cpi-offers.com Open in urlscan Pro
52.58.210.58 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gurmob.g2afse.com/click?pid=249&offer_id=1684
Effective URL:
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&nam...
Submission: On September 19 via manual (September 19th 2021, 6:22:17 am UTC) from IL — Scanned from DE

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 28 domains to perform 44 HTTP transactions. The main IP is 52.58.210.58, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com.
TLS certificate: Issued by Amazon on November 25th 2020. Valid for: a year.

This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 6	213.227.134.198 213.227.134.198	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 4	52.58.210.58 52.58.210.58	16509 (AMAZON-02) (AMAZON-02)
5 5	168.119.91.184 168.119.91.184	24940 (HETZNER-AS) (HETZNER-AS)
5 10	23.79.135.169 23.79.135.169	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	172.67.144.227 172.67.144.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.21.93.82 104.21.93.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.93.11 104.21.93.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.33.87.146 185.33.87.146	202015 (HZ-US-AS) (HZ-US-AS)
2 2	213.227.156.13 213.227.156.13	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	5.9.5.213 5.9.5.213	24940 (HETZNER-AS) (HETZNER-AS)
1 1	18.158.50.96 18.158.50.96	16509 (AMAZON-02) (AMAZON-02)
1 1	54.225.218.189 54.225.218.189	14618 (AMAZON-AES) (AMAZON-AES)
1 1	98.137.11.164 98.137.11.164	36647 (YAHOO-GQ1) (YAHOO-GQ1)
1 2	87.248.100.216 87.248.100.216	34010 (YAHOO-IRD) (YAHOO-IRD)
5 5	116.202.243.43 116.202.243.43	24940 (HETZNER-AS) (HETZNER-AS)
5 5	35.244.148.94 35.244.148.94	15169 (GOOGLE) (GOOGLE)
5 10	35.244.209.32 35.244.209.32	15169 (GOOGLE) (GOOGLE)
2	213.227.134.220 213.227.134.220	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	172.67.128.252 172.67.128.252	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	5.9.6.203 5.9.6.203	24940 (HETZNER-AS) (HETZNER-AS)
2	3.210.173.107 3.210.173.107	14618 (AMAZON-AES) (AMAZON-AES)
1	52.72.159.253 52.72.159.253	14618 (AMAZON-AES) (AMAZON-AES)
1 1	213.227.135.229 213.227.135.229	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.227.134.202 213.227.134.202	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	172.67.211.114 172.67.211.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	213.227.135.209 213.227.135.209	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	54.205.104.8 54.205.104.8	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.248.84 34.120.248.84	15169 (GOOGLE) (GOOGLE)
44	13

6 213.227.134.198 (Netherlands) 6 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

gurmob.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.mobcho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.58.210.58 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-210-58.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 168.119.91.184 (Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.184.91.119.168.clients.your-server.de

aptrt.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.79.135.169 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-135-169.deploy.static.akamaitechnologies.com

www.visitdubai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.144.227 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lucazepa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.93.82 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sylvinanorrey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.93.11 (None, )

ASN13335 (CLOUDFLARENET, US)

trk86.zperform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.87.146 (Ashburn, United States)

ASN202015 (HZ-US-AS, BG)

direct2.knmasdfsdgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.156.13 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

biggerpicture.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.9.5.213 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.213.5.9.5.clients.your-server.de

armr.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.50.96 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-50-96.eu-central-1.compute.amazonaws.com

faswqurecv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.225.218.189 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-218-189.compute-1.amazonaws.com

allowsuccess.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.137.11.164 (Quincy, United States) 1 redirects

ASN36647 (YAHOO-GQ1, US)
PTR: media-router-fp73.prod.media.vip.gq1.yahoo.com

yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.100.216 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-fp74.prod.media.vip.ir2.yahoo.com

www.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 116.202.243.43 (Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.43.243.202.116.clients.your-server.de

apts.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.148.94 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 94.148.244.35.bc.googleusercontent.com

fkan.oakmastering.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.244.209.32 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 32.209.244.35.bc.googleusercontent.com

fd.allsaintsyrt.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.134.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appnapp.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.128.252 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

track.gowithads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.9.6.203 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.203.6.9.5.clients.your-server.de

advdgt.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.210.173.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-173-107.compute-1.amazonaws.com

trk.ad-serving-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.159.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-159-253.compute-1.amazonaws.com

trk.games-to-run123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.135.229 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appad.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.134.202 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

go2.enjoycpi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.211.114 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.bidrivo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.135.209 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

adcrate-solutions.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.205.104.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-104-8.compute-1.amazonaws.com

trk.whisursand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.248.84 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 84.248.120.34.bc.googleusercontent.com

click.mnmnck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	trckswrm.com 13 redirects aptrt.trckswrm.com armr.trckswrm.com apts.trckswrm.com advdgt.trckswrm.com	3 KB
10	allsaintsyrt.club 5 redirects fd.allsaintsyrt.club	1 KB
10	visitdubai.com 5 redirects www.visitdubai.com	1 KB
6	g2afse.com 4 redirects gurmob.g2afse.com biggerpicture.g2afse.com appnapp.g2afse.com imagineads.g2afse.com Failed leaddaway.g2afse.com Failed valuadle.g2afse.com Failed spykemedia.g2afse.com Failed appad.g2afse.com	1 KB
5	oakmastering.site 5 redirects fkan.oakmastering.site	1 KB
5	mobcho.com 5 redirects ad.mobcho.com	1 KB
4	cpi-offers.com 3 redirects cpi-offers.com	3 KB
3	yahoo.com 2 redirects yahoo.com www.yahoo.com de.yahoo.com	1 KB
2	ad-serving-ads.com trk.ad-serving-ads.com	93 B
1	mnmnck.com click.mnmnck.com	80 B
1	whisursand.com trk.whisursand.com
1	go2affise.com 1 redirects adcrate-solutions.go2affise.com	112 B
1	bidrivo.com trk.bidrivo.com	613 B
1	enjoycpi.com 1 redirects go2.enjoycpi.com	159 B
1	games-to-run123.com trk.games-to-run123.com
1	gowithads.com 1 redirects track.gowithads.com	837 B
1	allowsuccess.org 1 redirects allowsuccess.org	271 B
1	faswqurecv.com 1 redirects faswqurecv.com	798 B
1	knmasdfsdgs.com direct2.knmasdfsdgs.com	138 B
1	zperform.com trk86.zperform.com
1	sylvinanorrey.com 1 redirects sylvinanorrey.com	864 B
1	lucazepa.com 1 redirects lucazepa.com	588 B
0	toptop.digital Failed www.toptop.digital Failed
0	paddlewaver.com Failed track.paddlewaver.com Failed
0	gotrackier.com Failed adjar.gotrackier.com Failed
0	il32.co Failed il32.co Failed
0	allontrk.com Failed c.allontrk.com Failed
0	alibaba.com Failed offer.alibaba.com Failed
44	28

	Domain	Requested by
10	fd.allsaintsyrt.club	5 redirects cpi-offers.com
10	www.visitdubai.com	5 redirects cpi-offers.com
5	fkan.oakmastering.site	5 redirects
5	apts.trckswrm.com	5 redirects
5	ad.mobcho.com	5 redirects
5	aptrt.trckswrm.com	5 redirects
4	cpi-offers.com	3 redirects
2	trk.ad-serving-ads.com	cpi-offers.com
2	advdgt.trckswrm.com	2 redirects
2	appnapp.g2afse.com	cpi-offers.com
2	biggerpicture.g2afse.com	2 redirects
1	click.mnmnck.com	cpi-offers.com
1	trk.whisursand.com	cpi-offers.com
1	adcrate-solutions.go2affise.com	1 redirects
1	trk.bidrivo.com	cpi-offers.com
1	go2.enjoycpi.com	1 redirects
1	appad.g2afse.com	1 redirects
1	trk.games-to-run123.com	cpi-offers.com
1	track.gowithads.com	1 redirects
1	de.yahoo.com	cpi-offers.com
1	www.yahoo.com	1 redirects
1	yahoo.com	1 redirects
1	allowsuccess.org	1 redirects
1	faswqurecv.com	1 redirects
1	armr.trckswrm.com	1 redirects
1	direct2.knmasdfsdgs.com	cpi-offers.com
1	trk86.zperform.com	cpi-offers.com
1	sylvinanorrey.com	1 redirects
1	lucazepa.com	1 redirects
1	gurmob.g2afse.com	1 redirects
0	spykemedia.g2afse.com Failed	cpi-offers.com
0	valuadle.g2afse.com Failed	cpi-offers.com
0	www.toptop.digital Failed	cpi-offers.com
0	track.paddlewaver.com Failed	cpi-offers.com
0	leaddaway.g2afse.com Failed	cpi-offers.com
0	adjar.gotrackier.com Failed	cpi-offers.com
0	imagineads.g2afse.com Failed	cpi-offers.com
0	il32.co Failed	cpi-offers.com
0	c.allontrk.com Failed	cpi-offers.com
0	offer.alibaba.com Failed	cpi-offers.com
44	40

This site contains no links.

