cpi-offers.com Open in urlscan Pro
18.185.73.217  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

• https://valuadle.g2afse.com/click?pid=11&offer_id=320345&sub1=NCT_iphone_de_ofid11430901_pidundefined_sub1,_sub2,_sub3,_nat1_sub4_sub5&sub2=747080undefined_,&sub3=id1274972321 HTTP 302
• http://valuadle.g2afse.com/disabled.html HTTP 302
• https://valuadle.g2afse.com/disabled.html

Request Chain 3

• https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=13194900&sub1=,&sub2=,&sub3=,_nat3&sub4=1C0CB185-7858-4D7E-8819-B100018E40F6&sub5=id1274972321&sub6=747080 HTTP 302
• http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html

Request Chain 4

• https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_de_ofid10910945_pidundefined_sub1,_sub2,_sub3,_nat4_sub4_sub5&sub1=729_4850undefined&sub2=729_4850undefined_,&sub3=id1274972321&sub7=id1274972321 HTTP 302
• https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1274972321&sub1=729_4850undefined&sub2=729_4850undefined_, HTTP 302
• https://offer.alibaba.com/cps/rq9rg325?tp1=61f5097e15927100013817b2&pid=729_4850undefined&adid= HTTP 302
• http://offer.alibaba.com/product/w404 HTTP 307
• https://offer.alibaba.com/product/w404

Request Chain 5

• https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=13189223&sub1=,&sub2=,&sub3=,_nat5&sub4=1C0CB185-7858-4D7E-8819-B100018E40F6&sub5=id1274972321&sub6=747080 HTTP 302
• http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html

Request Chain 8

• https://kuno-gae.com/com.id1274972321?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd HTTP 302
• https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=44c705d6-80e6-11ec-a4a7-0a78e27594e7

Request Chain 9

• https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=12789778&sub1=,&sub2=,&sub3=,_nat9&sub4=1C0CB185-7858-4D7E-8819-B100018E40F6&sub5=id1274972321&sub6=747080 HTTP 302
• http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html

Request Chain 10

• https://media.appm.app/click?pid=263&offer_id=78451&sub1=NCT_iphone_de_ofid13200490_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&sub2=747080undefined&sub3=id1274972321&sub4=,&sub6=id1274972321 HTTP 302
• https://media.appm.app/sl?id=5c13c0a659b8ac00406bd7d4&pid=6&sub1=NCT_iphone_de_ofid13200490_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&sub2=263_747080undefined&sub3=id1274972321&sub5= HTTP 302
• http://media.appm.app/disabled.html HTTP 307
• https://media.appm.app/disabled.html

Request Chain 11

• https://olamob.g2afse.com/click?pid=101&offer_id=1180164&sub1=NCT_iphone_de_ofid13186063_pidundefined_sub1,_sub2,_sub3,_nat11_sub4_sub5&sub2=747080undefined_,&sub4=id1274972321&sub8={sub8}|{offer_id},4850undefined HTTP 302
• https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=101&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
• https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13194900&sub1=&sub2=101&sub3=OlaMobSL_nat3&sub4=26EBEF6F-7A1A-4368-B250-615E5D06CC0C&sub5=id1400134578&sub6=747080 HTTP 302
• https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
• https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=12789778&sub1=&sub2=&sub3=TbLabq_nat9&sub4=C8933B80-3427-4B58-82DA-E617CBC81C12&sub5=id462678375&sub6=747080 HTTP 302
• https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
• https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13194900&sub1=&sub2=&sub3=TbLabq_nat3&sub4=CD2913F7-6DB3-41AA-BACD-E7E693445707&sub5=id593715088&sub6=747080 HTTP 302
• https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
• https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13205733&sub1=&sub2=&sub3=TbLabq_nat10&sub4=061908ED-3BE7-43ED-89DF-016711F3585E&sub5=id1435899684&sub6=747080 HTTP 302
• https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
• https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13194900&sub1=&sub2=&sub3=TbLabq_nat3&sub4=BC1E7ECE-364C-4B24-A74D-4A4981EC6891&sub5=id653967729&sub6=747080 HTTP 302
• https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
• https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=747080616&q=

Request Chain 12

• https://gowtmd.trckswrm.com/click?offer_id=96874&pub_id=6&pub_id=6&pub_click_id=NCT_iphone_de_ofid13169834_pidundefined_sub1,_sub2,_sub3,_nat12_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
• https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=ArQjdpYAAAF-pS0V1gABemoAAAAGAAAAAA&sid=31&udid=&name=&info=GOWMsl&blockTime=0 HTTP 302
• https://ad-experience.g2afse.com/click?pid=2&offer_id=668436&sub1=NCT_iphone_de_ofid12769160_pid616_sub1ArQjdpYAAAF-pS0V1gABemoAAAAGAAAAAA_sub231_sub3GOWMsl_nat11_sub4_sub5&sub2=747080616_31&sub5=id986339882 HTTP 302
• http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=668436&sub3=2 HTTP 302
• https://rewardsctr.com/t/944093?A1=61f5097e5e7dfd0001f7aec6&A5=1_668436&A4=&A3=2_&A2=2_&pip=45.141.152.68&plang=DE&pua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36 HTTP 302
• https://impression.appsflyer.com/who.whalchemy?pid=vidmob_int&c=cygoAlApAnNiUK&af_sub1=cygoAlApAnNiUK&af_sub2=FlippyRace&af_ad=WHC_37647_Casino_Banners-300x250-English_UK&af_ad_type=JPG&af_sub3=online-media&af_siteid=2079_1_668436&af_viewthrough_lookback=24h&clickid=11ec80e644da3fb0a57c89c74baf7a46_944093_72541&advertising_id=2_&af_prt=cygobelmedia

