urlscan.io logo urlscan.io
SecurityTrails logo

cpi-offers.com Open in urlscan Pro
3.121.26.234  Public Scan

Go To Rescan Add Verdict Report
URL: http://cpi-offers.com/fantastic.html
Submission: On December 27 via manual from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 6 countries across 21 domains to perform 17 HTTP transactions. The main IP is 3.121.26.234, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com.
This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 6 3.121.26.234 16509 (AMAZON-02)
3 3 212.7.209.69 60781 (LEASEWEB-...)
1 50.62.172.232 26496 (AS-26496-...)
1 1 213.227.134.196 60781 (LEASEWEB-...)
2 2 213.227.156.19 60781 (LEASEWEB-...)
6 6 213.227.156.13 60781 (LEASEWEB-...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
2 2 213.227.134.220 60781 (LEASEWEB-...)
1 212.92.39.33 24592 (NEXICA-AS)
1 1 213.227.156.234 60781 (LEASEWEB-...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
6 8 213.227.134.238 60781 (LEASEWEB-...)
3 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 213.227.135.229 60781 (LEASEWEB-...)
1 1 207.180.243.121 51167 (CONTABO)
1 144.91.99.171 51167 (CONTABO)
1 2 213.227.134.202 60781 (LEASEWEB-...)
3 3 213.227.134.234 60781 (LEASEWEB-...)
1 1 212.32.254.138 60781 (LEASEWEB-...)
1 1 92.223.27.99 199524 (GCORE)
1 92.223.22.99 199524 (GCORE)
1 1 213.227.135.213 60781 (LEASEWEB-...)
1 2 213.227.134.204 60781 (LEASEWEB-...)
1 1 54.164.217.142 14618 (AMAZON-AES)
1 34.202.244.90 14618 (AMAZON-AES)
1 1 172.67.154.20 13335 (CLOUDFLAR...)
1 52.201.162.15 14618 (AMAZON-AES)
17 13
6    3.121.26.234 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-26-234.eu-central-1.compute.amazonaws.com
cpi-offers.com
3    212.7.209.69 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
smartass.g2afse.com
thingortwo.g2afse.com
click.iconpeak2trk.com
1    50.62.172.232 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-50-62-172-232.ip.secureserver.net
weknowmag.com
1    213.227.134.196 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
click2comm.go2affise.com
2    213.227.156.19 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
allmarketing.g2afse.com
mookomedia.g2afse.com
6    213.227.156.13 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
tappx.go2affise.com
bondika.g2afse.com
adcrate-solutions.go2affise.com
1    2606:4700:3032::ac43:81a9 (United States)

ASN13335 (CLOUDFLARENET, US)
misctraff.com
1    2606:4700:e2::ac40:8d1f (United States)

ASN13335 (CLOUDFLARENET, US)
trk143.nundori.xyz
2    213.227.134.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
pandamobi.g2afse.com
leaddaway.g2afse.com
1    212.92.39.33 (Barcelona, Spain)

ASN24592 (NEXICA-AS, ES)
r.leadzu.com
1    213.227.156.234 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
toptopmedia.g2afse.com
1    2606:4700:3037::681f:5544 (United States)

ASN13335 (CLOUDFLARENET, US)
track.gowithads.com
8    213.227.134.238 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
aandb.g2afse.com
3    2a02:26f0:64:5a5::2a1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
apps.apple.com
2    2606:4700:20::ac43:484a (United States)

ASN13335 (CLOUDFLARENET, US)
vashoot.gotrackier.com
2    213.227.135.229 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
zenoclick.g2afse.com
1    207.180.243.121 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
il1i.co
1    144.91.99.171 (Germany)

ASN51167 (CONTABO, DE)
PTR: m12971.contaboserver.net
il32.co
2    213.227.134.202 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
go2.enjoycpi.com
3    213.227.134.234 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
appricotads.g2afse.com
1    212.32.254.138 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
track.wg-aff.com
1    92.223.27.99 (Luxembourg)

ASN199524 (GCORE, LU)
rdr.wargaming.net
1    92.223.22.99 (Luxembourg)

ASN199524 (GCORE, LU)
PTR: ed-v-a99.fe.core.pw
promo.worldofwarships.eu
1    213.227.135.213 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
times25.go2affise.com
2    213.227.134.204 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
clicxy.g2afse.com
1    54.164.217.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
4gbsxw0.appsdeku.com
1    34.202.244.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-244-90.compute-1.amazonaws.com
t1.greatforwarding.com
1    172.67.154.20 (United States)

