOS_DE&aff_id=38360&aff_type=cellxpert&af_viewthrough_lookback=1d&clickid=11ec9baea910112082b7ab5667846153_951595_71792&idfa=&advertising_id=&poid=951595_71792

Request Chain 16

https://t.9696.me/click?pid=868&offer_id=119486&sub4=NCT_iphone_de_ofid13254460_pidundefined_sub1,_sub2,_sub3,_nat16_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id352509417 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id352509417&sub1=868_4850undefined&sub2=868_4850undefined_, HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=6221f89c0088e60001b97a00&pid=868_4850undefined&adid= HTTP 302
http://offer.alibaba.com/product/w404 HTTP 307
https://offer.alibaba.com/product/w404

Request Chain 17

https://zildd.g2afse.com/click?pid=35&offer_id=3307478&sub1=NCT_iphone_de_ofid12900132_pidundefined_sub1,_sub2,_sub3,_nat17_sub4_sub5&sub2=522690undefined_,&sub3=id352509417 HTTP 302
https://ila3.co/o/213838?p=3&aff_clickid=6221f89caf8fd10001f98764&sub2=522690undefined_,&sub1=35_522690undefined_,&app_name=id352509417&idfa=&gaid= HTTP 302
https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_35_522690undefined_%2C&target=

Request Chain 18

https://imagineads.g2afse.com/click?pid=38&offer_id=7074&sub1=NCT_iphone_de_ofid13034747_pidundefined_sub1,_sub2,_sub3,_nat18_sub4_sub5&sub2=522690undefined_,&sub4=id352509417&sub5=id352509417 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7074 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987

Request Chain 19

https://bondika.g2afse.com/click?pid=2&offer_id=52206&sub1=522690undefined&sub2=,&sub3=NCT_iphone_de_ofid13227858_pidundefined_sub1,_sub2,_sub3,_nat19_sub4_sub5&sub5=id352509417&sub8={sub8}|{offer_id},4850undefined HTTP 302
https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=148&pub_click_id=&pub_sub_id=2&pub_sub_sub_id=522690undefined

Request Chain 20

https://ermoza.g2afse.com/click?pid=31&offer_id=16020&sub1=NCT_iphone_de_ofid13258154_pidundefined_sub1,_sub2,_sub3,_nat20_sub4_sub5&sub2=522690undefined_,&sub3=id352509417 HTTP 302
https://ermoza.g2afse.com/click?pid=1&offer_id=2171 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=600&cid=6221f89c4377cb000145e565&sid=1_&udid=&name=&info=ExplorAdsSL&blockTime=0 HTTP 302
https://c.allontrk.com/click?offer_id=209238&pub_id=646&pub_click_id=NCT_iphone_de_ofid13073281_pid616_sub16221f89c4377cb000145e565_sub21__sub3ExplorAdsSL_nat8_sub4_sub5&pub_sub_id=522690616&pub_sub_sub_id=1_&app=id1119322983 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 21

https://c.allontrk.com/click?offer_id=210926&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071087_pidundefined_sub1,_sub2,_sub3,_nat21_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id352509417 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 23

https://zildd.g2afse.com/click?pid=35&offer_id=3413183&sub1=NCT_iphone_de_ofid13232585_pidundefined_sub1,_sub2,_sub3,_nat23_sub4_sub5&sub2=522690undefined_,&sub3=id352509417 HTTP 302
http://zildd.g2afse.com/disabled.html

Request Chain 24

https://c.allontrk.com/click?offer_id=210931&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071147_pidundefined_sub1,_sub2,_sub3,_nat24_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id352509417 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 28

https://adsperfection.go2affise.com/click?pid=691&offer_id=543855&ref_id=NCT_iphone_de_ofid13237891_pidundefined_sub1,_sub2,_sub3,_nat28_sub4_sub5&sub1=522690undefined_,&sub3=id352509417&sub5=id352509417 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0 HTTP 302
https://kuno-gae.com/com.id1487212912?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd HTTP 302
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=a913baa1-9bae-11ec-ad9c-127c59b1dcf3

Request Chain 29

https://c.allontrk.com/click?offer_id=210125&pub_id=646&pub_click_id=NCT_iphone_de_ofid13072016_pidundefined_sub1,_sub2,_sub3,_nat29_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id352509417 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 33

https://c.allontrk.com/click?offer_id=209494&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070231_pidundefined_sub1,_sub2,_sub3,_nat33_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id352509417 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 34

https://mookomedia.g2afse.com/click?pid=42&offer_id=203536&sub1=NCT_iphone_de_ofid11753492_pidundefined_sub1,_sub2,_sub3,_nat34_sub4_sub5&sub4=522690undefined_,&sub5=id352509417 HTTP 302
https://appalgo.g2afse.com/click?pid=304&offer_id=88496&sub1=6221f89c0bd2da00017134b9&sub2=42_522690undefined_,&sub3=&sub4=&sub5=id352509417 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0 HTTP 302
https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=522690616&q=