Request Chain 13

• https://spyke.trckswrm.com/click?offer_id=10249&pub_id=23&pub_click_id=NCT_iphone_de_ofid13216821_pidundefined_sub1,_sub2,_sub3,_nat13_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
• https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1003&cid=AkUY6UEAAAF-pS0V3AAAKAkAAAAXAAAAAA&sid=3&udid=&name=&info=SpykeSL&blockTime=0 HTTP 302
• https://apts.trckswrm.com/click?offer_id=665013&pub_id=10&pub_click_id=NCT_iphone_de_ofid13160430_pid616_sub1AkUY6UEAAAF-pS0V3AAAKAkAAAAXAAAAAA_sub23_sub3SpykeSL_nat14_sub4_sub5&pub_sub_id=747080616&pub_sub_sub_id=3&app=id766443283

Request Chain 14

• https://c.allontrk.com/click?offer_id=210956&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071304_pidundefined_sub1,_sub2,_sub3,_nat14_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&gaid=1C0CB185-7858-4D7E-8819-B100018E40F6&idfa=1C0CB185-7858-4D7E-8819-B100018E40F6&app=id1274972321 HTTP 302
• http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 15

• https://md412.trckswrm.com/click?offer_id=67889&pub_id=10&pub_click_id=NCT_iphone_de_ofid12824993_pidundefined_sub1,_sub2,_sub3,_nat15_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
• https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AvmrZ3oAAAF-pS0V2wADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1274972321

Request Chain 16

• https://imagineads.g2afse.com/click?pid=38&offer_id=7074&sub1=NCT_iphone_de_ofid13034747_pidundefined_sub1,_sub2,_sub3,_nat16_sub4_sub5&sub2=747080undefined_,&sub4=id1274972321&sub5=id1274972321 HTTP 302
• https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7074 HTTP 302
• https://imagineads.g2afse.com/click?pid=38&offer_id=7294 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=7294 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 HTTP 302
• https://imagineads.g2afse.com/click?pid=5&offer_id=7294

Request Chain 17

• https://nexamob.g2afse.com/click?pid=15&offer_id=254156&sub1=NCT_iphone_de_ofid13203617_pidundefined_sub1,_sub2,_sub3,_nat17_sub4_sub5&sub2=747080undefined_,&sub3=id1274972321&sub5=id1274972321 HTTP 302
• https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01

Request Chain 19

• https://t.9696.me/click?pid=868&offer_id=143546&sub4=NCT_iphone_de_ofid12251026_pidundefined_sub1,_sub2,_sub3,_nat19_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id1274972321 HTTP 302
• https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1274972321&sub1=868_4850undefined&sub2=868_4850undefined_, HTTP 302
• https://offer.alibaba.com/cps/rq9rg325?tp1=61f5097e0c771900017500f8&pid=868_4850undefined&adid= HTTP 302
• http://offer.alibaba.com/product/w404 HTTP 307
• https://offer.alibaba.com/product/w404

Request Chain 20

• https://ringola.go2affise.com/click?pid=340&offer_id=30064&sub1=NCT_iphone_de_ofid12117738_pidundefined_sub1,_sub2,_sub3,_nat20_sub4_sub5&sub2=747080undefined_,&sub3=id1274972321 HTTP 302
• https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=340&udid=&name=&info=RingolaSL&blockTime=0 HTTP 302
• https://apts.trckswrm.com/click?offer_id=35698&pub_id=10&pub_click_id=NCT_iphone_de_ofid13068838_pid616_sub1_sub2340_sub3RingolaSL_nat14_sub4_sub5&pub_sub_id=747080616&pub_sub_sub_id=340&app=id768469908

Request Chain 22

• https://mookomedia.g2afse.com/click?pid=42&offer_id=203764&sub1=NCT_iphone_de_ofid11755038_pidundefined_sub1,_sub2,_sub3,_nat22_sub4_sub5&sub4=747080undefined_,&sub5=id1274972321 HTTP 302
• https://appalgo.g2afse.com/click?pid=304&offer_id=88608&sub1=61f5097e4600210001cf0e57&sub2=42_747080undefined_,&sub3=&sub4=&sub5=id1274972321 HTTP 302
• https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0 HTTP 302
• https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13206398&sub1=&sub2=304&sub3=appalgorem_nat13&sub4=637A7CDB-F8AF-4B05-AB53-9624C5DD29C5&sub5=id1383187127&sub6=747080 HTTP 302
• https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
• https://apply.g2afse.com/click?pid=3&offer_id=354214&sub1=NCT_iphone_de_ofid12775565_pid616_sub1_sub2_sub3TbLabq_nat4_sub4_sub5&sub4=id587366035&sub2=747080616_

Request Chain 23

• https://ad-experience.g2afse.com/click?pid=2&offer_id=654457&sub1=NCT_iphone_de_ofid12209444_pidundefined_sub1,_sub2,_sub3,_nat23_sub4_sub5&sub2=747080undefined_,&sub5=id1274972321 HTTP 302
• http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=654457&sub3=2 HTTP 302
• https://39r412e.mapuravity.com/39r412e?p=1&sid=61f5097e6a203c0001cc9d48&android_a_id=&idfa=&app_id= HTTP 302
• https://t1.greatforwarding.com/c55c7b6?p=002680_1

Request Chain 24

• https://md412.trckswrm.com/click?offer_id=229310&pub_id=10&pub_click_id=NCT_iphone_de_ofid13103047_pidundefined_sub1,_sub2,_sub3,_nat24_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
• https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=AvHItiIAAAF-pS0V2wADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1274972321

