cpi-offers.com Open in urlscan Pro
18.193.178.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://track.iontap.io/?aff_id=980854&offer_id=1176054&aff_sub=d69078ae-13f3-49b7-b626-78af2fdb7850&aff_sub2=4018501342...
Effective URL:
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=590&cid=56453574722fac04d836a24887e9abbb&sid=&udid...
Submission: On September 01 via manual (September 1st 2022, 5:26:02 pm UTC) from PH — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 18.193.178.1, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com. The Cisco Umbrella rank of the primary domain is 153529.
TLS certificate: Issued by Amazon on October 26th 2021. Valid for: a year.

This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	88.198.53.171 88.198.53.171	24940 (HETZNER-AS) (HETZNER-AS)
3	18.193.178.1 18.193.178.1	16509 (AMAZON-02) (AMAZON-02)
1 1	188.114.96.12 188.114.96.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
22	4

1 88.198.53.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-53-171.clients.your-server.de

track.iontap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.178.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-178-1.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.12 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zainzuri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	cpi-offers.com cpi-offers.com — Cisco Umbrella Rank: 153529	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2
1	zainzuri.com 1 redirects zainzuri.com — Cisco Umbrella Rank: 77000	450 B
1	iontap.io track.iontap.io — Cisco Umbrella Rank: 823129	680 B
0	ila3.co Failed ila3.co Failed
0	g2afse.com Failed zildd.g2afse.com Failed ad-experience.g2afse.com Failed greengrass.g2afse.com — Cisco Umbrella Rank: 229691 Failed
0	soldbyphonder.com Failed direct4.soldbyphonder.com Failed
22	7

	Domain	Requested by
3	cpi-offers.com	track.iontap.io cpi-offers.com
1	www.google.com	cpi-offers.com
1	zainzuri.com	1 redirects
1	track.iontap.io
0	greengrass.g2afse.com Failed	cpi-offers.com
0	ad-experience.g2afse.com Failed	cpi-offers.com
0	ila3.co Failed	cpi-offers.com
0	zildd.g2afse.com Failed	cpi-offers.com
0	direct4.soldbyphonder.com Failed	cpi-offers.com
22	9

This site contains no links.

Subject Issuer	Validity	Valid
cpi-offers.com Amazon	`2021-10-26` - `2022-11-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=590&cid=56453574722fac04d836a24887e9abbb&sid=&udid=&name=&info=iontapppre&blockTime=0
Frame ID: 11C26465E90BF82B0454A2F0B0914A49
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://track.iontap.io/?aff_id=980854&offer_id=1176054&aff_sub=d69078ae-13f3-49b7-b626-78af2fdb7850... Page URL
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=590&cid=56453574722fac04d836a2... Page URL

Page Statistics

22
Requests

14 %
HTTPS

25 %
IPv6

7
Domains

9
Subdomains

4
IPs

3
Countries

3 kB
Transfer

7 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://track.iontap.io/?aff_id=980854&offer_id=1176054&aff_sub=d69078ae-13f3-49b7-b626-78af2fdb7850&aff_sub2=4018501342_EC6B15411&idfa=19eb4431-495d-4c83-bf10-ffcb1b8f823c Page URL
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=590&cid=56453574722fac04d836a24887e9abbb&sid=&udid=&name=&info=iontapppre&blockTime=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://kuno-gae.com/com.id593715088?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd HTTP 302
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=152eb6e4-2a1b-11ed-8bd6-0ae031780d2b

Request Chain 3

https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=590&offer_id=12789778&sub1=56453574722fac04d836a24887e9abbb&sub2=&sub3=iontapppre_nat2&sub4=C500C34A-B2DD-40AC-9AB9-3D4169EB8D74&sub5=id593715088&sub6=628510 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://zildd.g2afse.com/click?pid=35&offer_id=3474387&sub1=NCT_iphone_de_ofid13385548_pid616_sub1_sub2_sub3TbLabq_nat13_sub4_sub5&sub2=628510616_&sub3=id1456989345 HTTP 0
http://zildd.g2afse.com/disabled.html

Request Chain 9

https://apnp.trckswrm.com/click?offer_id=153288&pub_id=7&pub_id=7&pub_click_id=NCT_iphone_de_ofid13408021_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat8_sub4_sub5&pub_sub_id=628510590&pub_sub_sub_id=&app=id593715088 HTTP 302
https://greengrass.g2afse.com/click?pid=551&offer_id=771&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=10_7&sub6=id593715088&sub5=&sub3=10 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=551_10_7&sub3=771&sub4=10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_551_10_7&sub3=133&sub4=551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_551_10_7&sub3=133&sub4=2_551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_551_10_7&sub3=133&sub4=2_2_551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_2_551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_2_2_551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7 HTTP 302
https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7