Subject Issuer	Validity	Valid
cpi-offers.com Amazon	`2020-11-25` - `2021-12-24`	a year	crt.sh
visitdubai.com R3	`2021-08-31` - `2021-11-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.knmasdfsdgs.com Go Daddy Secure Certificate Authority - G2	`2021-07-14` - `2022-08-15`	a year	crt.sh
*.www.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-07-26` - `2022-01-19`	6 months	crt.sh
mm.ellafitzgeraldsayt.club Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-03-24`	2 years	crt.sh
*.go2affise.com Go Daddy Secure Certificate Authority - G2	`2020-10-09` - `2021-11-10`	a year	crt.sh
trk.games-to-run123.com Amazon	`2020-11-06` - `2021-12-05`	a year	crt.sh
trk.antaituced.com Amazon	`2020-11-26` - `2021-12-25`	a year	crt.sh
click.mnmnck.com GTS CA 1D4	`2021-08-22` - `2021-11-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0
Frame ID: 3EEAC407D813758DAB44E06695E4A55D
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://gurmob.g2afse.com/click?pid=249&offer_id=1684 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b7... Page URL

Page Statistics

44
Requests

45 %
HTTPS

0 %
IPv6

28
Domains

40
Subdomains

13
IPs

5
Countries

3 kB
Transfer

10 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gurmob.g2afse.com/click?pid=249&offer_id=1684 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_de_ofid10910945_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat1_sub4_sub5&sub1=729_4850913&sub2=729_4850913_249&sub3=id352509417&sub7=id352509417 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id352509417&sub1=729_4850913&sub2=729_4850913_249 HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=6146d6fa28edd70001d8866f&pid=729_4850913&adid= HTTP 0
http://offer.alibaba.com/product/w404

Request Chain 1

https://aptrt.trckswrm.com/click?offer_id=16060&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid11902270_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat2_sub4_sub5&pub_sub_id=722700913&pub_sub_sub_id=249&app=id352509417 HTTP 302
https://ad.mobcho.com/click?pid=708&offer_id=33&sub2=ArZR39EAAAF7_LfD3AAAkqwAAACAAAAABQ&sub3=128.29&sub5=id352509417&sub7=&sub8= HTTP 302
https://www.visitdubai.com/en/win-a-trip-with-rixos HTTP 301
https://www.visitdubai.com/en

Request Chain 3

https://lucazepa.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
https://sylvinanorrey.com/l/12951695aa65a83b3992?source=65798hgddtt HTTP 302
https://trk86.zperform.com/l/12951695aa65a83b3992.js?source=65798hgddtt

Request Chain 5

https://go2.enjoycpi.com/click?pid=913&offer_id=4141322&sub1=6146d6fa3f2599000163b797&sub2=249&sub3=GurMobSL_nat6&sub4=49A8A7C1-2316-48AF-A38A-2936E2A9CAC2&sub5=id352509417&sub6=722700 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_de_ofid10910945_pid616_sub1_sub2_sub3TbLabq_nat1_sub4_sub5&sub1=729_4850616&sub2=729_4850616_&sub3=id1369521645&sub7=id1369521645 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1369521645&sub1=729_4850616&sub2=729_4850616_ HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=6146d6fa5777730001ff0345&pid=729_4850616&adid=

Request Chain 7

https://ila3.co/o/214890?p=17&aff_clickid=NCT_iphone_de_ofid12216312_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat8_sub4_sub5&sub1=722700913_249&idfa=49A8A7C1-2316-48AF-A38A-2936E2A9CAC2&gaid=49A8A7C1-2316-48AF-A38A-2936E2A9CAC2&app_name=id352509417 HTTP 302
https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=17_722700913_249&target=

Request Chain 8

https://biggerpicture.g2afse.com/click?pid=52&offer_id=263981&sub5=NCT_iphone_de_ofid12312728_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat9_sub4_sub5&sub1=722700913_249&sub3=id352509417&sub4=49A8A7C1-2316-48AF-A38A-2936E2A9CAC2 HTTP 302
https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 HTTP 302
https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 HTTP 302
https://faswqurecv.com/go/1b42dc47-4e2b-456b-8bc5-515903f4eb28?externalId=AmGPQOoAAAF7_LfEFgAADA8AAACaAAABMg&sid=154 HTTP 302
https://allowsuccess.org/rJ8DQZjLTgvx6aaW4erp-dvntOoL1Hw3gXIifrtasvQ/?SUBID=UQL5Ns7njZ7izqJaMbMQBf&zoneid= HTTP 302
https://yahoo.com/ HTTP 301
https://www.yahoo.com/ HTTP 302
https://de.yahoo.com/?p=us

Request Chain 10

https://apts.trckswrm.com/click?offer_id=477650&pub_id=9&pub_click_id=NCT_iphone_de_ofid12446635_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat11_sub4_sub5&pub_sub_id=722700913&pub_sub_sub_id=249&app=id352509417 HTTP 302
https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=101_9&pducid=AgYPpMoAAAF7_LfD2gAHSdIAAAAJAAAAAA&pddo=id352509417&pdumid=&pssc2=101_9 HTTP 302
https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 HTTP 302
https://fd.allsaintsyrt.club/healthCheck?pisc1=286

Request Chain 12

https://track.gowithads.com/click?pid=141&offer_id=2254757&sub1=NCT_iphone_de_ofid12510328_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat13_sub4_sub5&sub2=722700913_249&sub3=49A8A7C1-2316-48AF-A38A-2936E2A9CAC2&sub4=id352509417 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=&sid=141&udid=&name=&info=GOWMsl&blockTime=0 HTTP 302
https://imagineads.g2afse.com/click?pid=38&offer_id=7065&sub1=NCT_iphone_de_ofid12436375_pid616_sub1_sub2141_sub3GOWMsl_nat26_sub4_sub5&sub2=722700616_141&sub4=id1189800250&sub5=id1189800250 HTTP 302
https://imagineads.g2afse.com/click?pid=11&offer_id=2287

Request Chain 13

https://track.gowithads.com/click?pid=141&offer_id=2200168&sub1=NCT_iphone_de_ofid12578989_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat14_sub4_sub5&sub2=722700913_249&sub4=id352509417 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=&sid=141&udid=&name=&info=GOWMsl&blockTime=0 HTTP 302
https://aptrt.trckswrm.com/click?offer_id=36948&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid12263885_pid616_sub1_sub2141_sub3GOWMsl_nat35_sub4_sub5&pub_sub_id=722700616&pub_sub_sub_id=141&app=id730623682 HTTP 302
https://ad.mobcho.com/click?pid=708&offer_id=33&sub2=AkVgo60AAAF7_LfD9wAAkqwAAACAAAAABQ&sub3=128.29&sub5=id730623682&sub7=&sub8= HTTP 302
https://www.visitdubai.com/en/win-a-trip-with-rixos HTTP 301
https://www.visitdubai.com/en

Request Chain 15

https://imagineads.g2afse.com/click?pid=38&offer_id=7155&sub1=NCT_iphone_de_ofid12436452_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat16_sub4_sub5&sub2=722700913_249&sub4=id352509417&sub5=id352509417 HTTP 302
https://imagineads.g2afse.com/click?pid=11&offer_id=2287

Request Chain 17

https://advdgt.trckswrm.com/click?offer_id=52605&pub_id=7&pub_click_id=NCT_iphone_de_ofid12198629_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat18_sub4_sub5&pub_sub_id=722700913&pub_sub_sub_id=249&app=id352509417 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_722700913&creativeid=POP&category=01