Request Chain 36

https://c.allontrk.com/click?offer_id=210602&pub_id=646&pub_click_id=NCT_iphone_de_ofid13072934_pidundefined_sub1,_sub2,_sub3,_nat36_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id352509417 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 37

https://c.allontrk.com/click?offer_id=145897&pub_id=646&pub_click_id=NCT_iphone_de_ofid13073579_pidundefined_sub1,_sub2,_sub3,_nat37_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&gaid=A0BB6459-C770-410E-AFC9-196618A4A5B1&idfa=A0BB6459-C770-410E-AFC9-196618A4A5B1&app=id352509417 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 38

https://c.allontrk.com/click?offer_id=210025&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070470_pidundefined_sub1,_sub2,_sub3,_nat38_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id352509417 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 39

https://mookomedia.g2afse.com/click?pid=42&offer_id=257674&sub1=NCT_iphone_de_ofid12644446_pidundefined_sub1,_sub2,_sub3,_nat39_sub4_sub5&sub4=522690undefined_,&sub5=id352509417 HTTP 302
https://3swhcc7.mapuravity.com/3swhcc7?p=42_522690undefined_,&sid=6221f89c69a29c000121eefd&android_id=&android_a_id=&idfa=&app_id=id352509417&param1=

Request Chain 40

https://c.allontrk.com/click?offer_id=206814&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070674_pidundefined_sub1,_sub2,_sub3,_nat40_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id352509417 HTTP 302
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 41

https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
https://www.google.com/

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request FANTASTIC.HTML Show response
cpi-offers.com/ 10 KB
2 KB 36ms
16ms Document
text/html 3.120.62.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 3.120.62.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-62-32.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: 275d3c8a8ad68fead16f110c539dd66b55ce64976bd45a730d81ea74066a0087

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 04 Mar 2022 11:31:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.14.1
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"273a-rw/AV3OahQ2BS5aCn3EBN+NHwMg"
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK main.js Show response
cpi-offers.com/jsf/ 3 KB
1 KB 10ms
9ms Script
application/javascript 3.120.62.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cpi-offers.com/jsf/main.js
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 3.120.62.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-62-32.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: 3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 11:31:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 21 Feb 2022 07:31:56 GMT
Server: nginx/1.14.1
X-Powered-By: Express
Etag: "290985-2720-1645428716000"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Connection: keep-alive

GET
H2 200 aflinkref
cpi-offers.com/ 2 B
222 B 26ms
8ms Stylesheet
text/plain 3.120.62.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cpi-offers.com/aflinkref?prefix=https%3A//app.adjust.com/d4qsr6r%3F&deeplink=com.tipp24.app%3A%2F%2Fopen_native_view%3Fname%3Dhome%26partnerId%3D1COAUAPHDR&idfa=A0BB6459-C770-410E-AFC9-196618A4A5B1&adgroup=522690undefined&creative=,&tracker_limit=10000000&event_callback_1vh3pr=http%3A%2F%2Fpostbacks.eu-central-1.elasticbeanstalk.com%2F1.php%3Fsum%3D25%26clickid%3DNCT_iphone_de_ofid7315478_pidundefined_sub1,_sub2,_sub3,_nat1_sub4_sub5&redis=24
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.62.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-62-32.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-encoding: gzip
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: nginx/1.14.1
x-powered-by: Express
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *

GET
H/1.1

200
OK

disabled.html
ad.mobcho.com/
Redirect Chain

https://md412.trckswrm.com/click?offer_id=234051&pub_id=10&pub_click_id=NCT_iphone_de_ofid13230989_pidundefined_sub1,_sub2,_sub3,_nat2_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id35...
https://ad.mobcho.com/click?pid=252&offer_id=33&sub2=Ak_15vcAAAF_VLMigAADSVkAAAAsAAAABQ&sub3=44_10&sub1=&sub4=&sub5=id352509417
http://ad.mobcho.com/disabled.html

0
0

26ms
13ms

Stylesheet
text/html

213.227.134.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.mobcho.com/disabled.html
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 213.227.134.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: http://ad.mobcho.com/disabled.html
date: Fri, 04 Mar 2022 11:31:40 GMT
server: nginx
access-control-allow-origin: *
content-length: 0

GET
H2

200

w404
offer.alibaba.com/product/
Redirect Chain

https://olamob.g2afse.com/click?pid=101&offer_id=1049187&sub1=NCT_iphone_de_ofid13237519_pidundefined_sub1,_sub2,_sub3,_nat3_sub4_sub5&sub2=522690undefined_,&sub4=id352509417&sub8={sub8}|{offer_id}...
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=101&udid=&name=&info=OlaMobSL&blockTime=0
https://olamob.g2afse.com/click?pid=101&offer_id=1049187&sub1=NCT_iphone_de_ofid13237519_pid616_sub1_sub2101_sub3OlaMobSL_nat3_sub4_sub5&sub2=522690616_101&sub4=id1489425493&sub8=%7Bsub8%7D%7C%7Bof...
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=101&udid=&name=&info=OlaMobSL&blockTime=0
https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_de_ofid10910945_pid616_sub1_sub2101_sub3OlaMobSL_nat2_sub4_sub5&sub1=729_4850616&sub2=729_4850616_101&sub3=id1052744467&sub7=id105274...
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1052744467&sub1=729_4850616&sub2=729_4850616_101
https://offer.alibaba.com/cps/3ba4i0jh?tp1=6221f89c46b24700019dee24&pid=729_4850616&adid=
http://offer.alibaba.com/product/w404
https://offer.alibaba.com/product/w404