Request Chain 16

https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
https://www.google.com/

Request Chain 18

https://zildd.g2afse.com/click?pid=35&offer_id=3527377&sub1=NCT_iphone_de_ofid13390301_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat3_sub4_sub5&sub2=628510590_&sub3=id593715088 HTTP 0
http://zildd.g2afse.com/disabled.html

Request Chain 19

https://zildd.g2afse.com/click?pid=35&offer_id=3527392&sub1=NCT_iphone_de_ofid13407893_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat4_sub4_sub5&sub2=628510590_&sub3=id593715088 HTTP 0
http://zildd.g2afse.com/disabled.html

Request Chain 20

https://zildd.g2afse.com/click?pid=35&offer_id=3524577&sub1=NCT_iphone_de_ofid13366220_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat5_sub4_sub5&sub2=628510590_&sub3=id593715088 HTTP 0
http://zildd.g2afse.com/disabled.html

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ track.iontap.io/	475 B 680 B	316ms 42ms	Document text/html	88.198.53.171 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://track.iontap.io/?aff_id=980854&offer_id=1176054&aff_sub=d69078ae-13f3-49b7-b626-78af2fdb7850&aff_sub2=4018501342_EC6B15411&idfa=19eb4431-495d-4c83-bf10-ffcb1b8f823c Protocol HTTP/1.1 Server 88.198.53.171 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-53-171.clients.your-server.de Software nginx/1.16.1 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Length 475 Content-Type text/html Date Thu, 01 Sep 2022 17:25:32 GMT Keep-Alive timeout=60 Server nginx/1.16.1 X-Backend-Server b2.orangr.com
GET H2	200	Primary Request fantastic.html Show response cpi-offers.com/	4 KB 1 KB	76ms 16ms	Document text/html	18.193.178.1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=590&cid=56453574722fac04d836a24887e9abbb&sid=&udid=&name=&info=iontapppre&blockTime=0 Requested by Host: track.iontap.io URL: http://track.iontap.io/?aff_id=980854&offer_id=1176054&aff_sub=d69078ae-13f3-49b7-b626-78af2fdb7850&aff_sub2=4018501342_EC6B15411&idfa=19eb4431-495d-4c83-bf10-ffcb1b8f823c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.193.178.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-193-178-1.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `4fdf3cbf8a4d25012429d82c1f9e355ec48e77c828c73f36eebf6eec2ba9451b` Request headers Referer http://track.iontap.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Sep 2022 17:25:32 GMT etag W/"e7d-HFmIm2y923v2sjTTivWvtsdcrC8" server nginx/1.14.1 vary Accept-Encoding x-powered-by Express
GET H2	200	main.js Show response cpi-offers.com/jsf/	3 KB 1 KB	19ms 14ms	Script application/javascript	18.193.178.1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/jsf/main.js Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=590&cid=56453574722fac04d836a24887e9abbb&sid=&udid=&name=&info=iontapppre&blockTime=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.193.178.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-193-178-1.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Thu, 01 Sep 2022 17:25:32 GMT content-encoding gzip etag "159163-2720-1653812780000" last-modified Sun, 29 May 2022 08:26:20 GMT server nginx/1.14.1 x-powered-by Express vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=3600
GET		redirect direct4.soldbyphonder.com/ Redirect Chain https://kuno-gae.com/com.id593715088?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=152eb6e4-2a1b-11ed-8bd6-0ae031780d2b	0 0

GET		disabled.html zildd.g2afse.com/ Redirect Chain https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=590&offer_id=12789778&sub1=56453574722fac04d836a24887e9abbb&sub2=&sub3=iontapppre_nat2&sub4=C500C34A-B2DD-40AC-9AB9-3D4169EB8D74&sub5=id5937150... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://zildd.g2afse.com/click?pid=35&offer_id=3474387&sub1=NCT_iphone_de_ofid13385548_pid616_sub1_sub2_sub3TbLabq_nat13_sub4_sub5&sub2=628510616_&sub3=id1456989345 http://zildd.g2afse.com/disabled.html	0 0