Request Chain 25

• https://brainadv.g2afse.com/click?pid=3&offer_id=287745&sub3=NCT_iphone_de_ofid9693299_pidundefined_sub1,_sub2,_sub3,_nat25_sub4_sub5&sub1=747080undefined_,&sub2=id1274972321 HTTP 302
• https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=747080undefined_,&idfa=&gaid=&app=id1274972321

Request Chain 26

• https://spyke.trckswrm.com/click?offer_id=10019&pub_id=67&pub_click_id=NCT_iphone_de_ofid13208893_pidundefined_sub1,_sub2,_sub3,_nat26_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
• https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1003&cid=AkF9L3kAAAF-pS0V3AAAJyMAAABDAAAAAA&sid=3&udid=&name=&info=SpykeSL&blockTime=0 HTTP 302
• https://ila3.co/o/220218?p=17&aff_clickid=NCT_iphone_de_ofid13170601_pid616_sub1AkF9L3kAAAF-pS0V3AAAJyMAAABDAAAAAA_sub23_sub3SpykeSL_nat14_sub4_sub5&sub1=747080616_3&app_name=id358801284

Request Chain 27

• https://c.allontrk.com/click?offer_id=164938&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13074445_pidundefined_sub1,_sub2,_sub3,_nat27_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
• http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 28

• https://c.allontrk.com/click?offer_id=180272&pub_id=646&pub_click_id=NCT_iphone_de_ofid12829632_pidundefined_sub1,_sub2,_sub3,_nat28_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
• http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 29

• https://md412.trckswrm.com/click?offer_id=232538&pub_id=10&pub_click_id=NCT_iphone_de_ofid13069147_pidundefined_sub1,_sub2,_sub3,_nat29_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
• https://ad.mobcho.com/click?pid=252&offer_id=33&sub2=AonzTIYAAAF-pS0V3AADSVkAAAAHAAAAAw&sub3=7_10&sub1=&sub4=&sub5=id1274972321 HTTP 302
• https://www.visitdubai.com/en/win-a-trip-with-rixos HTTP 301
• https://www.visitdubai.com/en

Request Chain 30

• https://zildd.g2afse.com/click?pid=35&offer_id=3428509&sub1=NCT_iphone_de_ofid13063121_pidundefined_sub1,_sub2,_sub3,_nat30_sub4_sub5&sub2=747080undefined_,&sub3=id1274972321&sub4=1C0CB185-7858-4D7E-8819-B100018E40F6 HTTP 302
• http://zildd.g2afse.com/disabled.html

Request Chain 32

• https://c.allontrk.com/click?offer_id=210602&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13072953_pidundefined_sub1,_sub2,_sub3,_nat32_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
• http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 35

• https://c.allontrk.com/click?offer_id=209238&pub_id=646&pub_click_id=NCT_iphone_de_ofid13073281_pidundefined_sub1,_sub2,_sub3,_nat35_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
• http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 37

• https://c.allontrk.com/click?offer_id=195082&pub_id=646&pub_click_id=NCT_iphone_de_ofid13069973_pidundefined_sub1,_sub2,_sub3,_nat37_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
• http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 38

• https://ad-experience.g2afse.com/click?pid=2&offer_id=656252&sub1=NCT_iphone_de_ofid13188731_pidundefined_sub1,_sub2,_sub3,_nat38_sub4_sub5&sub2=747080undefined_,&sub3=1C0CB185-7858-4D7E-8819-B100018E40F6&sub4=1C0CB185-7858-4D7E-8819-B100018E40F6&sub5=id1274972321 HTTP 302
• http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=656252&sub3=2 HTTP 302
• https://rewardsctr.com/t/941705?A1=61f5097e5e7dfd0001f7aebf&A5=1_656252&A4=&A3=2_&A2=2_&pip=45.141.152.68&plang=DE&pua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F97.0.4692.71+Safari%2F537.36 HTTP 302
• https://1wijcp4.mapuravity.com/1wijcp4?p=2079_1_656252&sid=11ec80e644da18a091fac78150ca1522_941705_71159&android_a_id=2_&idfa=2_&app_id= HTTP 302
• https://play.google.com/store/apps/details?id=mx.com.bancoazteca.bazdigitalmovil&hl=en&gl=US&referrer=mobrain_2201290631a5a5c7eb41a33d

Request Chain 40

• https://c.allontrk.com/click?offer_id=206636&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid12995188_pidundefined_sub1,_sub2,_sub3,_nat40_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
• http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 41

• https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
• https://www.google.com/

Request Chain 42

• https://md412.trckswrm.com/click?offer_id=67889&pub_id=10&pub_click_id=NCT_iphone_de_ofid12824993_pidundefined_sub1,_sub2,_sub3,_nat15_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
• https://ad.mobcho.com/click?pid=252&offer_id=33&sub2=AqB0i3gAAAF-pS0aIgADSVkAAAAHAAAAAw&sub3=7_10&sub1=&sub4=&sub5=id1274972321 HTTP 302
• https://www.visitdubai.com/en/win-a-trip-with-rixos HTTP 301
• https://www.visitdubai.com/en

Request Chain 43

• https://nexamob.g2afse.com/click?pid=15&offer_id=254156&sub1=NCT_iphone_de_ofid13203617_pidundefined_sub1,_sub2,_sub3,_nat17_sub4_sub5&sub2=747080undefined_,&sub3=id1274972321&sub5=id1274972321 HTTP 302
• https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01