ASN13335 (CLOUDFLARENET, US)
lucazepa.com
1    52.201.162.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-162-15.compute-1.amazonaws.com
tare.pro
Domain Requested by
8 aandb.g2afse.com 6 redirects cpi-offers.com
6 cpi-offers.com 5 redirects
4 adcrate-solutions.go2affise.com 4 redirects
3 appricotads.g2afse.com 3 redirects
3 apps.apple.com cpi-offers.com
2 clicxy.g2afse.com 1 redirects cpi-offers.com
2 go2.enjoycpi.com 1 redirects cpi-offers.com
2 zenoclick.g2afse.com 2 redirects
2 vashoot.gotrackier.com cpi-offers.com
1 tare.pro cpi-offers.com
1 lucazepa.com 1 redirects
1 t1.greatforwarding.com cpi-offers.com
1 4gbsxw0.appsdeku.com 1 redirects
1 mookomedia.g2afse.com 1 redirects
1 click.iconpeak2trk.com 1 redirects
1 times25.go2affise.com 1 redirects
1 promo.worldofwarships.eu cpi-offers.com
1 rdr.wargaming.net 1 redirects
1 track.wg-aff.com 1 redirects
1 il32.co cpi-offers.com
1 il1i.co 1 redirects
1 leaddaway.g2afse.com 1 redirects
1 track.gowithads.com 1 redirects
1 toptopmedia.g2afse.com 1 redirects
1 bondika.g2afse.com 1 redirects
1 r.leadzu.com cpi-offers.com
1 pandamobi.g2afse.com 1 redirects
1 trk143.nundori.xyz cpi-offers.com
1 misctraff.com 1 redirects
1 tappx.go2affise.com 1 redirects
1 allmarketing.g2afse.com 1 redirects
1 click2comm.go2affise.com 1 redirects
1 weknowmag.com cpi-offers.com
1 thingortwo.g2afse.com 1 redirects
1 smartass.g2afse.com 1 redirects
17 35

This site contains no links.

Subject Issuer Validity Valid
weknowmag.com
Go Daddy Secure Certificate Authority - G2		 2020-09-27 -
2021-10-29		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-27 -
2021-06-27		 a year crt.sh
itunes.apple.com
DigiCert SHA2 Extended Validation Server CA-3		 2020-08-13 -
2021-08-14		 a year crt.sh
il32.co
Let's Encrypt Authority X3		 2020-10-24 -
2021-01-22		 3 months crt.sh
*.worldofwarships.eu
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-09 -
2022-01-09		 a year crt.sh
*.g2afse.com
DigiCert ECC Secure Server CA		 2020-08-26 -
2021-09-02		 a year crt.sh
*.dynforward.com
R3		 2020-12-11 -
2021-03-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://cpi-offers.com/fantastic.html
Frame ID: 3FC3F01E0576A9B4EE03147A3F7E149F
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