GET		click zildd.g2afse.com/	0 0

GET		click zildd.g2afse.com/	0 0

GET		click zildd.g2afse.com/	0 0

GET		415372 ila3.co/o/	0 0

GET		click ad-experience.g2afse.com/	0 0

GET		click greengrass.g2afse.com/ Redirect Chain https://apnp.trckswrm.com/click?offer_id=153288&pub_id=7&pub_id=7&pub_click_id=NCT_iphone_de_ofid13408021_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat8_sub4_sub5&pub_sub_id=6... https://greengrass.g2afse.com/click?pid=551&offer_id=771&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=10_7&sub6=id593715088&sub5=&sub3=10 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=551_10_7&sub3=771&sub4=10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_551_10_7&sub3=133&sub4=551_10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_551_10_7&sub3=133&sub4=2_551_10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_551_10_7&sub3=133&sub4=2_2_551_10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_551_10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_551_10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_551_10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_551_10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_551_10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_551_10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_551_10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_551_10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_2_551_10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_2_2_551_10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7 https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_55... https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_...	0 0

GET		click ad-experience.g2afse.com/	0 0

GET		click ad-experience.g2afse.com/	0 0

GET		click ad-experience.g2afse.com/	0 0

GET		253259 ila3.co/o/	0 0

GET		click zildd.g2afse.com/	0 0

GET		click ad-experience.g2afse.com/	0 0

GET H2	200	/ www.google.com/ Redirect Chain https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D https://www.google.com/	0 0	106ms 82ms	Stylesheet text/html	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=590&cid=56453574722fac04d836a24887e9abbb&sid=&udid=&name=&info=iontapppre&blockTime=0 Protocol H2 Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers Redirect headers date Thu, 01 Sep 2022 17:25:32 GMT referrer-policy origin cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lacNq70sDhd3tR3WqxTluSE6XjSMd25Y6ait%2BUcwJ%2FX2U1%2BMLbggMJYW5pPXTU3J%2FDggED%2FOV48Msw1gVDaOLlb9%2FgoLfXCQx4oeByOgeNQYkgHW5%2FsQYAR2zY5iSC4%3D"}],"group":"cf-nel","max_age":604800} location https://www.google.com cf-ray 743fb4ad3f8092c5-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	swback cpi-offers.com/	0 0	9ms 8ms	Fetch text/html	18.193.178.1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/swback Requested by Host: cpi-offers.com URL: https://cpi-offers.com/jsf/main.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.193.178.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-193-178-1.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Thu, 01 Sep 2022 17:25:32 GMT content-encoding gzip etag W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk" server nginx/1.14.1 x-powered-by Express vary Accept-Encoding content-type text/html; charset=utf-8 access-control-allow-origin *
GET		disabled.html zildd.g2afse.com/ Redirect Chain https://zildd.g2afse.com/click?pid=35&offer_id=3527377&sub1=NCT_iphone_de_ofid13390301_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat3_sub4_sub5&sub2=628510590_&sub3=id593715088 http://zildd.g2afse.com/disabled.html	0 0

GET		disabled.html zildd.g2afse.com/ Redirect Chain https://zildd.g2afse.com/click?pid=35&offer_id=3527392&sub1=NCT_iphone_de_ofid13407893_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat4_sub4_sub5&sub2=628510590_&sub3=id593715088 http://zildd.g2afse.com/disabled.html	0 0

GET		disabled.html zildd.g2afse.com/ Redirect Chain https://zildd.g2afse.com/click?pid=35&offer_id=3524577&sub1=NCT_iphone_de_ofid13366220_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat5_sub4_sub5&sub2=628510590_&sub3=id593715088 http://zildd.g2afse.com/disabled.html	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: direct4.soldbyphonder.com
URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=152eb6e4-2a1b-11ed-8bd6-0ae031780d2b

Domain: zildd.g2afse.com
URL: http://zildd.g2afse.com/disabled.html

Domain: zildd.g2afse.com
URL: https://zildd.g2afse.com/click?pid=35&offer_id=3527377&sub1=NCT_iphone_de_ofid13390301_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat3_sub4_sub5&sub2=628510590_&sub3=id593715088

Domain: zildd.g2afse.com
URL: https://zildd.g2afse.com/click?pid=35&offer_id=3527392&sub1=NCT_iphone_de_ofid13407893_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat4_sub4_sub5&sub2=628510590_&sub3=id593715088

Domain: zildd.g2afse.com
URL: https://zildd.g2afse.com/click?pid=35&offer_id=3524577&sub1=NCT_iphone_de_ofid13366220_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat5_sub4_sub5&sub2=628510590_&sub3=id593715088

Domain: ila3.co
URL: https://ila3.co/o/415372?p=17&aff_clickid=NCT_iphone_de_ofid13407934_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat6_sub4_sub5&sub1=628510590_&app_name=id593715088

Domain: ad-experience.g2afse.com
URL: https://ad-experience.g2afse.com/click?pid=2&offer_id=732185&sub1=NCT_iphone_de_ofid13383561_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat7_sub4_sub5&sub2=628510590_&sub5=id593715088