Request Chain 44

• https://mookomedia.g2afse.com/click?pid=42&offer_id=203764&sub1=NCT_iphone_de_ofid11755038_pidundefined_sub1,_sub2,_sub3,_nat22_sub4_sub5&sub4=747080undefined_,&sub5=id1274972321 HTTP 302
• https://appalgo.g2afse.com/click?pid=304&offer_id=88608&sub1=61f5097f78a17500013d37af&sub2=42_747080undefined_,&sub3=&sub4=&sub5=id1274972321 HTTP 302
• https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0 HTTP 302
• https://ila3.co/o/211292?p=17&aff_clickid=NCT_iphone_de_ofid12593404_pid616_sub1_sub2304_sub3appalgorem_nat12_sub4_sub5&sub1=747080616&sub2=304&app_name=id393048976&bundle_id=id393048976 HTTP 302
• https://impression.appsflyer.com/id1262148500?af_siteid=120_210569&af_cost_model=CPI&af_prt=moblin&pid=z2adigital_int&c=Zoomd_Crypto_iOS_CPI_DE&af_viewthrough_lookback=1d&clickid=1231ec80e6459aa980583d9d_211292_263946&advertising_id=459AA981-80E6-11EC-A5D9-8B866C8C4435&af_cost_model=CPI&af_cost_currency=USD&af_cost_value=3.5&af_adset=120_210569&af_channel=1840&af_c_id=211292&af_ad_type=banner&af_media_type=app&af_adset_id=263946&af_ad_id=263946%7C211292%7Czn7sc2cl0qj7n%7C304%7C665720449%7C0%7C0&af_ad=263946%7C211292%7Czn7sc2cl0qj7n%7C304%7C665720449%7C0%7C0

Request Chain 45

• https://ad-experience.g2afse.com/click?pid=2&offer_id=654457&sub1=NCT_iphone_de_ofid12209444_pidundefined_sub1,_sub2,_sub3,_nat23_sub4_sub5&sub2=747080undefined_,&sub5=id1274972321 HTTP 302
• http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=654457&sub3=2 HTTP 302
• https://olamob.g2afse.com/click?pid=38&offer_id=1081198&sub1=61f50980d31e15000160b542&sub2=1_654457&sub3=2&sub4=&sub8=|676723,1 HTTP 302
• https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
• https://kuno-gae.com/com.id768469908?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd HTTP 302
• https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=45b2ec73-80e6-11ec-a1ce-1281bcc02555

Request Chain 46

• https://md412.trckswrm.com/click?offer_id=229310&pub_id=10&pub_click_id=NCT_iphone_de_ofid13103047_pidundefined_sub1,_sub2,_sub3,_nat24_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 HTTP 302
• https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=AubbfK8AAAF-pS0c9gADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1274972321

Request Chain 48

• https://ad-experience.g2afse.com/click?pid=2&offer_id=656252&sub1=NCT_iphone_de_ofid13188731_pidundefined_sub1,_sub2,_sub3,_nat38_sub4_sub5&sub2=747080undefined_,&sub3=1C0CB185-7858-4D7E-8819-B100018E40F6&sub4=1C0CB185-7858-4D7E-8819-B100018E40F6&sub5=id1274972321 HTTP 302
• http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=656252&sub3=2 HTTP 302
• https://olamob.g2afse.com/click?pid=38&offer_id=919685&sub1=61f50980a0e1ea0001e211bf&sub2=1_656252&sub3=2&sub4=&sub8=|666716,1 HTTP 302
• https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
• https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=12789778&sub1=&sub2=38&sub3=OlaMobSL_nat9&sub4=5B697D0B-E650-4649-9630-C0E65C2B08C0&sub5=id462678375&sub6=747080 HTTP 302
• https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
• https://md412.trckswrm.com/click?offer_id=67889&pub_id=10&pub_click_id=NCT_iphone_de_ofid12824993_pid616_sub1_sub2_sub3TbLabq_nat15_sub4_sub5&pub_sub_id=747080616&pub_sub_sub_id=&app=id546473125 HTTP 302
• https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=Akdk_zwAAAF-pS0djQADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id546473125