17
Requests

76 %
HTTPS

17 %
IPv6

21
Domains

35
Subdomains

13
IPs

6
Countries

3 kB
Transfer

4 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://smartass.g2afse.com/click?pid=42&offer_id=1870097&sub3=NCT_iphone_ch_ofid9316383_pidundefined_sub1,_sub2,_sub3,_nat1_sub4_sub5&sub2=s_4850undefined_,&sub1=,&offer_id=825757&sub1=NCT_iphone_ch_ofid9316383_pidundefined_sub1,_sub2,_sub3,_nat1_sub4_sub5&sub2=563380undefined_,&sub3=id1506390987 HTTP 302
  • https://thingortwo.g2afse.com/sl?id=5bffbf8000ca309f85166dd2&pid=146&sub2=s_4850undefined_,&sub4=&sub5= HTTP 302
  • https://weknowmag.com/?utm_source=Affto2&utm_medium=TFB
Request Chain 1
  • https://click2comm.go2affise.com/click?pid=310&offer_id=2827703&sub1=NCT_iphone_ch_ofid9450673_pidundefined_sub1,_sub2,_sub3,_nat2_sub4_sub5&sub2=563380undefined_,&sub6=id1506390987 HTTP 302
  • https://allmarketing.g2afse.com/click?pid=377&offer_id=4419881&sub1=5fe8e16c2aaa73000176d53c&sub2=310_563380undefined_,&= HTTP 302
  • https://tappx.go2affise.com/click?pid=246&offer_id=387424&sub1=5fe8e16c78ad510001dff8aa&sub2=377&sub4=&sub5= HTTP 302
  • https://misctraff.com/l/2700178099216c7175da?source=246_377 HTTP 302
  • https://trk143.nundori.xyz/l/2700178099216c7175da.js?source=246_377
Request Chain 2
  • https://pandamobi.g2afse.com/click?pid=6&offer_id=597383&sub1=NCT_iphone_ch_ofid8696877_pidundefined_sub1,_sub2,_sub3,_nat3_sub4_sub5&sub2=563380undefined_,&sub5=id1506390987 HTTP 302
  • http://r.leadzu.com/red/?code=4M4C8XL2R1ZN&a=6.&pubid=6
Request Chain 3
  • https://bondika.g2afse.com/click?pid=2&offer_id=20215&sub1=563380undefined&sub2=,&sub3=NCT_iphone_ch_ofid5927698_pidundefined_sub1,_sub2,_sub3,_nat4_sub4_sub5&sub5=id1506390987 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=611&cid=&sid=2&udid=&name=&info=BondikaSL&blockTime=0 HTTP 302
  • https://toptopmedia.g2afse.com/click?pid=214&offer_id=3092385&sub1=NCT_iphone_ch_ofid9494789_pid616_sub1_sub22_sub3BondikaSL_nat5_sub4_sub5&sub2=563380616_2&sub3=id1477841973 HTTP 302
  • https://track.gowithads.com/click?pid=199&offer_id=2026462&sub1=5fe8e16cbb1a3a00018145b6&sub2=214&sub3=&sub4=id1477841973&ip=&device_ua=&sub5= HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=599&cid=&sid=199_214&udid=&name=&info=GOWMsl&blockTime=0 HTTP 302
  • https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1202016&sub1=NCT_iphone_ch_ofid9161107_pid616_sub1_sub2199_214_sub3GOWMsl_nat10_sub4_sub5&sub2=563380616_199_214&sub3=E6ACBFFF-9E6C-4460-AD51-2CC9E4B5EE87&sub4=id1425014150 HTTP 302
  • https://aandb.g2afse.com/click?pid=2&offer_id=423684&sub1=5fe8e16cf456bd000163617e&sub2=80_563380616_199_214&sub3=E6ACBFFF-9E6C-4460-AD51-2CC9E4B5EE87&sub4=id1425014150 HTTP 302
  • https://apps.apple.com/us/app/id503451073
Request Chain 5
  • https://zenoclick.g2afse.com/click?pid=2&offer_id=36360&sub1=NCT_iphone_ch_ofid9355927_pidundefined_sub1,_sub2,_sub3,_nat6_sub4_sub5&sub2=563380undefined_,&sub6=id1506390987 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=941&cid=clickid&sid=2&udid=&name=&info=ZenoClickSL&blockTime=0 HTTP 302
  • https://leaddaway.g2afse.com/click?pid=339&offer_id=1679472&sub1=NCT_iphone_ch_ofid8527515_pid616_sub1clickid_sub22_sub3ZenoClickSL_nat9_sub4_sub5&sub2=563380616_2&sub5=id290638154 HTTP 302
  • https://apps.apple.com/us/app/id589328270
Request Chain 6
  • https://il1i.co/o/363029?p=20111&aff_clickid=NCT_iphone_ch_ofid9501592_pidundefined_sub1,_sub2,_sub3,_nat7_sub4_sub5&sub1=563380undefined&sub2=,&app_name=,&bundle_id=id1506390987&offer_id=825757&sub1=NCT_iphone_ch_ofid9501592_pidundefined_sub1,_sub2,_sub3,_nat7_sub4_sub5&sub2=563380undefined_,&sub3=id1506390987 HTTP 302
  • https://il32.co/ps?p=1&r=1&aff_clickid=%7Bclickid%7D&sub1=%7Bsub1%7D&target=%7Btarget%7D
Request Chain 7
  • https://go2.enjoycpi.com/click?pid=undefined&offer_id=8178705&sub1=,&sub2=,&sub3=,_nat8&sub4=DF7321B9-B454-45D5-AB7F-BDAA326EA990&sub5=id1506390987&sub6=563380 HTTP 302
  • http://go2.enjoycpi.com/disabled.html
Request Chain 8
  • https://appricotads.g2afse.com/click?pid=251&offer_id=69827&ref_id=NCT_iphone_ch_ofid8844050_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&sub1=251_4850undefined&sub2=,&sub6=id1506390987 HTTP 302
  • http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850undefined&sub2=,&sub3=&sub4= HTTP 302
  • https://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850undefined&sub2=,&sub3=&sub4= HTTP 302
  • https://track.wg-aff.com/click?pid=2632&offer_id=24&ref_id=5fe8e16cb3f0120001aedf37&sub1=2_, HTTP 302
  • https://rdr.wargaming.net/so7iy4o7/?pub_id=2632&xid=5fe8e16cf85ac2000120fb02&xid_param1=2_,&xid_param_2= HTTP 301
  • https://promo.worldofwarships.eu/glows-27628/eu-de/?pub_id=2632&xid=5fe8e16cf85ac2000120fb02&xid_param1=2_%2C&xid_param_2=&sid=SIDZ0UfBUqRb3W7fyV66qSOIDHVUUDGf9totX9EmeiNZ1BRXg1GULNltk7xF67unvyDvlVk7SNjGWYwe8dseHz5g-2nr-7ud2eJ8V-QaYhApRWzJRNnmVTwW4NHgorrCuVt32BLWLLnRaPx&enctid=c83thjopem0c&lpsn=WOWS+TMPLT1+CODE+BOOM+global&foris=1&utm_source=wlap&utm_medium=affiliate&utm_campaign=so7iy4o7&utm_content=2632
Request Chain 9
  • https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1202016&sub1=NCT_iphone_ch_ofid9161107_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&sub2=563380undefined_,&sub3=DF7321B9-B454-45D5-AB7F-BDAA326EA990&sub4=id1506390987 HTTP 302
  • https://aandb.g2afse.com/click?pid=2&offer_id=423684&sub1=5fe8e16cf456bd00010d1e41&sub2=80_563380undefined_,&sub3=DF7321B9-B454-45D5-AB7F-BDAA326EA990&sub4=id1506390987 HTTP 302
  • https://apps.apple.com/us/app/id503451073
Request Chain 10
  • https://zenoclick.g2afse.com/click?pid=2&offer_id=32139&sub1=NCT_iphone_ch_ofid9177633_pidundefined_sub1,_sub2,_sub3,_nat11_sub4_sub5&sub2=563380undefined_,&sub6=id1506390987 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=941&cid=clickid&sid=2&udid=&name=&info=ZenoClickSL&blockTime=0 HTTP 302
  • https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1337424&sub1=NCT_iphone_ch_ofid9321291_pid616_sub1clickid_sub22_sub3ZenoClickSL_nat13_sub4_sub5&sub2=563380616_2&sub4=id1274972321 HTTP 302
  • https://aandb.g2afse.com/click?pid=2&offer_id=525296&sub1=5fe8e16c76baf00001bede57&sub2=80_563380616_2&sub3=&sub4=id1274972321 HTTP 302
  • http://aandb.g2afse.com/disabled.html HTTP 302
  • https://aandb.g2afse.com/disabled.html
Request Chain 12
  • https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1337500&sub1=NCT_iphone_ch_ofid9321331_pidundefined_sub1,_sub2,_sub3,_nat13_sub4_sub5&sub2=563380undefined_,&sub4=id1506390987 HTTP 302
  • https://aandb.g2afse.com/click?pid=2&offer_id=525274&sub1=5fe8e16c816c420001f597d9&sub2=80_563380undefined_,&sub3=&sub4=id1506390987 HTTP 302
  • http://aandb.g2afse.com/disabled.html HTTP 302
  • https://aandb.g2afse.com/disabled.html
Request Chain 13
  • https://times25.go2affise.com/click?pid=59&offer_id=136503&sub1=NCT_iphone_ch_ofid9449797_pidundefined_sub1,_sub2,_sub3,_nat14_sub4_sub5&sub2=563380undefined_,&sub3=DF7321B9-B454-45D5-AB7F-BDAA326EA990&sub4=DF7321B9-B454-45D5-AB7F-BDAA326EA990&sub5=,&offer_id=825757&sub1=NCT_iphone_ch_ofid9449797_pidundefined_sub1,_sub2,_sub3,_nat14_sub4_sub5&sub2=563380undefined_,&sub3=id1506390987&sub4=DF7321B9-B454-45D5-AB7F-BDAA326EA990 HTTP 302
  • https://click.iconpeak2trk.com/click?pid=68&offer_id=7499&ext1=5fe8e16c1add7e0001108da0&sub1=59&sub2=563380undefined_,&sub3=DF7321B9-B454-45D5-AB7F-BDAA326EA990_DF7321B9-B454-45D5-AB7F-BDAA326EA990&sub5=,&= HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=691&cid=&sid=68&udid=&name=&info=iconpeakppre&blockTime=0 HTTP 302
  • https://clicxy.g2afse.com/click?pid=6479&offer_id=163099&sub1=NCT_iphone_ch_ofid6917946_pid616_sub1_sub268_sub3iconpeakppre_nat14_sub4_sub5&sub2=563380616_68&sub3=id510873505&sub4=9AED56FE-7F95-4FD7-9458-4E413320AB4C HTTP 302
  • https://clicxy.g2afse.com/disabled.html
Request Chain 14
  • https://mookomedia.g2afse.com/click?pid=42&offer_id=157916&sub1=NCT_iphone_ch_ofid9091246_pidundefined_sub1,_sub2,_sub3,_nat15_sub4_sub5&sub4=563380undefined_,&sub5=id1506390987 HTTP 302
  • https://4gbsxw0.appsdeku.com/4gbsxw0?p=42_563380undefined_,&sid=5fe8e16c11bcfe0001fdba24&android_id=&android_a_id=&idfa=&app_id=id1506390987&param1= HTTP 302
  • https://t1.greatforwarding.com/c55c7b6?p=002753_42_563380undefined_,
Request Chain 15
  • https://lucazepa.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
  • http://tare.pro/go/216668/575137