Request Chain 18

https://imagineads.g2afse.com/click?pid=59&offer_id=7052&sub1=NCT_iphone_de_ofid12436354_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat19_sub4_sub5&sub2=722700913_249&sub4=id352509417&sub5=id352509417 HTTP 302
https://imagineads.g2afse.com/click?pid=11&offer_id=2287

Request Chain 19

https://apts.trckswrm.com/click?offer_id=11715&pub_id=10&pub_click_id=NCT_iphone_de_ofid10139293_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat20_sub4_sub5&pub_sub_id=722700913&pub_sub_sub_id=249&app=id352509417 HTTP 302
https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=101_10&pducid=Ap9l_TYAAAF7_LfD2gAALcMAAAAKAAAAAA&pddo=id352509417&pdumid=&pssc2=101_10 HTTP 302
https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 HTTP 302
https://fd.allsaintsyrt.club/healthCheck?pisc1=286

Request Chain 20

https://t.9696.me/click?pid=729&offer_id=119486&sub4=NCT_iphone_de_ofid12300988_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat21_sub4_sub5&sub1=729_4850913&sub2=729_4850913_249&sub3=id352509417&sub7=id352509417 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id352509417&sub1=729_4850913&sub2=729_4850913_249 HTTP 302
https://offer.alibaba.com/cps/3ba4i0jh?tp1=6146d6fa15927100016fa0a6&pid=729_4850913&adid=

Request Chain 22

https://brainadv.g2afse.com/click?pid=37&offer_id=512055&sub1=722700913_249&sub2=id352509417&sub3=NCT_iphone_de_ofid11480193_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat23_sub4_sub5 HTTP 302
https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=16&pub_click_id=&pub_sub_id=37&idfa=&gaid=&app=id352509417 HTTP 302
https://thingortwo.g2afse.com/click?pid=282&offer_id=727&sub1=Asi2DPwAAAF7_LfEEQAADdUAAAAQAAAABQ&sub2=16.37&sub3=9sDOB8UGmWmsITFOkh3&sub4=id352509417&sub4=&sub5=&sub5= HTTP 302
https://thingortwo.g2afse.com/sl?id=5bffbf8000ca309f85166dd2&pid=106&sub2=16.37&sub4=id352509417&sub5= HTTP 302
https://www.toptop.digital/?utm_source=Affto2&utm_medium=TFB

Request Chain 23

https://brainadv.g2afse.com/click?pid=3&offer_id=525819&sub3=NCT_iphone_de_ofid11765907_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat24_sub4_sub5&sub1=722700913_249&sub2=id352509417 HTTP 302
https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=16&pub_click_id=&pub_sub_id=3&idfa=&gaid=&app=id352509417 HTTP 302
https://thingortwo.g2afse.com/click?pid=282&offer_id=727&sub1=AmAV7rYAAAF7_LfEEAAADdUAAAAQAAAABQ&sub2=16.3&sub3=9sDOB8UGmWmsITFOkh3&sub4=id352509417&sub4=&sub5=&sub5= HTTP 302
https://thingortwo.g2afse.com/sl?id=5bffbf8000ca309f85166dd2&pid=106&sub2=16.3&sub4=id352509417&sub5= HTTP 302
https://www.toptop.digital/?utm_source=Affto2&utm_medium=TFB

Request Chain 24

https://aptrt.trckswrm.com/click?offer_id=20662&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid11390140_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat25_sub4_sub5&pub_sub_id=722700913&pub_sub_sub_id=249&app=id352509417 HTTP 302
https://ad.mobcho.com/click?pid=708&offer_id=33&sub2=AsvH7ugAAAF7_LfD3QAAkqwAAACAAAAABQ&sub3=128.29&sub5=id352509417&sub7=&sub8= HTTP 302
https://www.visitdubai.com/en/win-a-trip-with-rixos HTTP 301
https://www.visitdubai.com/en

Request Chain 25

https://imagineads.g2afse.com/click?pid=59&offer_id=7065&sub1=NCT_iphone_de_ofid12436364_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat26_sub4_sub5&sub2=722700913_249&sub4=id352509417&sub5=id352509417 HTTP 302
https://imagineads.g2afse.com/click?pid=11&offer_id=2287

Request Chain 27

https://apts.trckswrm.com/click?offer_id=313108&pub_id=9&pub_click_id=NCT_iphone_de_ofid11766602_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat28_sub4_sub5&pub_sub_id=722700913&pub_sub_sub_id=249&app=id352509417 HTTP 302
https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=101_9&pducid=AtFHV9YAAAF7_LfD2gAExxQAAAAJAAAAAA&pddo=id352509417&pdumid=&pssc2=101_9 HTTP 302
https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 HTTP 302
https://fd.allsaintsyrt.club/healthCheck?pisc1=286

Request Chain 28

https://apts.trckswrm.com/click?offer_id=65840&pub_id=9&pub_click_id=NCT_iphone_de_ofid11642890_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat29_sub4_sub5&pub_sub_id=722700913&pub_sub_sub_id=249&app=id352509417 HTTP 302
https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=101_9&pducid=Aj6XzOgAAAF7_LfD2gABATAAAAAJAAAAAA&pddo=id352509417&pdumid=&pssc2=101_9 HTTP 302
https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 HTTP 302
https://fd.allsaintsyrt.club/healthCheck?pisc1=286

Request Chain 29

https://aptrt.trckswrm.com/click?offer_id=20670&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid12263600_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat30_sub4_sub5&pub_sub_id=722700913&pub_sub_sub_id=249&app=id352509417 HTTP 302
https://ad.mobcho.com/click?pid=708&offer_id=33&sub2=AtDLuuUAAAF7_LfD3QAAkqwAAACAAAAABQ&sub3=128.29&sub5=id352509417&sub7=&sub8= HTTP 302
https://www.visitdubai.com/en/win-a-trip-with-rixos HTTP 301
https://www.visitdubai.com/en

Request Chain 30

https://t.9696.me/click?pid=868&offer_id=143546&sub4=NCT_iphone_de_ofid12251026_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat31_sub4_sub5&sub1=868_4850913&sub2=868_4850913_249&sub3=id352509417 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id352509417&sub1=868_4850913&sub2=868_4850913_249 HTTP 302
https://offer.alibaba.com/cps/3ba4i0jh?tp1=6146d6fa451a8200012078c3&pid=868_4850913&adid=

Request Chain 33

https://appad.g2afse.com/click?pid=33&offer_id=305229&sub1=NCT_iphone_de_ofid12409145_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat34_sub4_sub5&sub2=722700913_249&sub7=id352509417 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=947&cid=&sid=33&udid=&name=&info=appadppre&blockTime=0 HTTP 302
https://spykemedia.g2afse.com/click?pid=606&offer_id=1189047&sub1=NCT_iphone_de_ofid12170847_pid616_sub1_sub233_sub3appadppre_nat39_sub4_sub5&sub2=722700616_33&sub4=722700616_33&sub3=MyRadar%E6%B0%97%E8%B1%A1%E3%83%AC%E3%83%BC%E3%83%80%E3%83%BC

Request Chain 34

https://advdgt.trckswrm.com/click?offer_id=202022&pub_id=7&pub_click_id=NCT_iphone_de_ofid12265277_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat35_sub4_sub5&pub_sub_id=722700913&pub_sub_sub_id=249&app=id352509417 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_722700913&creativeid=POP&category=01

Request Chain 35

https://appad.g2afse.com/click?pid=33&offer_id=280052&sub1=NCT_iphone_de_ofid12578561_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat36_sub4_sub5&sub2=722700913_249&sub7=id352509417 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=947&cid=&sid=33&udid=&name=&info=appadppre&blockTime=0 HTTP 302
https://go2.enjoycpi.com/click?pid=616&offer_id=4141322&sub1=&sub2=33&sub3=appadppre_nat6&sub4=08EDFDA2-43E3-4858-AF36-4708EB64C7C2&sub5=id500963785&sub6=722700 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://trk.bidrivo.com/click?campaign_id=147771&pub_id=75&p1=NCT_iphone_de_ofid12117526_pid616_sub1_sub2_sub3TbLabq_nat16_sub4_sub5&source=722700616_&app_name=id1453989822