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request FANTASTIC.HTML Show response cpi-offers.com/	10 KB 2 KB	19ms 12ms	Document text/html	18.185.73.217 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 18.185.73.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-73-217.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash 819ecc515210cda8a394d95348af2c9c6df791b4767ff22cc94fee7023626939 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Sat, 29 Jan 2022 09:31:42 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Server nginx/1.14.1 X-Powered-By Express Access-Control-Allow-Origin * ETag W/"26b2-KM3sd/tKQUGRhpBktp6/aZEWQ8Y" Vary Accept-Encoding Content-Encoding gzip
GET H/1.1	200 OK	main.js Show response cpi-offers.com/jsf/	3 KB 1 KB	9ms 7ms	Script application/javascript	18.185.73.217 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cpi-offers.com/jsf/main.js Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 18.185.73.217 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-73-217.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash 3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 29 Jan 2022 09:31:42 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Mon, 27 Dec 2021 10:42:10 GMT Server nginx/1.14.1 X-Powered-By Express Etag "290575-2720-1640601730000" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin * cache-control max-age=3600 Connection keep-alive
GET H2	200	disabled.html valuadle.g2afse.com/ Redirect Chain https://valuadle.g2afse.com/click?pid=11&offer_id=320345&sub1=NCT_iphone_de_ofid11430901_pidundefined_sub1,_sub2,_sub3,_nat1_sub4_sub5&sub2=747080undefined_,&sub3=id1274972321 http://valuadle.g2afse.com/disabled.html https://valuadle.g2afse.com/disabled.html	0 0	22ms 21ms	Stylesheet text/html	213.227.134.238 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://valuadle.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 213.227.134.238 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers Location https://valuadle.g2afse.com/disabled.html Date Sat, 29 Jan 2022 09:31:42 GMT Server nginx Connection keep-alive Content-Length 138 Content-Type text/html
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	55ms 14ms	Stylesheet text/plain	136.243.5.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=292459&pub_id=10&pub_click_id=NCT_iphone_de_ofid11594890_pidundefined_sub1,_sub2,_sub3,_nat2_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.243.5.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.30.5.243.136.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0
GET H/1.1	200 OK	disabled.html go2.lkjlkjkljsdflkjsdfklsfjklsd.com/ Redirect Chain https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=13194900&sub1=,&sub2=,&sub3=,_nat3&sub4=1C0CB185-7858-4D7E-8819-B100018E40F6&sub5=id1274972321&sub6=747080 http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html	0 0	38ms 18ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html date Sat, 29 Jan 2022 09:31:42 GMT server nginx access-control-allow-origin * content-length 0
GET H2	200	w404 offer.alibaba.com/product/ Redirect Chain https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_de_ofid10910945_pidundefined_sub1,_sub2,_sub3,_nat4_sub4_sub5&sub1=729_4850undefined&sub2=729_4850undefined_,&sub3=id1274972321&sub7=... https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1274972321&sub1=729_4850undefined&sub2=729_4850undefined_, https://offer.alibaba.com/cps/rq9rg325?tp1=61f5097e15927100013817b2&pid=729_4850undefined&adid= http://offer.alibaba.com/product/w404 https://offer.alibaba.com/product/w404	0 0	127ms 127ms	Stylesheet text/html	104.111.243.137 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/product/w404 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-137.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers Location https://offer.alibaba.com/product/w404 Non-Authoritative-Reason HSTS
GET H/1.1	200 OK	disabled.html go2.lkjlkjkljsdflkjsdfklsfjklsd.com/ Redirect Chain https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=13189223&sub1=,&sub2=,&sub3=,_nat5&sub4=1C0CB185-7858-4D7E-8819-B100018E40F6&sub5=id1274972321&sub6=747080 http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html	0 0	37ms 17ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html date Sat, 29 Jan 2022 09:31:42 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	1035ms 220ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=747080undefined&q= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 29 Jan 2022 09:31:42 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	1134ms 266ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=747080undefined&q= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 29 Jan 2022 09:31:42 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET		redirect direct4.soldbyphonder.com/ Redirect Chain https://kuno-gae.com/com.id1274972321?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=44c705d6-80e6-11ec-a4a7-0a78e27594e7	0 0
GET H/1.1	200 OK	disabled.html go2.lkjlkjkljsdflkjsdfklsfjklsd.com/ Redirect Chain https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=undefined&offer_id=12789778&sub1=,&sub2=,&sub3=,_nat9&sub4=1C0CB185-7858-4D7E-8819-B100018E40F6&sub5=id1274972321&sub6=747080 http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html	0 0	38ms 19ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location http://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/disabled.html date Sat, 29 Jan 2022 09:31:42 GMT server nginx access-control-allow-origin * content-length 0
GET H2	200	disabled.html media.appm.app/ Redirect Chain https://media.appm.app/click?pid=263&offer_id=78451&sub1=NCT_iphone_de_ofid13200490_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&sub2=747080undefined&sub3=id1274972321&sub4=,&sub6=id1274972321 https://media.appm.app/sl?id=5c13c0a659b8ac00406bd7d4&pid=6&sub1=NCT_iphone_de_ofid13200490_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&sub2=263_747080undefined&sub3=id1274972321&sub5= http://media.appm.app/disabled.html https://media.appm.app/disabled.html	0 0	14ms 13ms	Stylesheet text/html	213.227.135.207 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://media.appm.app/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 213.227.135.207 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers Location https://media.appm.app/disabled.html Non-Authoritative-Reason HSTS