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fantastic.html
cpi-offers.com/ 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cpi-offers.com/fantastic.html
Protocol
HTTP/1.1
Server
3.121.26.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-26-234.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.1 / Express
Resource Hash
2df96edde4c8acb2f3b320f50185ec87ce21f631882875a5964f67b03111707a

Request headers

Host
cpi-offers.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 19:33:00 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx/1.14.1
X-Powered-By
Express
Access-Control-Allow-Origin
*
ETag
W/"1111-tOa80JBPIX+hMZfD2G+1By02tjY"
Content-Encoding
gzip
/
weknowmag.com/
Redirect Chain
  • https://smartass.g2afse.com/click?pid=42&offer_id=1870097&sub3=NCT_iphone_ch_ofid9316383_pidundefined_sub1,_sub2,_sub3,_nat1_sub4_sub5&sub2=s_4850undefined_,&sub1=,&offer_id=825757&sub1=NCT_iphone_...
  • https://thingortwo.g2afse.com/sl?id=5bffbf8000ca309f85166dd2&pid=146&sub2=s_4850undefined_,&sub4=&sub5=
  • https://weknowmag.com/?utm_source=Affto2&utm_medium=TFB
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://weknowmag.com/?utm_source=Affto2&utm_medium=TFB
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.62.172.232 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-50-62-172-232.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