0
0

114ms
113ms

Stylesheet
text/html

104.92.96.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.alibaba.com/product/w404
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: H2
Server: 104.92.96.135 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-96-135.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Location: https://offer.alibaba.com/product/w404
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 204
No Content redirect
direct2.knmasdfsdgs.com/ 0
138 B 371ms
160ms Stylesheet
text/html 185.33.87.146
HZ-US-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=522690undefined&q=
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 11:31:39 GMT
Server: nginx
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 204
No Content redirect
direct2.knmasdfsdgs.com/ 0
138 B 597ms
386ms Stylesheet
text/html 185.33.87.146
HZ-US-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=522690undefined&q=
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 11:31:40 GMT
Server: nginx
Connection: close
Content-Type: text/html; charset=utf-8

GET

redirect
direct4.soldbyphonder.com/
Redirect Chain

https://kuno-gae.com/com.id352509417?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=a913baa0-9bae-11ec-9c41-0a1eee875ba7

0
0

GET
H/1.1

200
OK

disabled.html
go2.lkjlkjkljsdflkjsdfklsfjklsd.com/
Redirect Chain

https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=12789778&sub1=,&sub2=,&sub3=,_nat7&sub4=A0BB6459-C770-410E-AFC9-196618A4A5B1&sub5=id352509417&sub6=522690
http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html

0
0

24ms
12ms

Stylesheet
text/html

213.227.135.229
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html
date: Fri, 04 Mar 2022 11:31:40 GMT
server: nginx
access-control-allow-origin: *
content-length: 0

GET
H/1.1

200
OK

recommendation
c.allontrk.com/
Redirect Chain

https://c.allontrk.com/click?offer_id=209238&pub_id=646&pub_click_id=NCT_iphone_de_ofid13073281_pidundefined_sub1,_sub2,_sub3,_nat8_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id35250...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
75 B

23ms
11ms

Stylesheet
text/plain

5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

Redirect headers

location: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
date: Fri, 04 Mar 2022 11:31:40 GMT
referrer-policy: no-referrer
content-length: 0

GET
H/1.1

200
OK

disabled.html
zildd.g2afse.com/
Redirect Chain

https://zildd.g2afse.com/click?pid=35&offer_id=3312509&sub1=NCT_iphone_de_ofid13220501_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&sub2=522690undefined_,&sub3=id352509417&sub4=A0BB6459-C770-410E-...
http://zildd.g2afse.com/disabled.html

0
0

25ms
13ms

Stylesheet
text/html

213.227.134.202
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://zildd.g2afse.com/disabled.html
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 213.227.134.202 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: http://zildd.g2afse.com/disabled.html
date: Fri, 04 Mar 2022 11:31:40 GMT
server: nginx
access-control-allow-origin: *
content-length: 0

GET
H/1.1

200
OK

recommendation
c.allontrk.com/
Redirect Chain

https://c.allontrk.com/click?offer_id=210617&pub_id=646&pub_click_id=NCT_iphone_de_ofid13072958_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id3525...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
75 B

23ms
12ms

Stylesheet
text/plain

5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

Redirect headers

location: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
date: Fri, 04 Mar 2022 11:31:40 GMT
referrer-policy: no-referrer
content-length: 0

GET
H/1.1

200
OK

click
apts.trckswrm.com/
Redirect Chain

https://brainadv.g2afse.com/click?pid=3&offer_id=694762&sub3=NCT_iphone_de_ofid13187393_pidundefined_sub1,_sub2,_sub3,_nat11_sub4_sub5&sub1=522690undefined_,&sub2=id352509417&sub4=A0BB6459-C770-410...
https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=522690undefined_,&idfa=A0BB6459-C770-410E-AFC9-196618A4A5B1&gaid=A0BB6459-C770-410E-AF...
http://brainadv.g2afse.com/sl?id=60e2066c8bff280d95069af4&pid=17&sub1=25.25&sub3=AvL_JPkAAAF_VLMiygAAAAAAAAAZAAAABQ&sub2=id352509417&sub4=A0BB6459-C770-410E-AFC9-196618A4A5B1&sub5=A0BB6459-C770-410...
https://apts.trckswrm.com/click?offer_id=217396&pub_id=42&pub_click_id=6221f89c70fc81000118b8dd&pub_sub_id=17&pub_sub_sub_id=25.25&idfa=A0BB6459-C770-410E-AFC9-196618A4A5B1&gaid=A0BB6459-C770-410E-...

0
75 B

26ms
26ms

Stylesheet
text/plain

5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=217396&pub_id=42&pub_click_id=6221f89c70fc81000118b8dd&pub_sub_id=17&pub_sub_sub_id=25.25&idfa=A0BB6459-C770-410E-AFC9-196618A4A5B1&gaid=A0BB6459-C770-410E-AFC9-196618A4A5B1&app=id352509417&ext_offer_id=685166&ext_pub_id=17
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

Redirect headers

Location: https://apts.trckswrm.com/click?offer_id=217396&pub_id=42&pub_click_id=6221f89c70fc81000118b8dd&pub_sub_id=17&pub_sub_sub_id=25.25&idfa=A0BB6459-C770-410E-AFC9-196618A4A5B1&gaid=A0BB6459-C770-410E-AFC9-196618A4A5B1&app=id352509417&ext_offer_id=685166&ext_pub_id=17
Date: Fri, 04 Mar 2022 11:31:40 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H2 200 click
trk.bidrivo.com/ 22 B
597 B 91ms
42ms Stylesheet
text/plain 2606:4700:3036::ac43:d372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.bidrivo.com/click?campaign_id=447387&pub_id=75&p1=NCT_iphone_de_ofid13247234_pidundefined_sub1,_sub2,_sub3,_nat12_sub4_sub5&source=522690undefined_,&app_name=id352509417&idfa=A0BB6459-C770-410E-AFC9-196618A4A5B1&gaid=A0BB6459-C770-410E-AFC9-196618A4A5B1
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-err: CSS_REQUEST
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Fri, 04 Mar 2022 11:31:40 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vfyafarRAWw5V3VvmSkXuWENy4rHhTnDo8b%2FShW%2FSi34cqCyQ%2BW89qFarjJYeq%2F%2BdvaZv%2B1vbEesN68IiN%2BXV2L47KJa4vW6ArhPQypO9lOukoMXH628tZCb5EnkgHHHKkKnhDR%2BwCk%2BpZqLPU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6e6a4970d85d920d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22
x-rt: 0

GET
H/1.1 200
OK click
apts.trckswrm.com/ 0
75 B 63ms
12ms Stylesheet
text/plain 5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=736493&pub_id=10&pub_click_id=NCT_iphone_de_ofid13257119_pidundefined_sub1,_sub2,_sub3,_nat13_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id352509417
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

GET
H2

200

id1230088754
impression.appsflyer.com/
Redirect Chain

https://trxrc.com/t/951595?A1=NCT_iphone_de_ofid13258665_pidundefined_sub1,_sub2,_sub3,_nat14_sub4_sub5&A5=522690undefined_,
https://impression.appsflyer.com/id1230088754?af_prt=cygobelmedia&pid=goplaym_int&af_siteid=1681_522690undefined_%2C_951595_71792_Sparkasse%20Ihre%20mobile%20Filiale&c=IOS_DE&aff_id=38360&aff_type=...

2 B
310 B

65ms
33ms

Stylesheet
text/html

52.222.236.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://impression.appsflyer.com/id1230088754?af_prt=cygobelmedia&pid=goplaym_int&af_siteid=1681_522690undefined_%2C_951595_71792_Sparkasse%20Ihre%20mobile%20Filiale&c=IOS_DE&aff_id=38360&aff_type=cellxpert&af_viewthrough_lookback=1d&clickid=11ec9baea910112082b7ab5667846153_951595_71792&idfa=&advertising_id=&poid=951595_71792

Requested by

Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0

Protocol

Server

52.222.236.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-57.fra56.r.cloudfront.net

Software

http-kit /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
server: http-kit
x-amz-cf-pop: FRA56-P4
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
cache-control: no-cache
content-length: 2
x-amz-cf-id: GpF5gfH9Qb3F8e2BG0Q29a0ctI7nFfFzIprXuQUq0br9atjwyfsHWQ==

Redirect headers

Location: https://impression.appsflyer.com/id1230088754?af_prt=cygobelmedia&pid=goplaym_int&af_siteid=1681_522690undefined_%2C_951595_71792_Sparkasse%20Ihre%20mobile%20Filiale&c=IOS_DE&aff_id=38360&aff_type=cellxpert&af_viewthrough_lookback=1d&clickid=11ec9baea910112082b7ab5667846153_951595_71792&idfa=&advertising_id=&poid=951595_71792
Date: Fri, 04 Mar 2022 11:31:40 GMT
Content-Length: 1351
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK click
apply.trckswrm.com/ 0
75 B 67ms
12ms Stylesheet
text/plain 5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apply.trckswrm.com/click?offer_id=43510&pub_id=29&pub_click_id=NCT_iphone_de_ofid13240749_pidundefined_sub1,_sub2,_sub3,_nat15_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id352509417
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

GET
H2

200

w404
offer.alibaba.com/product/
Redirect Chain

https://t.9696.me/click?pid=868&offer_id=119486&sub4=NCT_iphone_de_ofid13254460_pidundefined_sub1,_sub2,_sub3,_nat16_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id352509417
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id352509417&sub1=868_4850undefined&sub2=868_4850undefined_,
https://offer.alibaba.com/cps/rq9rg325?tp1=6221f89c0088e60001b97a00&pid=868_4850undefined&adid=
http://offer.alibaba.com/product/w404
https://offer.alibaba.com/product/w404

0
0

111ms
110ms

Stylesheet
text/html

104.92.96.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.alibaba.com/product/w404
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: H2
Server: 104.92.96.135 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-96-135.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Location: https://offer.alibaba.com/product/w404
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1

404
Not Found

ps
il32.co/
Redirect Chain

https://zildd.g2afse.com/click?pid=35&offer_id=3307478&sub1=NCT_iphone_de_ofid12900132_pidundefined_sub1,_sub2,_sub3,_nat17_sub4_sub5&sub2=522690undefined_,&sub3=id352509417
https://ila3.co/o/213838?p=3&aff_clickid=6221f89caf8fd10001f98764&sub2=522690undefined_,&sub1=35_522690undefined_,&app_name=id352509417&idfa=&gaid=
https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_35_522690undefined_%2C&target=

0
0

58ms
12ms

Stylesheet
text/html

144.91.99.171
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_35_522690undefined_%2C&target=
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 144.91.99.171 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m12971.contaboserver.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Location: https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_35_522690undefined_%2C&target=
Pragma: no-cache
Date: Fri, 04 Mar 2022 11:31:40 GMT
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Content-Length: 0
Content-Type: text/html; charset=utf-8

GET

click
imagineads.g2afse.com/
Redirect Chain

https://imagineads.g2afse.com/click?pid=38&offer_id=7074&sub1=NCT_iphone_de_ofid13034747_pidundefined_sub1,_sub2,_sub3,_nat18_sub4_sub5&sub2=522690undefined_,&sub4=id352509417&sub5=id352509417
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7074
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987
https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987

0
0

GET
H/1.1

200
OK

recommendation
armr.trckswrm.com/
Redirect Chain

https://bondika.g2afse.com/click?pid=2&offer_id=52206&sub1=522690undefined&sub2=,&sub3=NCT_iphone_de_ofid13227858_pidundefined_sub1,_sub2,_sub3,_nat19_sub4_sub5&sub5=id352509417&sub8={sub8}|{offer_...
https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=148&pub_click_id=&pub_sub_id=2&pub_sub_sub_id=522690undefined

209 B
286 B

67ms
13ms

Stylesheet
text/html

5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=148&pub_click_id=&pub_sub_id=2&pub_sub_sub_id=522690undefined
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: 12d49f080f21aa97a7767f7b7dcf0322774f04ab4a38c8285577f47960b7378a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 209

Redirect headers

location: https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=148&pub_click_id=&pub_sub_id=2&pub_sub_sub_id=522690undefined
date: Fri, 04 Mar 2022 11:31:40 GMT
server: nginx
access-control-allow-origin: *
content-length: 0

GET
H/1.1

200
OK

recommendation
c.allontrk.com/
Redirect Chain

https://ermoza.g2afse.com/click?pid=31&offer_id=16020&sub1=NCT_iphone_de_ofid13258154_pidundefined_sub1,_sub2,_sub3,_nat20_sub4_sub5&sub2=522690undefined_,&sub3=id352509417
https://ermoza.g2afse.com/click?pid=1&offer_id=2171
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=600&cid=6221f89c4377cb000145e565&sid=1_&udid=&name=&info=ExplorAdsSL&blockTime=0
https://c.allontrk.com/click?offer_id=209238&pub_id=646&pub_click_id=NCT_iphone_de_ofid13073281_pid616_sub16221f89c4377cb000145e565_sub21__sub3ExplorAdsSL_nat8_sub4_sub5&pub_sub_id=522690616&pub_su...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
75 B

12ms
12ms

Stylesheet
text/plain

5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

Redirect headers

location: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
date: Fri, 04 Mar 2022 11:31:40 GMT
referrer-policy: no-referrer
content-length: 0

GET
H/1.1

200
OK

recommendation
c.allontrk.com/
Redirect Chain

https://c.allontrk.com/click?offer_id=210926&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071087_pidundefined_sub1,_sub2,_sub3,_nat21_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
75 B

22ms
11ms

Stylesheet
text/plain

5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

Redirect headers

location: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
date: Fri, 04 Mar 2022 11:31:40 GMT
referrer-policy: no-referrer
content-length: 0

GET
H2 200 aff_c
clk.taptica.com/ 0
0 316ms
101ms Stylesheet
text/html 199.127.206.101
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.taptica.com/aff_c?ver=bulk&tt_ls=b&offer_id=36672647&tt_appid=1478406784&aff_id=2236156&tt_bannerid=&tt_aff_clickid=NCT_iphone_de_ofid13218321_pidundefined_sub1,_sub2,_sub3,_nat22_sub4_sub5&tt_idfa=A0BB6459-C770-410E-AFC9-196618A4A5B1&tt_advertising_id=A0BB6459-C770-410E-AFC9-196618A4A5B1&tt_sub_aff=522690undefined_,&tt_app_name=id352509417
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.127.206.101 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

disabled.html
zildd.g2afse.com/
Redirect Chain

https://zildd.g2afse.com/click?pid=35&offer_id=3413183&sub1=NCT_iphone_de_ofid13232585_pidundefined_sub1,_sub2,_sub3,_nat23_sub4_sub5&sub2=522690undefined_,&sub3=id352509417
http://zildd.g2afse.com/disabled.html

0
0

25ms
13ms

Stylesheet
text/html

213.227.134.202
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://zildd.g2afse.com/disabled.html
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 213.227.134.202 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: http://zildd.g2afse.com/disabled.html
date: Fri, 04 Mar 2022 11:31:40 GMT
server: nginx
access-control-allow-origin: *
content-length: 0

GET
H/1.1

200
OK

recommendation
c.allontrk.com/
Redirect Chain

https://c.allontrk.com/click?offer_id=210931&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071147_pidundefined_sub1,_sub2,_sub3,_nat24_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
75 B

23ms
12ms

Stylesheet
text/plain

5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

Redirect headers

location: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
date: Fri, 04 Mar 2022 11:31:40 GMT
referrer-policy: no-referrer
content-length: 0

GET
H2 404 click
apply.g2afse.com/ 0
0 56ms
13ms Stylesheet
text/html 213.227.156.19
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://apply.g2afse.com/click?pid=3&offer_id=74786&sub1=NCT_iphone_de_ofid11111745_pidundefined_sub1,_sub2,_sub3,_nat25_sub4_sub5&sub4=id352509417&sub2=522690undefined_,
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.156.19 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 404 click
apply.g2afse.com/ 0
0 57ms
14ms Stylesheet
text/html 213.227.156.19
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://apply.g2afse.com/click?pid=3&offer_id=261654&sub1=NCT_iphone_de_ofid11570424_pidundefined_sub1,_sub2,_sub3,_nat26_sub4_sub5&sub4=id352509417&sub2=522690undefined_,
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.156.19 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK click
apply.trckswrm.com/ 0
75 B 65ms
12ms Stylesheet
text/plain 5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apply.trckswrm.com/click?offer_id=44016&pub_id=29&pub_click_id=NCT_iphone_de_ofid13243219_pidundefined_sub1,_sub2,_sub3,_nat27_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id352509417
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

GET

redirect
direct4.soldbyphonder.com/
Redirect Chain

https://adsperfection.go2affise.com/click?pid=691&offer_id=543855&ref_id=NCT_iphone_de_ofid13237891_pidundefined_sub1,_sub2,_sub3,_nat28_sub4_sub5&sub1=522690undefined_,&sub3=id352509417&sub5=id352...
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
https://kuno-gae.com/com.id1487212912?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=a913baa1-9bae-11ec-ad9c-127c59b1dcf3

0
0

GET
H/1.1

200
OK

recommendation
c.allontrk.com/
Redirect Chain

https://c.allontrk.com/click?offer_id=210125&pub_id=646&pub_click_id=NCT_iphone_de_ofid13072016_pidundefined_sub1,_sub2,_sub3,_nat29_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id3525...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
75 B

23ms
12ms

Stylesheet
text/plain

5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

Redirect headers

location: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
date: Fri, 04 Mar 2022 11:31:40 GMT
referrer-policy: no-referrer
content-length: 0

GET
H2 404 click
apply.g2afse.com/ 0
0 56ms
14ms Stylesheet
text/html 213.227.156.19
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://apply.g2afse.com/click?pid=3&offer_id=14305&sub1=NCT_iphone_de_ofid11821305_pidundefined_sub1,_sub2,_sub3,_nat30_sub4_sub5&sub4=id352509417&sub2=522690undefined_,
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.156.19 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK click
apts.trckswrm.com/ 0
75 B 59ms
11ms Stylesheet
text/plain 5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=731537&pub_id=55&pub_click_id=NCT_iphone_de_ofid13250032_pidundefined_sub1,_sub2,_sub3,_nat31_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id352509417
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

GET
H/1.1 200
OK click
apts.trckswrm.com/ 0
75 B 61ms
13ms Stylesheet
text/plain 5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=692179&pub_id=9&pub_click_id=NCT_iphone_de_ofid13258369_pidundefined_sub1,_sub2,_sub3,_nat32_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id352509417
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

GET
H/1.1

200
OK

recommendation
c.allontrk.com/
Redirect Chain

https://c.allontrk.com/click?offer_id=209494&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070231_pidundefined_sub1,_sub2,_sub3,_nat33_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id3525...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
75 B

23ms
11ms

Stylesheet
text/plain

5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

Redirect headers

location: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
date: Fri, 04 Mar 2022 11:31:40 GMT
referrer-policy: no-referrer
content-length: 0