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/ Redirect Chain https://olamob.g2afse.com/click?pid=101&offer_id=1180164&sub1=NCT_iphone_de_ofid13186063_pidundefined_sub1,_sub2,_sub3,_nat11_sub4_sub5&sub2=747080undefined_,&sub4=id1274972321&sub8={sub8}|{offer_i... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=101&udid=&name=&info=OlaMobSL&blockTime=0 https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13194900&sub1=&sub2=101&sub3=OlaMobSL_nat3&sub4=26EBEF6F-7A1A-4368-B250-615E5D06CC0C&sub5=id1400134578&sub6=747080 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=12789778&sub1=&sub2=&sub3=TbLabq_nat9&sub4=C8933B80-3427-4B58-82DA-E617CBC81C12&sub5=id462678375&sub6=747080 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13194900&sub1=&sub2=&sub3=TbLabq_nat3&sub4=CD2913F7-6DB3-41AA-BACD-E7E693445707&sub5=id593715088&sub6=747080 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13205733&sub1=&sub2=&sub3=TbLabq_nat10&sub4=061908ED-3BE7-43ED-89DF-016711F3585E&sub5=id1435899684&sub6=747080 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13194900&sub1=&sub2=&sub3=TbLabq_nat3&sub4=BC1E7ECE-364C-4B24-A74D-4A4981EC6891&sub5=id653967729&sub6=747080 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=747080616&q=	0 138 B	886ms 226ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=747080616&q= Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sat, 29 Jan 2022 09:31:42 GMT Server nginx Connection close Content-Type text/html; charset=utf-8 Redirect headers date Sat, 29 Jan 2022 09:31:42 GMT content-encoding gzip server nginx/1.14.1 location https://direct2.knmasdfsdgs.com/redirect?aff=10063&saff=747080616&q= x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H2	200	who.whalchemy impression.appsflyer.com/ Redirect Chain https://gowtmd.trckswrm.com/click?offer_id=96874&pub_id=6&pub_id=6&pub_click_id=NCT_iphone_de_ofid13169834_pidundefined_sub1,_sub2,_sub3,_nat12_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=ArQjdpYAAAF-pS0V1gABemoAAAAGAAAAAA&sid=31&udid=&name=&info=GOWMsl&blockTime=0 https://ad-experience.g2afse.com/click?pid=2&offer_id=668436&sub1=NCT_iphone_de_ofid12769160_pid616_sub1ArQjdpYAAAF-pS0V1gABemoAAAAGAAAAAA_sub231_sub3GOWMsl_nat11_sub4_sub5&sub2=747080616_31&sub5=i... http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=668436&sub3=2 https://rewardsctr.com/t/944093?A1=61f5097e5e7dfd0001f7aec6&A5=1_668436&A4=&A3=2_&A2=2_&pip=45.141.152.68&plang=DE&pua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KH... https://impression.appsflyer.com/who.whalchemy?pid=vidmob_int&c=cygoAlApAnNiUK&af_sub1=cygoAlApAnNiUK&af_sub2=FlippyRace&af_ad=WHC_37647_Casino_Banners-300x250-English_UK&af_ad_type=JPG&af_sub3=onl...	2 B 311 B	70ms 32ms	Stylesheet text/html	52.222.236.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://impression.appsflyer.com/who.whalchemy?pid=vidmob_int&c=cygoAlApAnNiUK&af_sub1=cygoAlApAnNiUK&af_sub2=FlippyRace&af_ad=WHC_37647_Casino_Banners-300x250-English_UK&af_ad_type=JPG&af_sub3=online-media&af_siteid=2079_1_668436&af_viewthrough_lookback=24h&clickid=11ec80e644da3fb0a57c89c74baf7a46_944093_72541&advertising_id=2_&af_prt=cygobelmedia Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 52.222.236.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-57.fra56.r.cloudfront.net Software http-kit / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT via 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront) server http-kit x-amz-cf-pop FRA56-P4 strict-transport-security max-age=31536000; includeSubDomains x-cache Miss from cloudfront content-type text/html; charset=utf-8 cache-control no-cache content-length 2 x-amz-cf-id CEjwoVD4imdNn6ymUVmUdKFsAx1faC0cYmIvXPxHYlXcfMkcT6yXvg== Redirect headers Location https://impression.appsflyer.com/who.whalchemy?pid=vidmob_int&c=cygoAlApAnNiUK&af_sub1=cygoAlApAnNiUK&af_sub2=FlippyRace&af_ad=WHC_37647_Casino_Banners-300x250-English_UK&af_ad_type=JPG&af_sub3=online-media&af_siteid=2079_1_668436&af_viewthrough_lookback=24h&clickid=11ec80e644da3fb0a57c89c74baf7a46_944093_72541&advertising_id=2_&af_prt=cygobelmedia Date Sat, 29 Jan 2022 09:31:42 GMT Content-Length 1438 Vary Accept-Encoding Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	click apts.trckswrm.com/ Redirect Chain https://spyke.trckswrm.com/click?offer_id=10249&pub_id=23&pub_click_id=NCT_iphone_de_ofid13216821_pidundefined_sub1,_sub2,_sub3,_nat13_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id12... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1003&cid=AkUY6UEAAAF-pS0V3AAAKAkAAAAXAAAAAA&sid=3&udid=&name=&info=SpykeSL&blockTime=0 https://apts.trckswrm.com/click?offer_id=665013&pub_id=10&pub_click_id=NCT_iphone_de_ofid13160430_pid616_sub1AkUY6UEAAAF-pS0V3AAAKAkAAAAXAAAAAA_sub23_sub3SpykeSL_nat14_sub4_sub5&pub_sub_id=74708061...	0 75 B	19ms 18ms	Stylesheet text/plain	136.243.5.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=665013&pub_id=10&pub_click_id=NCT_iphone_de_ofid13160430_pid616_sub1AkUY6UEAAAF-pS0V3AAAKAkAAAAXAAAAAA_sub23_sub3SpykeSL_nat14_sub4_sub5&pub_sub_id=747080616&pub_sub_sub_id=3&app=id766443283 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 136.243.5.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.30.5.243.136.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0 Redirect headers date Sat, 29 Jan 2022 09:31:42 GMT content-encoding gzip server nginx/1.14.1 location https://apts.trckswrm.com/click?offer_id=665013&pub_id=10&pub_click_id=NCT_iphone_de_ofid13160430_pid616_sub1AkUY6UEAAAF-pS0V3AAAKAkAAAAXAAAAAA_sub23_sub3SpykeSL_nat14_sub4_sub5&pub_sub_id=747080616&pub_sub_sub_id=3&app=id766443283 x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=210956&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13071304_pidundefined_sub1,_sub2,_sub3,_nat14_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	26ms 11ms	Stylesheet text/plain	188.40.120.131 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.131.120.40.188.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Sat, 29 Jan 2022 09:31:42 GMT referrer-policy no-referrer content-length 0