location
https://weknowmag.com/?utm_source=Affto2&utm_medium=TFB
date
Sun, 27 Dec 2020 19:33:00 GMT
server
nginx
content-length
82
content-type
text/html; charset=utf-8
2700178099216c7175da.js
trk143.nundori.xyz/l/
Redirect Chain
  • https://click2comm.go2affise.com/click?pid=310&offer_id=2827703&sub1=NCT_iphone_ch_ofid9450673_pidundefined_sub1,_sub2,_sub3,_nat2_sub4_sub5&sub2=563380undefined_,&sub6=id1506390987
  • https://allmarketing.g2afse.com/click?pid=377&offer_id=4419881&sub1=5fe8e16c2aaa73000176d53c&sub2=310_563380undefined_,&=
  • https://tappx.go2affise.com/click?pid=246&offer_id=387424&sub1=5fe8e16c78ad510001dff8aa&sub2=377&sub4=&sub5=
  • https://misctraff.com/l/2700178099216c7175da?source=246_377
  • https://trk143.nundori.xyz/l/2700178099216c7175da.js?source=246_377
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trk143.nundori.xyz/l/2700178099216c7175da.js?source=246_377
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Sun, 27 Dec 2020 19:33:00 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7AKgpFnT9XnUMsZj9700TOXSpcDZzsVLw8L9vS39%2BFEGK92O88Iz7MxClZewRY91Njn0wavN99LP9JG7QtdydTnTeS965YGANKenuAdL6BmbtKiSzEf5vVc%2F"}],"group":"cf-nel","max_age":604800}
location
https://trk143.nundori.xyz/l/2700178099216c7175da.js?source=246_377
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
60857884ef211786-FRA
cf-request-id
074749a70f000017863337c000000001
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
r.leadzu.com/red/
Redirect Chain
  • https://pandamobi.g2afse.com/click?pid=6&offer_id=597383&sub1=NCT_iphone_ch_ofid8696877_pidundefined_sub1,_sub2,_sub3,_nat3_sub4_sub5&sub2=563380undefined_,&sub5=id1506390987
  • http://r.leadzu.com/red/?code=4M4C8XL2R1ZN&a=6.&pubid=6
7 B
157 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://r.leadzu.com/red/?code=4M4C8XL2R1ZN&a=6.&pubid=6
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html
Protocol
HTTP/1.1
Server
212.92.39.33 Barcelona, Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS
Software
Apache /
Resource Hash
551c7d1ddbf1ab368a5e3fabb559cca37e9a14a75a9b53bc2f757a0d6afb2685

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 19:05:25 GMT
Server
Apache
Connection
close
Content-Length
7
Content-Type
text/html; charset=UTF-8

Redirect headers

location
http://r.leadzu.com/red/?code=4M4C8XL2R1ZN&a=6.&pubid=6
date
Sun, 27 Dec 2020 19:33:00 GMT
server
nginx
content-length
86
content-type
text/html; charset=utf-8
id503451073
apps.apple.com/us/app/
Redirect Chain
  • https://bondika.g2afse.com/click?pid=2&offer_id=20215&sub1=563380undefined&sub2=,&sub3=NCT_iphone_ch_ofid5927698_pidundefined_sub1,_sub2,_sub3,_nat4_sub4_sub5&sub5=id1506390987
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=611&cid=&sid=2&udid=&name=&info=BondikaSL&blockTime=0
  • https://toptopmedia.g2afse.com/click?pid=214&offer_id=3092385&sub1=NCT_iphone_ch_ofid9494789_pid616_sub1_sub22_sub3BondikaSL_nat5_sub4_sub5&sub2=563380616_2&sub3=id1477841973
  • https://track.gowithads.com/click?pid=199&offer_id=2026462&sub1=5fe8e16cbb1a3a00018145b6&sub2=214&sub3=&sub4=id1477841973&ip=&device_ua=&sub5=
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=599&cid=&sid=199_214&udid=&name=&info=GOWMsl&blockTime=0
  • https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1202016&sub1=NCT_iphone_ch_ofid9161107_pid616_sub1_sub2199_214_sub3GOWMsl_nat10_sub4_sub5&sub2=563380616_199_214&sub3=E6ACBFFF-9E6C-446...
  • https://aandb.g2afse.com/click?pid=2&offer_id=423684&sub1=5fe8e16cf456bd000163617e&sub2=80_563380616_199_214&sub3=E6ACBFFF-9E6C-4460-AD51-2CC9E4B5EE87&sub4=id1425014150
  • https://apps.apple.com/us/app/id503451073
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps.apple.com/us/app/id503451073
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:5a5::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*

Redirect headers

location
https://apps.apple.com/us/app/id503451073
date
Sun, 27 Dec 2020 19:33:00 GMT
server
nginx
content-length
64
content-type
text/html; charset=utf-8
/
vashoot.gotrackier.com/t/MTI0NF85MDA0Nw/ 		0
785 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vashoot.gotrackier.com/t/MTI0NF85MDA0Nw/?source={your-sub-aff-id}&p1={your-transaction-id}&p1=NCT_iphone_ch_ofid9496986_pidundefined_sub1,_sub2,_sub3,_nat5_sub4_sub5&source=563380undefined_,&app_name=id1506390987
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:484a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 19:33:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0bGvh2dsvg5sFZxzDLLxvydfNDoK7VUSfugWYrj3rQL%2BRUnRuolyWLkKHP%2BvpwKjywqRIXsf%2FfEppcTLuxEMbrz3I3sD3wHbilT521dxu%2FUwmAGiLsW%2F7vglalrDtVHqq%2FLe"}],"group":"cf-nel","max_age":604800}
cf-request-id
074749a62f00002bc6f2222000000001
cf-ray
6085788379672bc6-FRA
content-length
0
x-rt
0
id589328270
apps.apple.com/us/app/
Redirect Chain
  • https://zenoclick.g2afse.com/click?pid=2&offer_id=36360&sub1=NCT_iphone_ch_ofid9355927_pidundefined_sub1,_sub2,_sub3,_nat6_sub4_sub5&sub2=563380undefined_,&sub6=id1506390987
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=941&cid=clickid&sid=2&udid=&name=&info=ZenoClickSL&blockTime=0
  • https://leaddaway.g2afse.com/click?pid=339&offer_id=1679472&sub1=NCT_iphone_ch_ofid8527515_pid616_sub1clickid_sub22_sub3ZenoClickSL_nat9_sub4_sub5&sub2=563380616_2&sub5=id290638154
  • https://apps.apple.com/us/app/id589328270
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps.apple.com/us/app/id589328270
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:5a5::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*

Redirect headers

location
https://apps.apple.com/us/app/id589328270
date
Sun, 27 Dec 2020 19:33:00 GMT
server
nginx
content-length
64
content-type
text/html; charset=utf-8
ps
il32.co/
Redirect Chain
  • https://il1i.co/o/363029?p=20111&aff_clickid=NCT_iphone_ch_ofid9501592_pidundefined_sub1,_sub2,_sub3,_nat7_sub4_sub5&sub1=563380undefined&sub2=,&app_name=,&bundle_id=id1506390987&offer_id=825757&su...
  • https://il32.co/ps?p=1&r=1&aff_clickid=%7Bclickid%7D&sub1=%7Bsub1%7D&target=%7Btarget%7D
0
116 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://il32.co/ps?p=1&r=1&aff_clickid=%7Bclickid%7D&sub1=%7Bsub1%7D&target=%7Btarget%7D
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.91.99.171 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m12971.contaboserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 19:33:00 GMT
content-length
0
content-type
text/plain; charset=utf-8

Redirect headers

location
https://il32.co/ps?p=1&r=1&aff_clickid=%7Bclickid%7D&sub1=%7Bsub1%7D&target=%7Btarget%7D
pragma
no-cache
date
Sun, 27 Dec 2020 19:33:00 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-length
0
content-type
text/html; charset=utf-8
disabled.html
go2.enjoycpi.com/
Redirect Chain
  • https://go2.enjoycpi.com/click?pid=undefined&offer_id=8178705&sub1=,&sub2=,&sub3=,_nat8&sub4=DF7321B9-B454-45D5-AB7F-BDAA326EA990&sub5=id1506390987&sub6=563380
  • http://go2.enjoycpi.com/disabled.html
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://go2.enjoycpi.com/disabled.html
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html
Protocol
HTTP/1.1
Server
213.227.134.202 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

location
http://go2.enjoycpi.com/disabled.html
date
Sun, 27 Dec 2020 19:33:00 GMT
server
nginx
content-length
60
content-type
text/html; charset=utf-8
/
promo.worldofwarships.eu/glows-27628/eu-de/
Redirect Chain
  • https://appricotads.g2afse.com/click?pid=251&offer_id=69827&ref_id=NCT_iphone_ch_ofid8844050_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&sub1=251_4850undefined&sub2=,&sub6=id1506390987
  • http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850undefined&sub2=,&sub3=&sub4=
  • https://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850undefined&sub2=,&sub3=&sub4=
  • https://track.wg-aff.com/click?pid=2632&offer_id=24&ref_id=5fe8e16cb3f0120001aedf37&sub1=2_,
  • https://rdr.wargaming.net/so7iy4o7/?pub_id=2632&xid=5fe8e16cf85ac2000120fb02&xid_param1=2_,&xid_param_2=
  • https://promo.worldofwarships.eu/glows-27628/eu-de/?pub_id=2632&xid=5fe8e16cf85ac2000120fb02&xid_param1=2_%2C&xid_param_2=&sid=SIDZ0UfBUqRb3W7fyV66qSOIDHVUUDGf9totX9EmeiNZ1BRXg1GULNltk7xF67unvyDvlV...
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo.worldofwarships.eu/glows-27628/eu-de/?pub_id=2632&xid=5fe8e16cf85ac2000120fb02&xid_param1=2_%2C&xid_param_2=&sid=SIDZ0UfBUqRb3W7fyV66qSOIDHVUUDGf9totX9EmeiNZ1BRXg1GULNltk7xF67unvyDvlVk7SNjGWYwe8dseHz5g-2nr-7ud2eJ8V-QaYhApRWzJRNnmVTwW4NHgorrCuVt32BLWLLnRaPx&enctid=c83thjopem0c&lpsn=WOWS+TMPLT1+CODE+BOOM+global&foris=1&utm_source=wlap&utm_medium=affiliate&utm_campaign=so7iy4o7&utm_content=2632
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.223.22.99 , Luxembourg, ASN199524 (GCORE, LU),
Reverse DNS
ed-v-a99.fe.core.pw
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location
https://promo.worldofwarships.eu/glows-27628/eu-de/?pub_id=2632&xid=5fe8e16cf85ac2000120fb02&xid_param1=2_%2C&xid_param_2=&sid=SIDZ0UfBUqRb3W7fyV66qSOIDHVUUDGf9totX9EmeiNZ1BRXg1GULNltk7xF67unvyDvlVk7SNjGWYwe8dseHz5g-2nr-7ud2eJ8V-QaYhApRWzJRNnmVTwW4NHgorrCuVt32BLWLLnRaPx&enctid=c83thjopem0c&lpsn=WOWS+TMPLT1+CODE+BOOM+global&foris=1&utm_source=wlap&utm_medium=affiliate&utm_campaign=so7iy4o7&utm_content=2632
Date
Sun, 27 Dec 2020 19:33:00 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Length
22
Content-Type
text/plain; charset=utf-8
id503451073
apps.apple.com/us/app/
Redirect Chain
  • https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1202016&sub1=NCT_iphone_ch_ofid9161107_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&sub2=563380undefined_,&sub3=DF7321B9-B454-45D5-AB...
  • https://aandb.g2afse.com/click?pid=2&offer_id=423684&sub1=5fe8e16cf456bd00010d1e41&sub2=80_563380undefined_,&sub3=DF7321B9-B454-45D5-AB7F-BDAA326EA990&sub4=id1506390987
  • https://apps.apple.com/us/app/id503451073
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps.apple.com/us/app/id503451073
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:5a5::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*