Request Chain 36

https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1539504&sub1=NCT_iphone_de_ofid11004038_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat37_sub4_sub5&sub2=722700913_249&sub4=id352509417 HTTP 302
https://trk.whisursand.com/click?affid=28&category=01

Request Chain 38

https://apts.trckswrm.com/click?offer_id=398145&pub_id=9&pub_click_id=NCT_iphone_de_ofid12172087_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat39_sub4_sub5&pub_sub_id=722700913&pub_sub_sub_id=249&app=id352509417 HTTP 302
https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=101_9&pducid=AjyTiqEAAAF7_LfD2gAGE0EAAAAJAAAAAA&pddo=id352509417&pdumid=&pssc2=101_9 HTTP 302
https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 HTTP 302
https://fd.allsaintsyrt.club/healthCheck?pisc1=286

Request Chain 39

https://aptrt.trckswrm.com/click?offer_id=853&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid9525498_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat40_sub4_sub5&pub_sub_id=722700913&pub_sub_sub_id=249&app=id352509417 HTTP 302
https://ad.mobcho.com/click?pid=708&offer_id=33&sub2=Andqh0IAAAF7_LfD3QAAkqwAAACAAAAABQ&sub3=128.29&sub5=id352509417&sub7=&sub8= HTTP 302
https://www.visitdubai.com/en/win-a-trip-with-rixos HTTP 301
https://www.visitdubai.com/en

Request Chain 40

https://c.allontrk.com/click?offer_id=125353&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid12366938_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat3_sub4_sub5&pub_sub_id=722700913&pub_sub_sub_id=249&app=id352509417 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 41

https://go2.enjoycpi.com/click?pid=913&offer_id=4141322&sub1=6146d6fa3f2599000163b797&sub2=249&sub3=GurMobSL_nat6&sub4=49A8A7C1-2316-48AF-A38A-2936E2A9CAC2&sub5=id352509417&sub6=722700 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://valuadle.g2afse.com/click?pid=11&offer_id=451524&sub1=NCT_iphone_de_ofid12130610_pid616_sub1_sub2_sub3TbLabq_nat9_sub4_sub5&sub2=722700616_&sub3=id1197354394&sub4=0A8A4A3E-59FF-46C1-8AB3-CD5BDD311CF6 HTTP 0
http://valuadle.g2afse.com/disabled.html

Request Chain 42

https://c.allontrk.com/click?offer_id=149384&pub_id=636&pub_click_id=NCT_iphone_de_ofid12524753_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat7_sub4_sub5&pub_sub_id=722700913&pub_sub_sub_id=249&gaid=49A8A7C1-2316-48AF-A38A-2936E2A9CAC2&idfa=49A8A7C1-2316-48AF-A38A-2936E2A9CAC2&app=id352509417 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

44 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request fantastic.html Show response cpi-offers.com/ Redirect Chain http://gurmob.g2afse.com/click?pid=249&offer_id=1684 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0	10 KB 2 KB	46ms 9ms	Document text/html	52.58.210.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.58.210.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-210-58.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `470b7b35a337a5d1358788b3201f4bd1cc8b2f5b01ea4dad7fe06d812db06120` Request headers :method GET :authority cpi-offers.com :scheme https :path /fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Sun, 19 Sep 2021 06:21:46 GMT content-type text/html; charset=utf-8 server nginx/1.14.1 x-powered-by Express access-control-allow-origin * etag W/"2998-xfwCEs1HKgjj6JjV6HULB1FkGqY" content-encoding gzip Redirect headers Server nginx Date Sun, 19 Sep 2021 06:21:46 GMT Content-Length 0 Connection keep-alive Location https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Set-Cookie afclick=6146d6fa3f2599000163b797; expires=Mon, 19 Sep 2022 06:21:46 GMT; secure; SameSite=None afoffers={"1684":1632032506}; expires=Mon, 19 Sep 2022 06:21:46 GMT; secure; SameSite=None Access-Control-Allow-Origin *
GET		w404 offer.alibaba.com/product/ Redirect Chain https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_de_ofid10910945_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat1_sub4_sub5&sub1=729_4850913&sub2=729_4850913_249&sub3=id... https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id352509417&sub1=729_4850913&sub2=729_4850913_249 https://offer.alibaba.com/cps/rq9rg325?tp1=6146d6fa28edd70001d8866f&pid=729_4850913&adid= http://offer.alibaba.com/product/w404	0 0

GET H2	200	en www.visitdubai.com/ Redirect Chain https://aptrt.trckswrm.com/click?offer_id=16060&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid11902270_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat2_sub4_sub5&pub_sub_id=722700... https://ad.mobcho.com/click?pid=708&offer_id=33&sub2=ArZR39EAAAF7_LfD3AAAkqwAAACAAAAABQ&sub3=128.29&sub5=id352509417&sub7=&sub8= https://www.visitdubai.com/en/win-a-trip-with-rixos https://www.visitdubai.com/en	0 0	5146ms 5146ms	Stylesheet text/html	23.79.135.169 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.visitdubai.com/en Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.79.135.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-135-169.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Redirect headers date Sun, 19 Sep 2021 06:21:47 GMT server AkamaiGHost strict-transport-security max-age=31536000 ; includeSubDomains ; preload location https://www.visitdubai.com/en cache-control max-age=0 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 0 expires Sun, 19 Sep 2021 06:21:47 GMT
GET		click c.allontrk.com/	0 0

GET H2	200	12951695aa65a83b3992.js trk86.zperform.com/l/ Redirect Chain https://lucazepa.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D https://sylvinanorrey.com/l/12951695aa65a83b3992?source=65798hgddtt https://trk86.zperform.com/l/12951695aa65a83b3992.js?source=65798hgddtt	0 0	114ms 65ms	Stylesheet text/html	104.21.93.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk86.zperform.com/l/12951695aa65a83b3992.js?source=65798hgddtt Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.93.11 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Redirect headers date Sun, 19 Sep 2021 06:21:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSP5lRbPGBQ%2F9c4ty4H6C4PraWBvU%2F7UwMFln2%2Bm8Ho7zV0VdbpDBMuQxvt1B26ShzsDzozVnVX4QY%2BScPCP5JyNNQK36wh1E51EuyEEGcOCHxovb4GKRKHmHdEd%2BTRi%2FRZkxg%3D%3D"}],"group":"cf-nel","max_age":604800} location https://trk86.zperform.com/l/12951695aa65a83b3992.js?source=65798hgddtt cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 6910b7404eb427b4-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	341ms 114ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10010&saff=722700913&q= Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Sun, 19 Sep 2021 06:21:46 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET		rq9rg325 offer.alibaba.com/cps/ Redirect Chain https://go2.enjoycpi.com/click?pid=913&offer_id=4141322&sub1=6146d6fa3f2599000163b797&sub2=249&sub3=GurMobSL_nat6&sub4=49A8A7C1-2316-48AF-A38A-2936E2A9CAC2&sub5=id352509417&sub6=722700 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_de_ofid10910945_pid616_sub1_sub2_sub3TbLabq_nat1_sub4_sub5&sub1=729_4850616&sub2=729_4850616_&sub3=id1369521645&sub7=id1369521645 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1369521645&sub1=729_4850616&sub2=729_4850616_ https://offer.alibaba.com/cps/rq9rg325?tp1=6146d6fa5777730001ff0345&pid=729_4850616&adid=	0 0

GET		click c.allontrk.com/	0 0

GET		ps il32.co/ Redirect Chain https://ila3.co/o/214890?p=17&aff_clickid=NCT_iphone_de_ofid12216312_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat8_sub4_sub5&sub1=722700913_249&idfa=49A8A7C1-2316-48AF-A38A-2936E2A9... https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=17_722700913_249&target=	0 0

GET H2	200	/ de.yahoo.com/ Redirect Chain https://biggerpicture.g2afse.com/click?pid=52&offer_id=263981&sub5=NCT_iphone_de_ofid12312728_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat9_sub4_sub5&sub1=722700913_249&sub3=id35250... https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 https://faswqurecv.com/go/1b42dc47-4e2b-456b-8bc5-515903f4eb28?externalId=AmGPQOoAAAF7_LfEFgAADA8AAACaAAABMg&sid=154 https://allowsuccess.org/rJ8DQZjLTgvx6aaW4erp-dvntOoL1Hw3gXIifrtasvQ/?SUBID=UQL5Ns7njZ7izqJaMbMQBf&zoneid= https://yahoo.com/ https://www.yahoo.com/ https://de.yahoo.com/?p=us	0 0	81ms 50ms	Stylesheet text/html	87.248.100.216 YAHOO-IRD
General Check archive.org Show headers Download Go to Full URL https://de.yahoo.com/?p=us Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.248.100.216 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB), Reverse DNS media-router-fp74.prod.media.vip.ir2.yahoo.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Redirect headers date Sun, 19 Sep 2021 06:21:47 GMT referrer-policy no-referrer-when-downgrade server ATS expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options SAMEORIGIN content-language en location https://de.yahoo.com/?p=us x-xss-protection 1; mode=block cache-control no-store content-security-policy frame-ancestors 'self' https://.builtbygirls.com https://.rivals.com https://.engadget.com https://.intheknow.com https://.autoblog.com https://.techcrunch.com https://.yahoo.com https://.aol.com https://.huffingtonpost.com https://.oath.com https://.search.yahoo.com https://.search.aol.com https://.search.huffpost.com https://.verizonmedia.com https://.publishing.oath.com https://.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage&region=US&lang=en-US&device=desktop&yrid=d5ehmldgkdlnr&partner=; strict-transport-security max-age=31536000 content-type text/html content-length 17 x-content-type-options nosniff
GET		click c.allontrk.com/	0 0

GET H2	200	healthCheck fd.allsaintsyrt.club/ Redirect Chain https://apts.trckswrm.com/click?offer_id=477650&pub_id=9&pub_click_id=NCT_iphone_de_ofid12446635_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat11_sub4_sub5&pub_sub_id=722700913&pub_su... https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=101_9&pducid=AgYPpMoAAAF7_LfD2gAHSdIAAAAJAAAAAA&pddo=id352509417&pdumid=&pssc2=101_9 https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 https://fd.allsaintsyrt.club/healthCheck?pisc1=286	1 B 59 B	103ms 103ms	Stylesheet text/plain	35.244.209.32 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd.allsaintsyrt.club/healthCheck?pisc1=286 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.209.32 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 32.209.244.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash `6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 19 Sep 2021 06:21:47 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 1 content-type text/plain; charset=utf-8 Redirect headers access-control-allow-origin * date Sun, 19 Sep 2021 06:21:47 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 0 location https://fd.allsaintsyrt.club/healthCheck?pisc1=286
GET H2	404	click appnapp.g2afse.com/	0 0	62ms 12ms	Stylesheet text/html	213.227.134.220 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://appnapp.g2afse.com/click?pid=33&offer_id=2308949&sub1=NCT_iphone_de_ofid9602481_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat12_sub4_sub5&sub2=722700913_249&sub5=id352509417 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.134.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET		click imagineads.g2afse.com/ Redirect Chain https://track.gowithads.com/click?pid=141&offer_id=2254757&sub1=NCT_iphone_de_ofid12510328_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat13_sub4_sub5&sub2=722700913_249&sub3=49A8A7C1-... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=&sid=141&udid=&name=&info=GOWMsl&blockTime=0 https://imagineads.g2afse.com/click?pid=38&offer_id=7065&sub1=NCT_iphone_de_ofid12436375_pid616_sub1_sub2141_sub3GOWMsl_nat26_sub4_sub5&sub2=722700616_141&sub4=id1189800250&sub5=id1189800250 https://imagineads.g2afse.com/click?pid=11&offer_id=2287	0 0

GET H2	200	en www.visitdubai.com/ Redirect Chain https://track.gowithads.com/click?pid=141&offer_id=2200168&sub1=NCT_iphone_de_ofid12578989_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat14_sub4_sub5&sub2=722700913_249&sub4=id352509417 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=&sid=141&udid=&name=&info=GOWMsl&blockTime=0 https://aptrt.trckswrm.com/click?offer_id=36948&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid12263885_pid616_sub1_sub2141_sub3GOWMsl_nat35_sub4_sub5&pub_sub_id=722700616&pub_sub_sub_id=141&ap... https://ad.mobcho.com/click?pid=708&offer_id=33&sub2=AkVgo60AAAF7_LfD9wAAkqwAAACAAAAABQ&sub3=128.29&sub5=id730623682&sub7=&sub8= https://www.visitdubai.com/en/win-a-trip-with-rixos https://www.visitdubai.com/en	0 0	4095ms 4095ms	Stylesheet text/html	23.79.135.169 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.visitdubai.com/en Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.79.135.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-135-169.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Redirect headers date Sun, 19 Sep 2021 06:21:47 GMT server AkamaiGHost strict-transport-security max-age=31536000 ; includeSubDomains ; preload location https://www.visitdubai.com/en cache-control max-age=0 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 0 expires Sun, 19 Sep 2021 06:21:47 GMT
GET		click adjar.gotrackier.com/	0 0

GET		click imagineads.g2afse.com/ Redirect Chain https://imagineads.g2afse.com/click?pid=38&offer_id=7155&sub1=NCT_iphone_de_ofid12436452_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat16_sub4_sub5&sub2=722700913_249&sub4=id352509417... https://imagineads.g2afse.com/click?pid=11&offer_id=2287	0 0

GET		click leaddaway.g2afse.com/	0 0

GET H2	200	click trk.ad-serving-ads.com/ Redirect Chain https://advdgt.trckswrm.com/click?offer_id=52605&pub_id=7&pub_click_id=NCT_iphone_de_ofid12198629_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat18_sub4_sub5&pub_sub_id=722700913&pub_s... https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_722700913&creativeid=POP&category=01	0 47 B	306ms 96ms	Stylesheet text/html	3.210.173.107 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_722700913&creativeid=POP&category=01 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.210.173.107 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-210-173-107.compute-1.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 19 Sep 2021 06:21:47 GMT content-length 0 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_722700913&creativeid=POP&category=01 date Sun, 19 Sep 2021 06:21:46 GMT content-length 0
GET		click imagineads.g2afse.com/ Redirect Chain https://imagineads.g2afse.com/click?pid=59&offer_id=7052&sub1=NCT_iphone_de_ofid12436354_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat19_sub4_sub5&sub2=722700913_249&sub4=id352509417... https://imagineads.g2afse.com/click?pid=11&offer_id=2287	0 0

GET H2	200	healthCheck fd.allsaintsyrt.club/ Redirect Chain https://apts.trckswrm.com/click?offer_id=11715&pub_id=10&pub_click_id=NCT_iphone_de_ofid10139293_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat20_sub4_sub5&pub_sub_id=722700913&pub_su... https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=101_10&pducid=Ap9l_TYAAAF7_LfD2gAALcMAAAAKAAAAAA&pddo=id352509417&pdumid=&pssc2=101_10 https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 https://fd.allsaintsyrt.club/healthCheck?pisc1=286	1 B 59 B	151ms 150ms	Stylesheet text/plain	35.244.209.32 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd.allsaintsyrt.club/healthCheck?pisc1=286 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.209.32 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 32.209.244.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash `6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 19 Sep 2021 06:21:47 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 1 content-type text/plain; charset=utf-8 Redirect headers access-control-allow-origin * date Sun, 19 Sep 2021 06:21:47 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 0 location https://fd.allsaintsyrt.club/healthCheck?pisc1=286
GET		3ba4i0jh offer.alibaba.com/cps/ Redirect Chain https://t.9696.me/click?pid=729&offer_id=119486&sub4=NCT_iphone_de_ofid12300988_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat21_sub4_sub5&sub1=729_4850913&sub2=729_4850913_249&sub3=i... https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id352509417&sub1=729_4850913&sub2=729_4850913_249 https://offer.alibaba.com/cps/3ba4i0jh?tp1=6146d6fa15927100016fa0a6&pid=729_4850913&adid=	0 0

GET		/ track.paddlewaver.com/	0 0

GET		/ www.toptop.digital/ Redirect Chain https://brainadv.g2afse.com/click?pid=37&offer_id=512055&sub1=722700913_249&sub2=id352509417&sub3=NCT_iphone_de_ofid11480193_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat23_sub4_sub5 https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=16&pub_click_id=&pub_sub_id=37&idfa=&gaid=&app=id352509417 https://thingortwo.g2afse.com/click?pid=282&offer_id=727&sub1=Asi2DPwAAAF7_LfEEQAADdUAAAAQAAAABQ&sub2=16.37&sub3=9sDOB8UGmWmsITFOkh3&sub4=id352509417&sub4=&sub5=&sub5= https://thingortwo.g2afse.com/sl?id=5bffbf8000ca309f85166dd2&pid=106&sub2=16.37&sub4=id352509417&sub5= https://www.toptop.digital/?utm_source=Affto2&utm_medium=TFB	0 0

GET		/ www.toptop.digital/ Redirect Chain https://brainadv.g2afse.com/click?pid=3&offer_id=525819&sub3=NCT_iphone_de_ofid11765907_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat24_sub4_sub5&sub1=722700913_249&sub2=id352509417 https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=16&pub_click_id=&pub_sub_id=3&idfa=&gaid=&app=id352509417 https://thingortwo.g2afse.com/click?pid=282&offer_id=727&sub1=AmAV7rYAAAF7_LfEEAAADdUAAAAQAAAABQ&sub2=16.3&sub3=9sDOB8UGmWmsITFOkh3&sub4=id352509417&sub4=&sub5=&sub5= https://thingortwo.g2afse.com/sl?id=5bffbf8000ca309f85166dd2&pid=106&sub2=16.3&sub4=id352509417&sub5= https://www.toptop.digital/?utm_source=Affto2&utm_medium=TFB	0 0

GET H2	200	en www.visitdubai.com/ Redirect Chain https://aptrt.trckswrm.com/click?offer_id=20662&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid11390140_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat25_sub4_sub5&pub_sub_id=72270... https://ad.mobcho.com/click?pid=708&offer_id=33&sub2=AsvH7ugAAAF7_LfD3QAAkqwAAACAAAAABQ&sub3=128.29&sub5=id352509417&sub7=&sub8= https://www.visitdubai.com/en/win-a-trip-with-rixos https://www.visitdubai.com/en	0 0	2278ms 2278ms	Stylesheet text/html	23.79.135.169 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.visitdubai.com/en Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.79.135.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-135-169.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Redirect headers date Sun, 19 Sep 2021 06:21:47 GMT server AkamaiGHost strict-transport-security max-age=31536000 ; includeSubDomains ; preload location https://www.visitdubai.com/en cache-control max-age=0 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 0 expires Sun, 19 Sep 2021 06:21:47 GMT
GET		click imagineads.g2afse.com/ Redirect Chain https://imagineads.g2afse.com/click?pid=59&offer_id=7065&sub1=NCT_iphone_de_ofid12436364_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat26_sub4_sub5&sub2=722700913_249&sub4=id352509417... https://imagineads.g2afse.com/click?pid=11&offer_id=2287	0 0

GET		click valuadle.g2afse.com/	0 0

GET H2	200	healthCheck fd.allsaintsyrt.club/ Redirect Chain https://apts.trckswrm.com/click?offer_id=313108&pub_id=9&pub_click_id=NCT_iphone_de_ofid11766602_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat28_sub4_sub5&pub_sub_id=722700913&pub_su... https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=101_9&pducid=AtFHV9YAAAF7_LfD2gAExxQAAAAJAAAAAA&pddo=id352509417&pdumid=&pssc2=101_9 https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 https://fd.allsaintsyrt.club/healthCheck?pisc1=286	1 B 59 B	108ms 107ms	Stylesheet text/plain	35.244.209.32 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd.allsaintsyrt.club/healthCheck?pisc1=286 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.209.32 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 32.209.244.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash `6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 19 Sep 2021 06:21:47 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 1 content-type text/plain; charset=utf-8 Redirect headers access-control-allow-origin * date Sun, 19 Sep 2021 06:21:47 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 0 location https://fd.allsaintsyrt.club/healthCheck?pisc1=286
GET H2	200	healthCheck fd.allsaintsyrt.club/ Redirect Chain https://apts.trckswrm.com/click?offer_id=65840&pub_id=9&pub_click_id=NCT_iphone_de_ofid11642890_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat29_sub4_sub5&pub_sub_id=722700913&pub_sub... https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=101_9&pducid=Aj6XzOgAAAF7_LfD2gABATAAAAAJAAAAAA&pddo=id352509417&pdumid=&pssc2=101_9 https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 https://fd.allsaintsyrt.club/healthCheck?pisc1=286	1 B 59 B	105ms 105ms	Stylesheet text/plain	35.244.209.32 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd.allsaintsyrt.club/healthCheck?pisc1=286 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.209.32 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 32.209.244.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash `6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 19 Sep 2021 06:21:47 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 1 content-type text/plain; charset=utf-8 Redirect headers access-control-allow-origin * date Sun, 19 Sep 2021 06:21:47 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 0 location https://fd.allsaintsyrt.club/healthCheck?pisc1=286
GET H2	200	en www.visitdubai.com/ Redirect Chain https://aptrt.trckswrm.com/click?offer_id=20670&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid12263600_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat30_sub4_sub5&pub_sub_id=72270... https://ad.mobcho.com/click?pid=708&offer_id=33&sub2=AtDLuuUAAAF7_LfD3QAAkqwAAACAAAAABQ&sub3=128.29&sub5=id352509417&sub7=&sub8= https://www.visitdubai.com/en/win-a-trip-with-rixos https://www.visitdubai.com/en	0 0	5149ms 5149ms	Stylesheet text/html	23.79.135.169 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.visitdubai.com/en Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.79.135.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-135-169.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Redirect headers date Sun, 19 Sep 2021 06:21:47 GMT server AkamaiGHost strict-transport-security max-age=31536000 ; includeSubDomains ; preload location https://www.visitdubai.com/en cache-control max-age=0 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 0 expires Sun, 19 Sep 2021 06:21:47 GMT
GET		3ba4i0jh offer.alibaba.com/cps/ Redirect Chain https://t.9696.me/click?pid=868&offer_id=143546&sub4=NCT_iphone_de_ofid12251026_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat31_sub4_sub5&sub1=868_4850913&sub2=868_4850913_249&sub3=i... https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id352509417&sub1=868_4850913&sub2=868_4850913_249 https://offer.alibaba.com/cps/3ba4i0jh?tp1=6146d6fa451a8200012078c3&pid=868_4850913&adid=	0 0

GET H2	404	click trk.games-to-run123.com/	0 0	330ms 102ms	Stylesheet application/json	52.72.159.253 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.games-to-run123.com/click?affid=47&cmpid=f3c361c422b1f12a&clickid=NCT_iphone_de_ofid12578913_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat32_sub4_sub5&siteid=722700913_249 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.72.159.253 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-72-159-253.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H2	404	click appnapp.g2afse.com/	0 0	59ms 12ms	Stylesheet text/html	213.227.134.220 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://appnapp.g2afse.com/click?pid=33&offer_id=2508786&sub1=NCT_iphone_de_ofid9801751_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat33_sub4_sub5&sub2=722700913_249&sub5=id352509417 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.134.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET		click spykemedia.g2afse.com/ Redirect Chain https://appad.g2afse.com/click?pid=33&offer_id=305229&sub1=NCT_iphone_de_ofid12409145_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat34_sub4_sub5&sub2=722700913_249&sub7=id352509417 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=947&cid=&sid=33&udid=&name=&info=appadppre&blockTime=0 https://spykemedia.g2afse.com/click?pid=606&offer_id=1189047&sub1=NCT_iphone_de_ofid12170847_pid616_sub1_sub233_sub3appadppre_nat39_sub4_sub5&sub2=722700616_33&sub4=722700616_33&sub3=MyRadar%E6%B0%...	0 0

GET H2	200	click trk.ad-serving-ads.com/ Redirect Chain https://advdgt.trckswrm.com/click?offer_id=202022&pub_id=7&pub_click_id=NCT_iphone_de_ofid12265277_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat35_sub4_sub5&pub_sub_id=722700913&pub_... https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_722700913&creativeid=POP&category=01	0 46 B	307ms 97ms	Stylesheet text/html	3.210.173.107 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_722700913&creativeid=POP&category=01 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.210.173.107 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-210-173-107.compute-1.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 19 Sep 2021 06:21:47 GMT content-length 0 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_722700913&creativeid=POP&category=01 date Sun, 19 Sep 2021 06:21:46 GMT content-length 0
GET H2	200	click trk.bidrivo.com/ Redirect Chain https://appad.g2afse.com/click?pid=33&offer_id=280052&sub1=NCT_iphone_de_ofid12578561_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat36_sub4_sub5&sub2=722700913_249&sub7=id352509417 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=947&cid=&sid=33&udid=&name=&info=appadppre&blockTime=0 https://go2.enjoycpi.com/click?pid=616&offer_id=4141322&sub1=&sub2=33&sub3=appadppre_nat6&sub4=08EDFDA2-43E3-4858-AF36-4708EB64C7C2&sub5=id500963785&sub6=722700 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://trk.bidrivo.com/click?campaign_id=147771&pub_id=75&p1=NCT_iphone_de_ofid12117526_pid616_sub1_sub2_sub3TbLabq_nat16_sub4_sub5&source=722700616_&app_name=id1453989822	22 B 613 B	127ms 71ms	Stylesheet text/plain	172.67.211.114 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk.bidrivo.com/click?campaign_id=147771&pub_id=75&p1=NCT_iphone_de_ofid12117526_pid616_sub1_sub2_sub3TbLabq_nat16_sub4_sub5&source=722700616_&app_name=id1453989822 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.211.114 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-err CSS_REQUEST via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare date Sun, 19 Sep 2021 06:21:47 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZozZfKOLJ5w748nIBXRIXHt4pttWM6ppSwE%2FCmZRH5ZY9zk6ug%2BXtc2YhtIdCgZvMt%2BlNDn2ukmnwYlEFewaihreVG5QoxMESyW6LMrhz011Yx9uduPJQZi7Z7rPgEObM8%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 cf-ray 6910b7407f224131-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 22 x-rt 0 Redirect headers date Sun, 19 Sep 2021 06:21:46 GMT server nginx/1.14.1 location https://trk.bidrivo.com/click?campaign_id=147771&pub_id=75&p1=NCT_iphone_de_ofid12117526_pid616_sub1_sub2_sub3TbLabq_nat16_sub4_sub5&source=722700616_&app_name=id1453989822 x-powered-by Express vary Accept content-type text/plain; charset=utf-8 access-control-allow-origin * content-length 194
GET H2	404	click trk.whisursand.com/ Redirect Chain https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1539504&sub1=NCT_iphone_de_ofid11004038_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat37_sub4_sub5&sub2=722700913_249&sub... https://trk.whisursand.com/click?affid=28&category=01	0 0	319ms 100ms	Stylesheet application/json	54.205.104.8 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.whisursand.com/click?affid=28&category=01 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.205.104.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-205-104-8.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Redirect headers location https://trk.whisursand.com/click?affid=28&category=01 date Sun, 19 Sep 2021 06:21:46 GMT server nginx access-control-allow-origin * content-length 0
GET H2	200	clicks click.mnmnck.com/tracking/	0 80 B	45ms 15ms	Stylesheet text/plain	34.120.248.84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://click.mnmnck.com/tracking/clicks?clickid=NCT_iphone_de_ofid12196916_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat38_sub4_sub5&trafficsource=1373696474&offerid=437174211122018822&pub_subid=722700913&sub_placement=id352509417_249 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.248.84 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 84.248.120.34.bc.googleusercontent.com Software / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 19 Sep 2021 06:21:46 GMT via 1.1 google x-powered-by Express alt-svc clear content-length 0
GET H2	200	healthCheck fd.allsaintsyrt.club/ Redirect Chain https://apts.trckswrm.com/click?offer_id=398145&pub_id=9&pub_click_id=NCT_iphone_de_ofid12172087_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat39_sub4_sub5&pub_sub_id=722700913&pub_su... https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=101_9&pducid=AjyTiqEAAAF7_LfD2gAGE0EAAAAJAAAAAA&pddo=id352509417&pdumid=&pssc2=101_9 https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 https://fd.allsaintsyrt.club/healthCheck?pisc1=286	1 B 80 B	103ms 103ms	Stylesheet text/plain	35.244.209.32 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd.allsaintsyrt.club/healthCheck?pisc1=286 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.209.32 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 32.209.244.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash `6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 19 Sep 2021 06:21:47 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 1 content-type text/plain; charset=utf-8 Redirect headers access-control-allow-origin * date Sun, 19 Sep 2021 06:21:47 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 0 location https://fd.allsaintsyrt.club/healthCheck?pisc1=286
GET H2	200	en www.visitdubai.com/ Redirect Chain https://aptrt.trckswrm.com/click?offer_id=853&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid9525498_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat40_sub4_sub5&pub_sub_id=72270091... https://ad.mobcho.com/click?pid=708&offer_id=33&sub2=Andqh0IAAAF7_LfD3QAAkqwAAACAAAAABQ&sub3=128.29&sub5=id352509417&sub7=&sub8= https://www.visitdubai.com/en/win-a-trip-with-rixos https://www.visitdubai.com/en	0 0	4546ms 4546ms	Stylesheet text/html	23.79.135.169 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.visitdubai.com/en Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.79.135.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-135-169.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Redirect headers date Sun, 19 Sep 2021 06:21:47 GMT server AkamaiGHost strict-transport-security max-age=31536000 ; includeSubDomains ; preload location https://www.visitdubai.com/en cache-control max-age=0 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 0 expires Sun, 19 Sep 2021 06:21:47 GMT
GET		recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=125353&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid12366938_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat3_sub4_sub5&pub_sub_id=7227009... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 0

GET		disabled.html valuadle.g2afse.com/ Redirect Chain https://go2.enjoycpi.com/click?pid=913&offer_id=4141322&sub1=6146d6fa3f2599000163b797&sub2=249&sub3=GurMobSL_nat6&sub4=49A8A7C1-2316-48AF-A38A-2936E2A9CAC2&sub5=id352509417&sub6=722700 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://valuadle.g2afse.com/click?pid=11&offer_id=451524&sub1=NCT_iphone_de_ofid12130610_pid616_sub1_sub2_sub3TbLabq_nat9_sub4_sub5&sub2=722700616_&sub3=id1197354394&sub4=0A8A4A3E-59FF-46C1-8AB3-CD... http://valuadle.g2afse.com/disabled.html	0 0

GET		recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=149384&pub_id=636&pub_click_id=NCT_iphone_de_ofid12524753_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat7_sub4_sub5&pub_sub_id=722700913&pub_sub_... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: offer.alibaba.com
URL: http://offer.alibaba.com/product/w404

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=125353&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid12366938_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat3_sub4_sub5&pub_sub_id=722700913&pub_sub_sub_id=249&app=id352509417

Domain: offer.alibaba.com
URL: https://offer.alibaba.com/cps/rq9rg325?tp1=6146d6fa5777730001ff0345&pid=729_4850616&adid=

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=149384&pub_id=636&pub_click_id=NCT_iphone_de_ofid12524753_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat7_sub4_sub5&pub_sub_id=722700913&pub_sub_sub_id=249&gaid=49A8A7C1-2316-48AF-A38A-2936E2A9CAC2&idfa=49A8A7C1-2316-48AF-A38A-2936E2A9CAC2&app=id352509417

Domain: il32.co
URL: https://il32.co/ps?p=5&r=1&d=5000&aff_clickid=&sub1=17_722700913_249&target=

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=116243&pub_id=636&pub_click_id=NCT_iphone_de_ofid12124696_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat10_sub4_sub5&pub_sub_id=722700913&pub_sub_sub_id=249&gaid=49A8A7C1-2316-48AF-A38A-2936E2A9CAC2&idfa=49A8A7C1-2316-48AF-A38A-2936E2A9CAC2&app=id352509417

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=11&offer_id=2287

Domain: adjar.gotrackier.com
URL: https://adjar.gotrackier.com/click?campaign_id=1997&pub_id=104&p1=NCT_iphone_de_ofid12208225_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat15_sub4_sub5&source=722700913_249&app_name=id352509417

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=11&offer_id=2287

Domain: leaddaway.g2afse.com
URL: https://leaddaway.g2afse.com/click?pid=339&offer_id=2241684&sub1=NCT_iphone_de_ofid11085388_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat17_sub4_sub5&sub2=722700913_249&sub5=id352509417

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=11&offer_id=2287

Domain: offer.alibaba.com
URL: https://offer.alibaba.com/cps/3ba4i0jh?tp1=6146d6fa15927100016fa0a6&pid=729_4850913&adid=

Domain: track.paddlewaver.com
URL: https://track.paddlewaver.com/?campaign_id=5238072&publisher_id=1000044&clickid=NCT_iphone_de_ofid11957205_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat22_sub4_sub5&channel=722700913_249&packagename=id352509417&appname=id352509417

Domain: www.toptop.digital
URL: https://www.toptop.digital/?utm_source=Affto2&utm_medium=TFB

Domain: www.toptop.digital
URL: https://www.toptop.digital/?utm_source=Affto2&utm_medium=TFB

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=11&offer_id=2287

Domain: valuadle.g2afse.com
URL: https://valuadle.g2afse.com/click?pid=11&offer_id=463560&sub1=NCT_iphone_de_ofid12130611_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat27_sub4_sub5&sub2=722700913_249&sub3=id352509417&sub4=49A8A7C1-2316-48AF-A38A-2936E2A9CAC2

Domain: offer.alibaba.com
URL: https://offer.alibaba.com/cps/3ba4i0jh?tp1=6146d6fa451a8200012078c3&pid=868_4850913&adid=

Domain: spykemedia.g2afse.com
URL: https://spykemedia.g2afse.com/click?pid=606&offer_id=1189047&sub1=NCT_iphone_de_ofid12170847_pid616_sub1_sub233_sub3appadppre_nat39_sub4_sub5&sub2=722700616_33&sub4=722700616_33&sub3=MyRadar%E6%B0%97%E8%B1%A1%E3%83%AC%E3%83%BC%E3%83%80%E3%83%BC

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: valuadle.g2afse.com
URL: http://valuadle.g2afse.com/disabled.html

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gowithads.com/	1970-01-19 21:20:34	Name: __cf_bm Value: eHgKIBAxQOSIhjJ8Sjixxmawi6GkuCxl3lRD5D71RHs-1632032506-0-ATMQlkD+KqtNV7q+ErkYTGUOYaHmiG2RSkZEXIRRHJGtphjxI19BMFzDuQY91XGp8KThbtWnlcXp+Hc1BPYLnnQ=
biggerpicture.g2afse.com/	1970-01-20 06:06:08	Name: afclick Value: 6146d6fad24ac900014f2cdc
biggerpicture.g2afse.com/	1970-01-20 06:06:08	Name: afoffers Value: {"188":1632032506}
.gotrackier.com/	1970-01-19 21:20:34	Name: __cf_bm Value: HlJpXbkaTS5Ahve8OJk.WIz5QJu6_HDjXOyA5M9x4Zo-1632032506-0-AUP9C6b62b9Q4suaO9K4/+Dg1IMi4ZTsn98h87y4kTdkrd9unbOODJvaz69XZbhn8pKX5V8KTN2TDfjCgX7Hcm4=
ad.mobcho.com/	1970-01-20 06:06:08	Name: afoffers Value: {"33":1632032506}
ad.mobcho.com/	1970-01-20 06:06:08	Name: afclick Value: 6146d6fa008a0d00016ade57
.sylvinanorrey.com/	1970-01-19 21:20:34	Name: __cf_bm Value: PK8ZbEKCBQQ8vkr7hMj_BWP0plhDD2akQh_7DruKTwI-1632032506-0-AciUZNAcibd4Aq7PHnjzuVhnxwE5NytdORqMGpUgl3/iTEWfyFT5Afp33aQodIN7L0vS2K0C3NVwDS6Kbdazx0A=
t.9696.me/	1970-01-20 06:06:08	Name: afclick Value: 6146d6fa15927100016fa0a6
thingortwo.g2afse.com/	1970-01-20 06:06:08	Name: afclick Value: 6146d6fa9ae1550001c67cdf
.faswqurecv.com/	1970-01-19 21:21:58	Name: bemob-uniq-visit:1b42dc47-4e2b-456b-8bc5-515903f4eb28 Value: 1
.faswqurecv.com/	1970-01-19 21:21:58	Name: bemob-click-id Value: UQL5Ns7njZ7izqJaMbMQBf
.alibaba.com/	1969-12-31 23:59:59	Name: cookie2 Value: acf3c5181578c0d7157bbf1192c5ffbd
.alibaba.com/	1970-01-23 10:46:33	Name: t Value: 2d8773e65fd5fbc0645fced455bfe627
.alibaba.com/	1969-12-31 23:59:59	Name: _tb_token_ Value: f16ee5117e7f5

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://appnapp.g2afse.com/click?pid=33&offer_id=2308949&sub1=NCT_iphone_de_ofid9602481_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat12_sub4_sub5&sub2=722700913_249&sub5=id352509417 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://appnapp.g2afse.com/click?pid=33&offer_id=2508786&sub1=NCT_iphone_de_ofid9801751_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat33_sub4_sub5&sub2=722700913_249&sub5=id352509417 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.games-to-run123.com/click?affid=47&cmpid=f3c361c422b1f12a&clickid=NCT_iphone_de_ofid12578913_pid913_sub16146d6fa3f2599000163b797_sub2249_sub3GurMobSL_nat32_sub4_sub5&siteid=722700913_249 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.whisursand.com/click?affid=28&category=01 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://offer.alibaba.com/product/w404'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://www.toptop.digital/?utm_source=Affto2&utm_medium=TFB Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.toptop.digital/?utm_source=Affto2&utm_medium=TFB Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://valuadle.g2afse.com/disabled.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0 Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=913&cid=6146d6fa3f2599000163b797&sid=249&udid=&name=&info=GurMobSL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mobcho.com
adcrate-solutions.go2affise.com
adjar.gotrackier.com
advdgt.trckswrm.com
allowsuccess.org
appad.g2afse.com
appnapp.g2afse.com
aptrt.trckswrm.com
apts.trckswrm.com
armr.trckswrm.com
biggerpicture.g2afse.com
c.allontrk.com
click.mnmnck.com
cpi-offers.com
de.yahoo.com
direct2.knmasdfsdgs.com
faswqurecv.com
fd.allsaintsyrt.club
fkan.oakmastering.site
go2.enjoycpi.com
gurmob.g2afse.com
il32.co
imagineads.g2afse.com
leaddaway.g2afse.com
lucazepa.com
offer.alibaba.com
spykemedia.g2afse.com
sylvinanorrey.com
track.gowithads.com
track.paddlewaver.com
trk.ad-serving-ads.com
trk.bidrivo.com
trk.games-to-run123.com
trk.whisursand.com
trk86.zperform.com
valuadle.g2afse.com
www.toptop.digital
www.visitdubai.com
www.yahoo.com
yahoo.com
adjar.gotrackier.com
c.allontrk.com
il32.co
imagineads.g2afse.com
leaddaway.g2afse.com
offer.alibaba.com
spykemedia.g2afse.com
track.paddlewaver.com
valuadle.g2afse.com
www.toptop.digital
104.21.93.11
104.21.93.82
116.202.243.43
168.119.91.184
172.67.128.252
172.67.144.227
172.67.211.114
18.158.50.96
185.33.87.146
213.227.134.198
213.227.134.202
213.227.134.220
213.227.135.209
213.227.135.229
213.227.156.13
23.79.135.169
3.210.173.107
34.120.248.84
35.244.148.94
35.244.209.32
5.9.5.213
5.9.6.203
52.58.210.58
52.72.159.253
54.205.104.8
54.225.218.189
87.248.100.216
98.137.11.164
1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6
470b7b35a337a5d1358788b3201f4bd1cc8b2f5b01ea4dad7fe06d812db06120
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cpi-offers.com Open in urlscan Pro 52.58.210.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

44 Requests

45 %HTTPS

0 %IPv6

28 Domains

40 Subdomains

13 IPs

5 Countries

3 kBTransfer

10 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

cpi-offers.com Open in urlscan Pro
52.58.210.58 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

45 %
HTTPS

0 %
IPv6

28
Domains

40
Subdomains

13
IPs

5
Countries

3 kB
Transfer

10 kB
Size

14
Cookies

44 HTTP transactions
0 data transactions