GET H2	404	click trafficred.g2afse.com/ Redirect Chain https://md412.trckswrm.com/click?offer_id=67889&pub_id=10&pub_click_id=NCT_iphone_de_ofid12824993_pidundefined_sub1,_sub2,_sub3,_nat15_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id12... https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AvmrZ3oAAAF-pS0V2wADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1274972321	0 0	61ms 12ms	Stylesheet text/html	213.227.156.193 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AvmrZ3oAAAF-pS0V2wADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 213.227.156.193 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location https://trafficred.g2afse.com/click?pid=4&offer_id=609&ref_id=AvmrZ3oAAAF-pS0V2wADJdgAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1274972321 date Sat, 29 Jan 2022 09:31:42 GMT referrer-policy no-referrer content-length 0
GET		click imagineads.g2afse.com/ Redirect Chain https://imagineads.g2afse.com/click?pid=38&offer_id=7074&sub1=NCT_iphone_de_ofid13034747_pidundefined_sub1,_sub2,_sub3,_nat16_sub4_sub5&sub2=747080undefined_,&sub4=id1274972321&sub5=id1274972321 https://imagineads.g2afse.com/click?pid=38&offer_id=6987&sub1=7074 https://imagineads.g2afse.com/click?pid=38&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=7464&sub1=7294 https://imagineads.g2afse.com/click?pid=5&offer_id=6987&sub1=7464 https://imagineads.g2afse.com/click?pid=5&offer_id=7294	0 0
GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://nexamob.g2afse.com/click?pid=15&offer_id=254156&sub1=NCT_iphone_de_ofid13203617_pidundefined_sub1,_sub2,_sub3,_nat17_sub4_sub5&sub2=747080undefined_,&sub3=id1274972321&sub5=id1274972321 https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01	0 0	325ms 101ms	Stylesheet text/html	3.224.8.153 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 3.224.8.153 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-224-8-153.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 13 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 date Sat, 29 Jan 2022 09:31:42 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	53ms 14ms	Stylesheet text/plain	136.243.5.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=332928&pub_id=10&pub_click_id=NCT_iphone_de_ofid11864299_pidundefined_sub1,_sub2,_sub3,_nat18_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.243.5.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.30.5.243.136.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0
GET H2	200	w404 offer.alibaba.com/product/ Redirect Chain https://t.9696.me/click?pid=868&offer_id=143546&sub4=NCT_iphone_de_ofid12251026_pidundefined_sub1,_sub2,_sub3,_nat19_sub4_sub5&sub1=868_4850undefined&sub2=868_4850undefined_,&sub3=id1274972321 https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1274972321&sub1=868_4850undefined&sub2=868_4850undefined_, https://offer.alibaba.com/cps/rq9rg325?tp1=61f5097e0c771900017500f8&pid=868_4850undefined&adid= http://offer.alibaba.com/product/w404 https://offer.alibaba.com/product/w404	0 0	131ms 131ms	Stylesheet text/html	104.111.243.137 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://offer.alibaba.com/product/w404 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 104.111.243.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-137.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers Location https://offer.alibaba.com/product/w404 Non-Authoritative-Reason HSTS
GET H/1.1	200 OK	click apts.trckswrm.com/ Redirect Chain https://ringola.go2affise.com/click?pid=340&offer_id=30064&sub1=NCT_iphone_de_ofid12117738_pidundefined_sub1,_sub2,_sub3,_nat20_sub4_sub5&sub2=747080undefined_,&sub3=id1274972321 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1004&cid=&sid=340&udid=&name=&info=RingolaSL&blockTime=0 https://apts.trckswrm.com/click?offer_id=35698&pub_id=10&pub_click_id=NCT_iphone_de_ofid13068838_pid616_sub1_sub2340_sub3RingolaSL_nat14_sub4_sub5&pub_sub_id=747080616&pub_sub_sub_id=340&app=id7684...	0 75 B	18ms 18ms	Stylesheet text/plain	136.243.5.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=35698&pub_id=10&pub_click_id=NCT_iphone_de_ofid13068838_pid616_sub1_sub2340_sub3RingolaSL_nat14_sub4_sub5&pub_sub_id=747080616&pub_sub_sub_id=340&app=id768469908 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 136.243.5.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.30.5.243.136.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0 Redirect headers date Sat, 29 Jan 2022 09:31:42 GMT content-encoding gzip server nginx/1.14.1 location https://apts.trckswrm.com/click?offer_id=35698&pub_id=10&pub_click_id=NCT_iphone_de_ofid13068838_pid616_sub1_sub2340_sub3RingolaSL_nat14_sub4_sub5&pub_sub_id=747080616&pub_sub_sub_id=340&app=id768469908 x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	52ms 14ms	Stylesheet text/plain	136.243.5.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=656806&pub_id=10&pub_click_id=NCT_iphone_de_ofid13163944_pidundefined_sub1,_sub2,_sub3,_nat21_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&gaid=1C0CB185-7858-4D7E-8819-B100018E40F6&idfa=1C0CB185-7858-4D7E-8819-B100018E40F6&app=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.243.5.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.30.5.243.136.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0