Redirect headers

location
https://apps.apple.com/us/app/id503451073
date
Sun, 27 Dec 2020 19:33:00 GMT
server
nginx
content-length
64
content-type
text/html; charset=utf-8
disabled.html
aandb.g2afse.com/
Redirect Chain
  • https://zenoclick.g2afse.com/click?pid=2&offer_id=32139&sub1=NCT_iphone_ch_ofid9177633_pidundefined_sub1,_sub2,_sub3,_nat11_sub4_sub5&sub2=563380undefined_,&sub6=id1506390987
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=941&cid=clickid&sid=2&udid=&name=&info=ZenoClickSL&blockTime=0
  • https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1337424&sub1=NCT_iphone_ch_ofid9321291_pid616_sub1clickid_sub22_sub3ZenoClickSL_nat13_sub4_sub5&sub2=563380616_2&sub4=id1274972321
  • https://aandb.g2afse.com/click?pid=2&offer_id=525296&sub1=5fe8e16c76baf00001bede57&sub2=80_563380616_2&sub3=&sub4=id1274972321
  • http://aandb.g2afse.com/disabled.html
  • https://aandb.g2afse.com/disabled.html
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aandb.g2afse.com/disabled.html
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.134.238 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location
https://aandb.g2afse.com/disabled.html
Date
Sun, 27 Dec 2020 19:33:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
138
Content-Type
text/html
/
vashoot.gotrackier.com/t/MTI0NF84NDE4OA/ 		0
463 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vashoot.gotrackier.com/t/MTI0NF84NDE4OA/?source={your-sub-aff-id}&p1={your-transaction-id}&p1=NCT_iphone_ch_ofid9190414_pidundefined_sub1,_sub2,_sub3,_nat12_sub4_sub5&source=563380undefined_,&gaid=DF7321B9-B454-45D5-AB7F-BDAA326EA990&idfa=DF7321B9-B454-45D5-AB7F-BDAA326EA990&app_name=id1506390987
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:484a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 19:33:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1iDhmsd2NYZvEV6YIezkWZnB2%2Bd3l%2BuotNAp3L0fpe%2FynH4P0mY26Gg7CrfWlNPjgjg6lb%2FYRriu4hkqeGooNXbpRwoPoDQJiQb8jFN4C31h6J3ZWWjuSHpGMare%2BLXiEr8p"}],"group":"cf-nel","max_age":604800}
cf-request-id
074749a62d00002bc6a2817000000001
cf-ray
60857883796c2bc6-FRA
content-length
0
x-rt
0
disabled.html
aandb.g2afse.com/
Redirect Chain
  • https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1337500&sub1=NCT_iphone_ch_ofid9321331_pidundefined_sub1,_sub2,_sub3,_nat13_sub4_sub5&sub2=563380undefined_,&sub4=id1506390987
  • https://aandb.g2afse.com/click?pid=2&offer_id=525274&sub1=5fe8e16c816c420001f597d9&sub2=80_563380undefined_,&sub3=&sub4=id1506390987
  • http://aandb.g2afse.com/disabled.html
  • https://aandb.g2afse.com/disabled.html
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aandb.g2afse.com/disabled.html
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.134.238 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location
https://aandb.g2afse.com/disabled.html
Date
Sun, 27 Dec 2020 19:33:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
138
Content-Type
text/html
disabled.html
clicxy.g2afse.com/
Redirect Chain
  • https://times25.go2affise.com/click?pid=59&offer_id=136503&sub1=NCT_iphone_ch_ofid9449797_pidundefined_sub1,_sub2,_sub3,_nat14_sub4_sub5&sub2=563380undefined_,&sub3=DF7321B9-B454-45D5-AB7F-BDAA326E...
  • https://click.iconpeak2trk.com/click?pid=68&offer_id=7499&ext1=5fe8e16c1add7e0001108da0&sub1=59&sub2=563380undefined_,&sub3=DF7321B9-B454-45D5-AB7F-BDAA326EA990_DF7321B9-B454-45D5-AB7F-BDAA326EA990...
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=691&cid=&sid=68&udid=&name=&info=iconpeakppre&blockTime=0
  • https://clicxy.g2afse.com/click?pid=6479&offer_id=163099&sub1=NCT_iphone_ch_ofid6917946_pid616_sub1_sub268_sub3iconpeakppre_nat14_sub4_sub5&sub2=563380616_68&sub3=id510873505&sub4=9AED56FE-7F95-4FD...
  • https://clicxy.g2afse.com/disabled.html
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clicxy.g2afse.com/disabled.html
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.134.204 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

location
/disabled.html
date
Sun, 27 Dec 2020 19:33:00 GMT
referer
referrer-policy
no-referrer
server
nginx
content-length
37
content-type
text/html; charset=utf-8
c55c7b6
t1.greatforwarding.com/
Redirect Chain
  • https://mookomedia.g2afse.com/click?pid=42&offer_id=157916&sub1=NCT_iphone_ch_ofid9091246_pidundefined_sub1,_sub2,_sub3,_nat15_sub4_sub5&sub4=563380undefined_,&sub5=id1506390987
  • https://4gbsxw0.appsdeku.com/4gbsxw0?p=42_563380undefined_,&sid=5fe8e16c11bcfe0001fdba24&android_id=&android_a_id=&idfa=&app_id=id1506390987&param1=
  • https://t1.greatforwarding.com/c55c7b6?p=002753_42_563380undefined_,
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t1.greatforwarding.com/c55c7b6?p=002753_42_563380undefined_,
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.202.244.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-244-90.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Dec 2020 19:33:01 GMT
Server
nginx
Content-Type
application/json
Cache-Control
private, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
17
Expires
-1

Redirect headers

location
https://t1.greatforwarding.com/c55c7b6?p=002753_42_563380undefined_,
Date
Sun, 27 Dec 2020 19:33:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
4
Content-Type
application/json
575137
tare.pro/go/216668/
Redirect Chain
  • https://lucazepa.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D
  • http://tare.pro/go/216668/575137
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://tare.pro/go/216668/575137
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html
Protocol
HTTP/1.1
Server
52.201.162.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-162-15.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Sun, 27 Dec 2020 19:33:00 GMT
referrer-policy
origin
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B2oN0pCyh1ZOp3fgn9298GQbkLaUdmjM89ZkjmUPHmV7gByVJJOFs6vwSdej7s5UK4RN6Q1BUZYGyzeo7zdb0wV0ZUGBQCMAUt2augU%3D"}],"group":"cf-nel","max_age":604800}
location
http://tare.pro/go/216668/575137
cf-ray
608578842f08bdb9-AMS
content-length
0
cf-request-id
074749a6990000bdb99939f000000001

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4gbsxw0.appsdeku.com
aandb.g2afse.com
adcrate-solutions.go2affise.com
allmarketing.g2afse.com
appricotads.g2afse.com
apps.apple.com
bondika.g2afse.com
click.iconpeak2trk.com
click2comm.go2affise.com
clicxy.g2afse.com
cpi-offers.com
go2.enjoycpi.com
il1i.co
il32.co
leaddaway.g2afse.com
lucazepa.com
misctraff.com
mookomedia.g2afse.com
pandamobi.g2afse.com
promo.worldofwarships.eu
r.leadzu.com
rdr.wargaming.net
smartass.g2afse.com
t1.greatforwarding.com
tappx.go2affise.com
tare.pro
thingortwo.g2afse.com
times25.go2affise.com
toptopmedia.g2afse.com
track.gowithads.com
track.wg-aff.com
trk143.nundori.xyz
vashoot.gotrackier.com
weknowmag.com
zenoclick.g2afse.com
144.91.99.171
172.67.154.20
207.180.243.121
212.32.254.138
212.7.209.69
212.92.39.33
213.227.134.196
213.227.134.202
213.227.134.204
213.227.134.220
213.227.134.234
213.227.134.238
213.227.135.213
213.227.135.229
213.227.156.13
213.227.156.19
213.227.156.234
2606:4700:20::ac43:484a
2606:4700:3032::ac43:81a9
2606:4700:3037::681f:5544
2606:4700:e2::ac40:8d1f
2a02:26f0:64:5a5::2a1
3.121.26.234
34.202.244.90
50.62.172.232
52.201.162.15
54.164.217.142
92.223.22.99
92.223.27.99
2df96edde4c8acb2f3b320f50185ec87ce21f631882875a5964f67b03111707a
551c7d1ddbf1ab368a5e3fabb559cca37e9a14a75a9b53bc2f757a0d6afb2685
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855