Domain: greengrass.g2afse.com
URL: https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7

Domain: ad-experience.g2afse.com
URL: https://ad-experience.g2afse.com/click?pid=2&offer_id=785187&sub1=NCT_iphone_de_ofid13407088_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat9_sub4_sub5&sub2=628510590_&sub5=id593715088

Domain: ad-experience.g2afse.com
URL: https://ad-experience.g2afse.com/click?pid=2&offer_id=781654&sub1=NCT_iphone_de_ofid13403727_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat10_sub4_sub5&sub2=628510590_&sub5=id593715088

Domain: ad-experience.g2afse.com
URL: https://ad-experience.g2afse.com/click?pid=2&offer_id=776990&sub1=NCT_iphone_de_ofid13394981_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat11_sub4_sub5&sub2=628510590_&sub5=id593715088

Domain: ila3.co
URL: https://ila3.co/o/253259?p=17&aff_clickid=NCT_iphone_de_ofid13394110_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat12_sub4_sub5&sub1=628510590_&app_name=id593715088

Domain: zildd.g2afse.com
URL: https://zildd.g2afse.com/click?pid=35&offer_id=3474387&sub1=NCT_iphone_de_ofid13385548_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat13_sub4_sub5&sub2=628510590_&sub3=id593715088

Domain: ad-experience.g2afse.com
URL: https://ad-experience.g2afse.com/click?pid=2&offer_id=730473&sub1=NCT_iphone_de_ofid13390362_pid590_sub156453574722fac04d836a24887e9abbb_sub2_sub3iontapppre_nat14_sub4_sub5&sub2=628510590_&sub5=id593715088

Domain: zildd.g2afse.com
URL: http://zildd.g2afse.com/disabled.html

Domain: zildd.g2afse.com
URL: http://zildd.g2afse.com/disabled.html

Domain: zildd.g2afse.com
URL: http://zildd.g2afse.com/disabled.html

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=590&cid=56453574722fac04d836a24887e9abbb&sid=&udid=&name=&info=iontapppre&blockTime=0(Line 22) Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network	error	URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=152eb6e4-2a1b-11ed-8bd6-0ae031780d2b Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=590&cid=56453574722fac04d836a24887e9abbb&sid=&udid=&name=&info=iontapppre&blockTime=0(Line 24) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=590&cid=56453574722fac04d836a24887e9abbb&sid=&udid=&name=&info=iontapppre&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://zildd.g2afse.com/disabled.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=590&cid=56453574722fac04d836a24887e9abbb&sid=&udid=&name=&info=iontapppre&blockTime=0(Line 26) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=590&cid=56453574722fac04d836a24887e9abbb&sid=&udid=&name=&info=iontapppre&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://zildd.g2afse.com/disabled.html'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://greengrass.g2afse.com/click?pid=2&offer_id=133&sub1=BJrcXCgAAAGC-hYoaQABkdMAAAAKAAAABAAAAAAG&sub2=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7&sub3=133&sub4=2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_2_551_10_7 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=590&cid=56453574722fac04d836a24887e9abbb&sid=&udid=&name=&info=iontapppre&blockTime=0(Line 28) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=590&cid=56453574722fac04d836a24887e9abbb&sid=&udid=&name=&info=iontapppre&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://zildd.g2afse.com/disabled.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=590&cid=56453574722fac04d836a24887e9abbb&sid=&udid=&name=&info=iontapppre&blockTime=0(Line 30) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=590&cid=56453574722fac04d836a24887e9abbb&sid=&udid=&name=&info=iontapppre&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://zildd.g2afse.com/disabled.html'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-experience.g2afse.com
cpi-offers.com
direct4.soldbyphonder.com
greengrass.g2afse.com
ila3.co
track.iontap.io
www.google.com
zainzuri.com
zildd.g2afse.com
ad-experience.g2afse.com
direct4.soldbyphonder.com
greengrass.g2afse.com
ila3.co
zildd.g2afse.com
18.193.178.1
188.114.96.12
2a00:1450:4001:829::2004
88.198.53.171
3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1
4fdf3cbf8a4d25012429d82c1f9e355ec48e77c828c73f36eebf6eec2ba9451b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cpi-offers.com Open in urlscan Pro 18.193.178.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

22 Requests

14 %HTTPS

25 %IPv6

7 Domains

9 Subdomains

4 IPs

3 Countries

3 kBTransfer

7 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

7 Console Messages

Indicators

cpi-offers.com Open in urlscan Pro
18.193.178.1 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

14 %
HTTPS

25 %
IPv6

7
Domains

9
Subdomains

4
IPs

3
Countries

3 kB
Transfer

7 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions