cpi-offers.com Open in urlscan Pro
18.198.194.239 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://cpi-offers.com/fantastic.html
Submission: On September 15 via manual (September 15th 2022, 2:02:22 pm UTC) from ES — Scanned from ES

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 10 domains to perform 13 HTTP transactions. The main IP is 18.198.194.239, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com. The Cisco Umbrella rank of the primary domain is 139349.

This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	18.198.194.239 18.198.194.239	16509 (AMAZON-02) (AMAZON-02)
2 4	34.90.92.78 34.90.92.78	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	136.243.5.43 136.243.5.43	24940 (HETZNER-AS) (HETZNER-AS)
2	52.2.78.12 52.2.78.12	14618 (AMAZON-AES) (AMAZON-AES)
9 9	34.91.234.242 34.91.234.242	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5 5	35.204.70.16 35.204.70.16	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a02:26f0:6c0... 2a02:26f0:6c00:2a3::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1 1	5.9.5.202 5.9.5.202	24940 (HETZNER-AS) (HETZNER-AS)
1 1	35.204.226.246 35.204.226.246	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	99.86.4.41 99.86.4.41	16509 (AMAZON-02) (AMAZON-02)
1	188.114.96.12 188.114.96.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	7

2 18.198.194.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-194-239.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.90.92.78 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.92.90.34.bc.googleusercontent.com

go2.lkjlkjkljsdflkjsdfklsfjklsd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.5.43 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.43.5.243.136.clients.your-server.de

trck.appzoftheday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.78.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-78-12.compute-1.amazonaws.com

trk.ad-serving-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.91.234.242 (Groningen, Netherlands) 9 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.234.91.34.bc.googleusercontent.com

ad-experience.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.204.70.16 (Groningen, Netherlands) 5 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 16.70.204.35.bc.googleusercontent.com

olamob.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:2a3::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

apps.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.9.5.202 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.202.5.9.5.clients.your-server.de

apnp.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.226.246 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.226.204.35.bc.googleusercontent.com

greengrass.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-41.fra6.r.cloudfront.net

www.dresslily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.12 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

zainzuri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	g2afse.com 15 redirects ad-experience.g2afse.com — Cisco Umbrella Rank: 187100 olamob.g2afse.com — Cisco Umbrella Rank: 142562 greengrass.g2afse.com — Cisco Umbrella Rank: 244983	3 KB
4	apple.com apps.apple.com — Cisco Umbrella Rank: 534
4	lkjlkjkljsdflkjsdfklsfjklsd.com 2 redirects go2.lkjlkjkljsdflkjsdfklsfjklsd.com — Cisco Umbrella Rank: 296427	229 B
2	ad-serving-ads.com trk.ad-serving-ads.com — Cisco Umbrella Rank: 118800
2	appzoftheday.com 2 redirects trck.appzoftheday.com — Cisco Umbrella Rank: 69926	466 B
2	cpi-offers.com cpi-offers.com — Cisco Umbrella Rank: 139349	3 KB
1	zainzuri.com zainzuri.com — Cisco Umbrella Rank: 76433
1	dresslily.com www.dresslily.com — Cisco Umbrella Rank: 353476
1	trckswrm.com 1 redirects apnp.trckswrm.com — Cisco Umbrella Rank: 208113	264 B
1	google.com play.google.com — Cisco Umbrella Rank: 24
13	10

	Domain	Requested by
9	ad-experience.g2afse.com	9 redirects
5	olamob.g2afse.com	5 redirects
4	apps.apple.com	cpi-offers.com
4	go2.lkjlkjkljsdflkjsdfklsfjklsd.com	2 redirects cpi-offers.com
2	trk.ad-serving-ads.com	cpi-offers.com
2	trck.appzoftheday.com	2 redirects
2	cpi-offers.com	cpi-offers.com
1	zainzuri.com	cpi-offers.com
1	www.dresslily.com	cpi-offers.com
1	greengrass.g2afse.com	1 redirects
1	apnp.trckswrm.com	1 redirects
1	play.google.com	cpi-offers.com
13	12

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-29` - `2023-07-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://cpi-offers.com/fantastic.html
Frame ID: 3521BA81907FBD69E5F88995C308858B
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

13
Requests

8 %
HTTPS

17 %
IPv6

10
Domains

12
Subdomains

7
IPs

3
Countries

3 kB
Transfer

5 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=13315895&sub1=,&sub2=,&sub3=,_nat1&sub4=6ED5E37E-3E39-4E43-BD83-BE0464FDBC89&sub5=id1423046460&sub6=673660 HTTP 302
http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html

Request Chain 2

https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=12789778&sub1=,&sub2=,&sub3=,_nat2&sub4=6ED5E37E-3E39-4E43-BD83-BE0464FDBC89&sub5=id1423046460&sub6=673660 HTTP 302
http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html

Request Chain 3

https://trck.appzoftheday.com/click?offer_id=347477&pub_id=7&pub_click_id=NCT_iphone_es_ofid13408400_pidundefined_sub1,_sub2,_sub3,_nat3_sub4_sub5&pub_sub_id=673660undefined&pub_sub_sub_id=,&app=id1423046460 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_673660undefined&creativeid=POP&category=01&androidid=

Request Chain 4

https://ad-experience.g2afse.com/click?pid=2&offer_id=783359&sub1=NCT_iphone_es_ofid13406397_pidundefined_sub1,_sub2,_sub3,_nat4_sub4_sub5&sub2=673660undefined_,&sub5=id1423046460 HTTP 302
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=783359&sub3=2 HTTP 302
https://olamob.g2afse.com/click?pid=38&offer_id=1198400&sub1=6323306863d3c4000137bf3a&sub2=1_783359&sub3=2&sub4=&sub8=|688858,1 HTTP 302
https://apps.apple.com/ph/app/gcash/id520020791

Request Chain 5

https://ad-experience.g2afse.com/click?pid=2&offer_id=781417&sub1=NCT_iphone_es_ofid13406337_pidundefined_sub1,_sub2,_sub3,_nat5_sub4_sub5&sub2=673660undefined_,&sub3=6ED5E37E-3E39-4E43-BD83-BE0464FDBC89&sub4=6ED5E37E-3E39-4E43-BD83-BE0464FDBC89&sub5=id1423046460 HTTP 302
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=781417&sub3=2 HTTP 302
https://olamob.g2afse.com/click?pid=38&offer_id=1266619&sub1=63233068f960b50001491f00&sub2=1_781417&sub3=2&sub4=&sub8=|700012,1 HTTP 302
https://play.google.com/store/apps/details?id=com.android.pokersaint-Android

Request Chain 6

https://ad-experience.g2afse.com/click?pid=2&offer_id=767523&sub1=NCT_iphone_es_ofid13409199_pidundefined_sub1,_sub2,_sub3,_nat6_sub4_sub5&sub2=673660undefined_,&sub5=id1423046460 HTTP 302
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=767523&sub3=2 HTTP 302
https://olamob.g2afse.com/click?pid=38&offer_id=1198400&sub1=63233068d694190001a02f26&sub2=1_767523&sub3=2&sub4=&sub8=|688858,1 HTTP 302
https://apps.apple.com/ph/app/gcash/id520020791

Request Chain 7

https://apnp.trckswrm.com/click?offer_id=153286&pub_id=7&pub_id=7&pub_click_id=NCT_iphone_es_ofid13408019_pidundefined_sub1,_sub2,_sub3,_nat7_sub4_sub5&pub_sub_id=673660undefined&pub_sub_sub_id=,&app=id1423046460 HTTP 302
https://greengrass.g2afse.com/click?pid=551&offer_id=769&sub1=BOUvocEAAAGDQXUZ0AABmsYAAAAKAAAABAAAAAAG&sub2=10_7&sub6=id1423046460&sub5=&sub3=10 HTTP 302
https://www.dresslily.com/?lkid=82490121&cid=632330694c6bb3000138d37c&subid=551_10_7

Request Chain 8

https://ad-experience.g2afse.com/click?pid=2&offer_id=774817&sub1=NCT_iphone_es_ofid13394182_pidundefined_sub1,_sub2,_sub3,_nat8_sub4_sub5&sub2=673660undefined_,&sub5=id1423046460 HTTP 302
https://olamob.g2afse.com/click?pid=38&offer_id=1642254&sub1=63233068a79b1e000199691c&sub2=2_673660undefined_,&sub3=&sub4=id1423046460&sub8=|774817,2 HTTP 302
https://apps.apple.com/us/app/id1462032423

Request Chain 9

https://trck.appzoftheday.com/click?offer_id=331050&pub_id=7&pub_click_id=NCT_iphone_es_ofid13385308_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&pub_sub_id=673660undefined&pub_sub_sub_id=,&app=id1423046460 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_673660undefined&creativeid=POP&category=01&androidid=

Request Chain 10

https://ad-experience.g2afse.com/click?pid=2&offer_id=785719&sub1=NCT_iphone_es_ofid13410042_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&sub2=673660undefined_,&sub3=6ED5E37E-3E39-4E43-BD83-BE0464FDBC89&sub4=6ED5E37E-3E39-4E43-BD83-BE0464FDBC89&sub5=id1423046460 HTTP 302
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=785719&sub3=2 HTTP 302
https://olamob.g2afse.com/click?pid=38&offer_id=1411825&sub1=63233069f960b50001491f19&sub2=1_785719&sub3=2&sub4=&sub8=|722182,1 HTTP 302
https://apps.apple.com/app/id1234494259?mt=8

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request fantastic.html Show response cpi-offers.com/	3 KB 1 KB	153ms 62ms	Document text/html	18.198.194.239 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 18.198.194.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-198-194-239.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `f4aa5205acdcc5d21a54643016aa6c4206972eeb9f3ef2b2cab5c503504cbd21` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers Access-Control-Allow-Origin * Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Thu, 15 Sep 2022 14:02:16 GMT ETag W/"b47-Zldeu+rtoLsfhAIxCzX1L5Kzj/g" Server nginx/1.14.1 Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By Express
GET H/1.1	200 OK	main.js Show response cpi-offers.com/jsf/	3 KB 1 KB	60ms 60ms	Script application/javascript	18.198.194.239 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cpi-offers.com/jsf/main.js Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 18.198.194.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-198-194-239.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1` Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Thu, 15 Sep 2022 14:02:16 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Sun, 29 May 2022 08:26:20 GMT Server nginx/1.14.1 X-Powered-By Express Etag "159195-2720-1653812780000" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin * cache-control max-age=3600 Connection keep-alive
GET H/1.1	200 OK	disabled.html go2.lkjlkjkljsdflkjsdfklsfjklsd.com/ Redirect Chain https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=13315895&sub1=,&sub2=,&sub3=,_nat1&sub4=6ED5E37E-3E39-4E43-BD83-BE0464FDBC89&sub5=id1423046460&sub6=673660 http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html	0 0	130ms 65ms	Stylesheet text/html	34.90.92.78 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 34.90.92.78 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 78.92.90.34.bc.googleusercontent.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Redirect headers location http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html date Thu, 15 Sep 2022 14:02:18 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	disabled.html go2.lkjlkjkljsdflkjsdfklsfjklsd.com/ Redirect Chain https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=12789778&sub1=,&sub2=,&sub3=,_nat2&sub4=6ED5E37E-3E39-4E43-BD83-BE0464FDBC89&sub5=id1423046460&sub6=673660 http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html	0 0	133ms 64ms	Stylesheet text/html	34.90.92.78 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Server 34.90.92.78 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 78.92.90.34.bc.googleusercontent.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Redirect headers location http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html date Thu, 15 Sep 2022 14:02:16 GMT server nginx access-control-allow-origin * content-length 0
GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://trck.appzoftheday.com/click?offer_id=347477&pub_id=7&pub_click_id=NCT_iphone_es_ofid13408400_pidundefined_sub1,_sub2,_sub3,_nat3_sub4_sub5&pub_sub_id=673660undefined&pub_sub_sub_id=,&app=id... https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_673660undefined&creativeid=POP&category=01&androidid=	0 0	439ms 128ms	Stylesheet text/html	52.2.78.12 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_673660undefined&creativeid=POP&category=01&androidid= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 52.2.78.12 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-2-78-12.compute-1.amazonaws.com Software / Resource Hash Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 14:02:17 GMT content-length 13 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_673660undefined&creativeid=POP&category=01&androidid= date Thu, 15 Sep 2022 14:02:16 GMT referrer-policy no-referrer content-length 0
GET H2	200	id520020791 apps.apple.com/ph/app/gcash/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=783359&sub1=NCT_iphone_es_ofid13406397_pidundefined_sub1,_sub2,_sub3,_nat4_sub4_sub5&sub2=673660undefined_,&sub5=id1423046460 http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=783359&sub3=2 https://olamob.g2afse.com/click?pid=38&offer_id=1198400&sub1=6323306863d3c4000137bf3a&sub2=1_783359&sub3=2&sub4=&sub8=\|688858,1 https://apps.apple.com/ph/app/gcash/id520020791	0 0	336ms 76ms	Stylesheet text/html	2a02:26f0:6c00:2a3::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/ph/app/gcash/id520020791 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 2a02:26f0:6c00:2a3::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Redirect headers location https://apps.apple.com/ph/app/gcash/id520020791 date Thu, 15 Sep 2022 14:02:17 GMT server nginx access-control-allow-origin * content-length 0
GET H2	403	details play.google.com/store/apps/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=781417&sub1=NCT_iphone_es_ofid13406337_pidundefined_sub1,_sub2,_sub3,_nat5_sub4_sub5&sub2=673660undefined_,&sub3=6ED5E37E-3E39-4E43-BD83-BE0464... http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=781417&sub3=2 https://olamob.g2afse.com/click?pid=38&offer_id=1266619&sub1=63233068f960b50001491f00&sub2=1_781417&sub3=2&sub4=&sub8=\|700012,1 https://play.google.com/store/apps/details?id=com.android.pokersaint-Android	0 0	238ms 93ms	Stylesheet text/html	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/store/apps/details?id=com.android.pokersaint-Android Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Redirect headers location https://play.google.com/store/apps/details?id=com.android.pokersaint-Android date Thu, 15 Sep 2022 14:02:17 GMT server nginx access-control-allow-origin * content-length 0
GET H2	200	id520020791 apps.apple.com/ph/app/gcash/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=767523&sub1=NCT_iphone_es_ofid13409199_pidundefined_sub1,_sub2,_sub3,_nat6_sub4_sub5&sub2=673660undefined_,&sub5=id1423046460 http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=767523&sub3=2 https://olamob.g2afse.com/click?pid=38&offer_id=1198400&sub1=63233068d694190001a02f26&sub2=1_767523&sub3=2&sub4=&sub8=\|688858,1 https://apps.apple.com/ph/app/gcash/id520020791	0 0	398ms 138ms	Stylesheet text/html	2a02:26f0:6c00:2a3::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/ph/app/gcash/id520020791 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 2a02:26f0:6c00:2a3::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Redirect headers location https://apps.apple.com/ph/app/gcash/id520020791 date Thu, 15 Sep 2022 14:02:17 GMT server nginx access-control-allow-origin * content-length 0
GET H2	200	/ www.dresslily.com/ Redirect Chain https://apnp.trckswrm.com/click?offer_id=153286&pub_id=7&pub_id=7&pub_click_id=NCT_iphone_es_ofid13408019_pidundefined_sub1,_sub2,_sub3,_nat7_sub4_sub5&pub_sub_id=673660undefined&pub_sub_sub_id=,&a... https://greengrass.g2afse.com/click?pid=551&offer_id=769&sub1=BOUvocEAAAGDQXUZ0AABmsYAAAAKAAAABAAAAAAG&sub2=10_7&sub6=id1423046460&sub5=&sub3=10 https://www.dresslily.com/?lkid=82490121&cid=632330694c6bb3000138d37c&subid=551_10_7	0 0	299ms 66ms	Stylesheet text/html	99.86.4.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.dresslily.com/?lkid=82490121&cid=632330694c6bb3000138d37c&subid=551_10_7 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 99.86.4.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-41.fra6.r.cloudfront.net Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Redirect headers location https://www.dresslily.com/?lkid=82490121&cid=632330694c6bb3000138d37c&subid=551_10_7 date Thu, 15 Sep 2022 14:02:17 GMT server nginx access-control-allow-origin * content-length 0
GET H2	200	id1462032423 apps.apple.com/us/app/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=774817&sub1=NCT_iphone_es_ofid13394182_pidundefined_sub1,_sub2,_sub3,_nat8_sub4_sub5&sub2=673660undefined_,&sub5=id1423046460 https://olamob.g2afse.com/click?pid=38&offer_id=1642254&sub1=63233068a79b1e000199691c&sub2=2_673660undefined_,&sub3=&sub4=id1423046460&sub8=\|774817,2 https://apps.apple.com/us/app/id1462032423	0 0	916ms 656ms	Stylesheet text/html	2a02:26f0:6c00:2a3::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/us/app/id1462032423 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 2a02:26f0:6c00:2a3::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Redirect headers location https://apps.apple.com/us/app/id1462032423 date Thu, 15 Sep 2022 14:02:17 GMT server nginx access-control-allow-origin * content-length 0
GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://trck.appzoftheday.com/click?offer_id=331050&pub_id=7&pub_click_id=NCT_iphone_es_ofid13385308_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&pub_sub_id=673660undefined&pub_sub_sub_id=,&app=id... https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_673660undefined&creativeid=POP&category=01&androidid=	0 0	439ms 129ms	Stylesheet text/html	52.2.78.12 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_673660undefined&creativeid=POP&category=01&androidid= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 52.2.78.12 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-2-78-12.compute-1.amazonaws.com Software / Resource Hash Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 14:02:17 GMT content-length 13 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_673660undefined&creativeid=POP&category=01&androidid= date Thu, 15 Sep 2022 14:02:16 GMT referrer-policy no-referrer content-length 0
GET H2	200	id1234494259 apps.apple.com/app/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=785719&sub1=NCT_iphone_es_ofid13410042_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&sub2=673660undefined_,&sub3=6ED5E37E-3E39-4E43-BD83-BE046... http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=785719&sub3=2 https://olamob.g2afse.com/click?pid=38&offer_id=1411825&sub1=63233069f960b50001491f19&sub2=1_785719&sub3=2&sub4=&sub8=\|722182,1 https://apps.apple.com/app/id1234494259?mt=8	0 0	428ms 206ms	Stylesheet text/html	2a02:26f0:6c00:2a3::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/app/id1234494259?mt=8 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Server 2a02:26f0:6c00:2a3::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Redirect headers location https://apps.apple.com/app/id1234494259?mt=8 date Thu, 15 Sep 2022 14:02:17 GMT server nginx access-control-allow-origin * content-length 0
GET H2	404	married zainzuri.com/sage/	0 0	244ms 107ms	Stylesheet text/html	188.114.96.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D Requested by Host: cpi-offers.com URL: http://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language es-ES,es;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 14:02:16 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKfwq0F3%2BbYkpsPn7HhAS67%2Fg5CXGOEM6B4myRf7ucZ8XyRT7ABaewq%2BGCtJFNwFjp87AzcoIR92g%2F5snW%2FELeSTW6GSoTOn8jKNkkQMUEz%2FC088rHsiqyisG2HHd0Q%3D"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=utf-8 cache-control no-store, no-cache cf-ray 74b1e62f0a0006a6-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ad-experience.g2afse.com/	1970-01-20 14:46:26	Name: afclick Value: 63233068a79b1e000199691c
ad-experience.g2afse.com/	1970-01-20 14:46:26	Name: afoffers Value: {"774817":1663250536}
greengrass.g2afse.com/	1970-01-20 14:46:26	Name: afclick Value: 632330694c6bb3000138d37c
greengrass.g2afse.com/	1970-01-20 14:46:26	Name: afoffers Value: {"769":1663250537}
.google.com/	1970-01-20 10:24:21	Name: NID Value: 511=TbTwSlOM-J0wFY-hu-BnXHKgT8fTshb_MJLxfTXbk8KegvOVIrTpkQtF8OxRIJRK1c_oJpsXqNdVEGGRrYkwN5uGEuvvKH2aUBouNOdkztZ9-A6Lhp_yVXexMrALj8sn9gSTKR-2rZV1jsklKQNUnpLIZG-uXxCBH9ykoLxYiTk

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_673660undefined&creativeid=POP&category=01&androidid= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_673660undefined&creativeid=POP&category=01&androidid= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://play.google.com/store/apps/details?id=com.android.pokersaint-Android Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-experience.g2afse.com
apnp.trckswrm.com
apps.apple.com
cpi-offers.com
go2.lkjlkjkljsdflkjsdfklsfjklsd.com
greengrass.g2afse.com
olamob.g2afse.com
play.google.com
trck.appzoftheday.com
trk.ad-serving-ads.com
www.dresslily.com
zainzuri.com
136.243.5.43
18.198.194.239
188.114.96.12
2a00:1450:4001:80e::200e
2a02:26f0:6c00:2a3::2a1
34.90.92.78
34.91.234.242
35.204.226.246
35.204.70.16
5.9.5.202
52.2.78.12
99.86.4.41
3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4aa5205acdcc5d21a54643016aa6c4206972eeb9f3ef2b2cab5c503504cbd21

cpi-offers.com Open in urlscan Pro 18.198.194.239 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

13 Requests

8 %HTTPS

17 %IPv6

10 Domains

12 Subdomains

7 IPs

3 Countries

3 kBTransfer

5 kBSize

5 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

5 Cookies

4 Console Messages

Indicators

cpi-offers.com Open in urlscan Pro
18.198.194.239 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

8 %
HTTPS

17 %
IPv6

10
Domains

12
Subdomains

7
IPs

3
Countries

3 kB
Transfer

5 kB
Size

5
Cookies

13 HTTP transactions
0 data transactions