GET
H/1.1

204
No Content

redirect
direct2.knmasdfsdgs.com/
Redirect Chain

https://mookomedia.g2afse.com/click?pid=42&offer_id=203536&sub1=NCT_iphone_de_ofid11753492_pidundefined_sub1,_sub2,_sub3,_nat34_sub4_sub5&sub4=522690undefined_,&sub5=id352509417
https://appalgo.g2afse.com/click?pid=304&offer_id=88496&sub1=6221f89c0bd2da00017134b9&sub2=42_522690undefined_,&sub3=&sub4=&sub5=id352509417
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0
https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=522690616&q=

0
138 B

443ms
249ms

Stylesheet
text/html

185.33.87.146
HZ-US-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=522690616&q=
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 11:31:40 GMT
Server: nginx
Connection: close
Content-Type: text/html; charset=utf-8

Redirect headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-encoding: gzip
server: nginx/1.14.1
location: https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=522690616&q=
x-powered-by: Express
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *

GET
H/1.1 200
OK click
apts.trckswrm.com/ 0
75 B 59ms
11ms Stylesheet
text/plain 5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=689945&pub_id=55&pub_click_id=NCT_iphone_de_ofid13256398_pidundefined_sub1,_sub2,_sub3,_nat35_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id352509417
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

GET
H/1.1

200
OK

recommendation
c.allontrk.com/
Redirect Chain

https://c.allontrk.com/click?offer_id=210602&pub_id=646&pub_click_id=NCT_iphone_de_ofid13072934_pidundefined_sub1,_sub2,_sub3,_nat36_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id3525...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
75 B

26ms
11ms

Stylesheet
text/plain

5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

Redirect headers

location: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
date: Fri, 04 Mar 2022 11:31:40 GMT
referrer-policy: no-referrer
content-length: 0

GET
H/1.1

200
OK

recommendation
c.allontrk.com/
Redirect Chain

https://c.allontrk.com/click?offer_id=145897&pub_id=646&pub_click_id=NCT_iphone_de_ofid13073579_pidundefined_sub1,_sub2,_sub3,_nat37_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&gaid=A0BB6...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
75 B

23ms
11ms

Stylesheet
text/plain

5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

Redirect headers

location: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
date: Fri, 04 Mar 2022 11:31:40 GMT
referrer-policy: no-referrer
content-length: 0

GET
H/1.1

200
OK

recommendation
c.allontrk.com/
Redirect Chain

https://c.allontrk.com/click?offer_id=210025&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070470_pidundefined_sub1,_sub2,_sub3,_nat38_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
75 B

23ms
11ms

Stylesheet
text/plain

5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

Redirect headers

location: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
date: Fri, 04 Mar 2022 11:31:40 GMT
referrer-policy: no-referrer
content-length: 0

GET

3swhcc7
3swhcc7.mapuravity.com/
Redirect Chain

https://mookomedia.g2afse.com/click?pid=42&offer_id=257674&sub1=NCT_iphone_de_ofid12644446_pidundefined_sub1,_sub2,_sub3,_nat39_sub4_sub5&sub4=522690undefined_,&sub5=id352509417
https://3swhcc7.mapuravity.com/3swhcc7?p=42_522690undefined_,&sid=6221f89c69a29c000121eefd&android_id=&android_a_id=&idfa=&app_id=id352509417&param1=

0
0

GET
H/1.1

200
OK

recommendation
c.allontrk.com/
Redirect Chain

https://c.allontrk.com/click?offer_id=206814&pub_id=646&pub_click_id=NCT_iphone_de_ofid13070674_pidundefined_sub1,_sub2,_sub3,_nat40_sub4_sub5&pub_sub_id=522690undefined&pub_sub_sub_id=,&app=id3525...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
75 B

23ms
11ms

Stylesheet
text/plain

5.9.7.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: HTTP/1.1
Server: 5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.122.7.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 11:31:40 GMT
content-length: 0

Redirect headers

location: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725
date: Fri, 04 Mar 2022 11:31:40 GMT
referrer-policy: no-referrer
content-length: 0

GET
H2

200

/
www.google.com/
Redirect Chain

https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D
https://www.google.com/

0
0

130ms
104ms

Stylesheet
text/html

2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/
Requested by: Host: cpi-offers.com
URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=326&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0
Protocol: H2
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Fri, 04 Mar 2022 11:31:40 GMT
referrer-policy: origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESt9S3kN%2FKunGwea7JoMmsZ7qsqCejWfMB8a4gHHzIfoBEXuMT84UPaaMnnkVxUaoMfOjNFv%2BtA5rbXJgprlwpQQUTzsUooKonP4V81rMd8FA4z7hJaIpN2oaYxcarI%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.google.com
cf-ray: 6e6a4970be35927f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: direct4.soldbyphonder.com
URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=a913baa0-9bae-11ec-9c41-0a1eee875ba7

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987

Domain: direct4.soldbyphonder.com
URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=a913baa1-9bae-11ec-ad9c-127c59b1dcf3

Domain: 3swhcc7.mapuravity.com
URL: https://3swhcc7.mapuravity.com/3swhcc7?p=42_522690undefined_,&sid=6221f89c69a29c000121eefd&android_id=&android_a_id=&idfa=&app_id=id352509417&param1=

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ermoza.g2afse.com/	1970-01-20 10:05:29	Name: afclick Value: 6221f89c4377cb000145e565
ermoza.g2afse.com/	1970-01-20 10:05:29	Name: afoffers Value: {"2171":1646393500}
zildd.g2afse.com/	1970-01-20 10:05:29	Name: afclick Value: 6221f89caf8fd10001f98764
zildd.g2afse.com/	1970-01-20 10:05:29	Name: afoffers Value: {"3307478":1646393500}
mookomedia.g2afse.com/	1970-01-20 10:05:29	Name: afclick Value: 6221f89c69a29c000121eefd
mookomedia.g2afse.com/	1970-01-20 10:05:29	Name: afoffers Value: {"257674":1646393500}
t.9696.me/	1970-01-20 10:05:29	Name: afclick Value: 6221f89c46b24700019dee24
.alibaba.com/	1969-12-31 23:59:59	Name: cookie2 Value: a8251894d7cb7eb39d991da386ecd5aa
.alibaba.com/	1970-01-23 14:45:51	Name: t Value: b52e5cfb2ad1118109256a1a6db42340
.alibaba.com/	1969-12-31 23:59:59	Name: _tb_token_ Value: 38d07d905f378

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=74786&sub1=NCT_iphone_de_ofid11111745_pidundefined_sub1,_sub2,_sub3,_nat25_sub4_sub5&sub4=id352509417&sub2=522690undefined_, Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=261654&sub1=NCT_iphone_de_ofid11570424_pidundefined_sub1,_sub2,_sub3,_nat26_sub4_sub5&sub4=id352509417&sub2=522690undefined_, Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://apply.g2afse.com/click?pid=3&offer_id=14305&sub1=NCT_iphone_de_ofid11821305_pidundefined_sub1,_sub2,_sub3,_nat30_sub4_sub5&sub4=id352509417&sub2=522690undefined_, Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3swhcc7.mapuravity.com/3swhcc7?p=42_522690undefined_,&sid=6221f89c69a29c000121eefd&android_id=&android_a_id=&idfa=&app_id=id352509417&param1= Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=3_35_522690undefined_%2C&target= Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=a913baa1-9bae-11ec-ad9c-127c59b1dcf3 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=a913baa0-9bae-11ec-9c41-0a1eee875ba7 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=6987 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3swhcc7.mapuravity.com
ad.mobcho.com
appalgo.g2afse.com
apply.g2afse.com
apply.trckswrm.com
apts.trckswrm.com
armr.trckswrm.com
bondika.g2afse.com
brainadv.g2afse.com
brainadv.trckswrm.com
c.allontrk.com
clk.taptica.com
cpi-offers.com
direct2.knmasdfsdgs.com
direct4.soldbyphonder.com
ermoza.g2afse.com
go2.lkjlkjkljsdflkjsdfklsfjklsd.com
il32.co
ila3.co
imagineads.g2afse.com
impression.appsflyer.com
md412.trckswrm.com
mookomedia.g2afse.com
offer.alibaba.com
olamob.g2afse.com
t.9696.me
trk.bidrivo.com
trxrc.com
www.google.com
zainzuri.com
zildd.g2afse.com
3swhcc7.mapuravity.com
direct4.soldbyphonder.com
imagineads.g2afse.com
104.92.96.135
116.202.135.114
144.91.99.171
157.90.33.241
173.212.201.66
185.33.87.146
188.114.96.7
199.127.206.101
212.7.209.71
213.227.134.202
213.227.134.220
213.227.135.209
213.227.135.227
213.227.135.229
213.227.135.231
213.227.156.11
213.227.156.13
213.227.156.19
2606:4700:3036::ac43:d372
2a00:1450:4001:831::2004
3.120.62.32
5.9.7.122
52.222.236.57
84.110.34.196
12d49f080f21aa97a7767f7b7dcf0322774f04ab4a38c8285577f47960b7378a
1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
275d3c8a8ad68fead16f110c539dd66b55ce64976bd45a730d81ea74066a0087
3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cpi-offers.com Open in urlscan Pro 3.120.62.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

43 Requests

26 %HTTPS

8 %IPv6

19 Domains

31 Subdomains

14 IPs

5 Countries

7 kBTransfer

13 kBSize

10 Cookies

0 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

cpi-offers.com Open in urlscan Pro
3.120.62.32 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

26 %
HTTPS

8 %
IPv6

19
Domains

31
Subdomains

14
IPs

5
Countries

7 kB
Transfer

13 kB
Size

10
Cookies

43 HTTP transactions
0 data transactions