GET H2	404	click apply.g2afse.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=203764&sub1=NCT_iphone_de_ofid11755038_pidundefined_sub1,_sub2,_sub3,_nat22_sub4_sub5&sub4=747080undefined_,&sub5=id1274972321 https://appalgo.g2afse.com/click?pid=304&offer_id=88608&sub1=61f5097e4600210001cf0e57&sub2=42_747080undefined_,&sub3=&sub4=&sub5=id1274972321 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0 https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13206398&sub1=&sub2=304&sub3=appalgorem_nat13&sub4=637A7CDB-F8AF-4B05-AB53-9624C5DD29C5&sub5=id1383187127&sub6=747080 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://apply.g2afse.com/click?pid=3&offer_id=354214&sub1=NCT_iphone_de_ofid12775565_pid616_sub1_sub2_sub3TbLabq_nat4_sub4_sub5&sub4=id587366035&sub2=747080616_	0 0	30ms 21ms	Stylesheet text/html	213.227.156.19 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://apply.g2afse.com/click?pid=3&offer_id=354214&sub1=NCT_iphone_de_ofid12775565_pid616_sub1_sub2_sub3TbLabq_nat4_sub4_sub5&sub4=id587366035&sub2=747080616_ Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 213.227.156.19 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Sat, 29 Jan 2022 09:31:42 GMT content-encoding gzip server nginx/1.14.1 location https://apply.g2afse.com/click?pid=3&offer_id=354214&sub1=NCT_iphone_de_ofid12775565_pid616_sub1_sub2_sub3TbLabq_nat4_sub4_sub5&sub4=id587366035&sub2=747080616_ x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H/1.1	404 Not Found	c55c7b6 t1.greatforwarding.com/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=654457&sub1=NCT_iphone_de_ofid12209444_pidundefined_sub1,_sub2,_sub3,_nat23_sub4_sub5&sub2=747080undefined_,&sub5=id1274972321 http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=654457&sub3=2 https://39r412e.mapuravity.com/39r412e?p=1&sid=61f5097e6a203c0001cc9d48&android_a_id=&idfa=&app_id= https://t1.greatforwarding.com/c55c7b6?p=002680_1	0 0	578ms 109ms	Stylesheet application/json	35.168.197.8 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://t1.greatforwarding.com/c55c7b6?p=002680_1 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 35.168.197.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-168-197-8.compute-1.amazonaws.com Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Sat, 29 Jan 2022 09:31:43 GMT Server nginx Content-Type application/json Cache-Control private, no-cache, no-store, must-revalidate Connection keep-alive Content-Length 17 Expires -1 Redirect headers location https://t1.greatforwarding.com/c55c7b6?p=002680_1 Date Sat, 29 Jan 2022 09:31:42 GMT X-Adjust-Use-Original-Forwarded-For 1 Connection keep-alive Content-Length 4 Server nginx Content-Type application/json
GET H2	404	click trafficred.g2afse.com/ Redirect Chain https://md412.trckswrm.com/click?offer_id=229310&pub_id=10&pub_click_id=NCT_iphone_de_ofid13103047_pidundefined_sub1,_sub2,_sub3,_nat24_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1... https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=AvHItiIAAAF-pS0V2wADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1274972321	0 0	61ms 12ms	Stylesheet text/html	213.227.156.193 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=AvHItiIAAAF-pS0V2wADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 213.227.156.193 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=AvHItiIAAAF-pS0V2wADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1274972321 date Sat, 29 Jan 2022 09:31:42 GMT referrer-policy no-referrer content-length 0
GET H/1.1	200 OK	recommendation brainadv.trckswrm.com/ Redirect Chain https://brainadv.g2afse.com/click?pid=3&offer_id=287745&sub3=NCT_iphone_de_ofid9693299_pidundefined_sub1,_sub2,_sub3,_nat25_sub4_sub5&sub1=747080undefined_,&sub2=id1274972321 https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=747080undefined_,&idfa=&gaid=&app=id1274972321	0 75 B	54ms 12ms	Stylesheet text/plain	148.251.132.216 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=747080undefined_,&idfa=&gaid=&app=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 148.251.132.216 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.216.132.251.148.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0 Redirect headers location https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=747080undefined_,&idfa=&gaid=&app=id1274972321 date Sat, 29 Jan 2022 09:31:42 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	220218 ila3.co/o/ Redirect Chain https://spyke.trckswrm.com/click?offer_id=10019&pub_id=67&pub_click_id=NCT_iphone_de_ofid13208893_pidundefined_sub1,_sub2,_sub3,_nat26_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id12... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1003&cid=AkF9L3kAAAF-pS0V3AAAJyMAAABDAAAAAA&sid=3&udid=&name=&info=SpykeSL&blockTime=0 https://ila3.co/o/220218?p=17&aff_clickid=NCT_iphone_de_ofid13170601_pid616_sub1AkF9L3kAAAF-pS0V3AAAJyMAAABDAAAAAA_sub23_sub3SpykeSL_nat14_sub4_sub5&sub1=747080616_3&app_name=id358801284	0 198 B	73ms 24ms	Stylesheet text/plain	173.212.201.66 CONTABO
General Check archive.org Show headers Download Go to Full URL https://ila3.co/o/220218?p=17&aff_clickid=NCT_iphone_de_ofid13170601_pid616_sub1AkF9L3kAAAF-pS0V3AAAJyMAAABDAAAAAA_sub23_sub3SpykeSL_nat14_sub4_sub5&sub1=747080616_3&app_name=id358801284 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 173.212.201.66 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS m10082.contaboserver.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Sat, 29 Jan 2022 09:31:42 GMT Cache-Control no-store, no-cache, must-revalidate Content-Type text/plain; charset=utf-8 Content-Length 0 Expires 0 Redirect headers date Sat, 29 Jan 2022 09:31:42 GMT content-encoding gzip server nginx/1.14.1 location https://ila3.co/o/220218?p=17&aff_clickid=NCT_iphone_de_ofid13170601_pid616_sub1AkF9L3kAAAF-pS0V3AAAJyMAAABDAAAAAA_sub23_sub3SpykeSL_nat14_sub4_sub5&sub1=747080616_3&app_name=id358801284 x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=164938&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13074445_pidundefined_sub1,_sub2,_sub3,_nat27_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	26ms 11ms	Stylesheet text/plain	188.40.120.131 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.131.120.40.188.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Sat, 29 Jan 2022 09:31:42 GMT referrer-policy no-referrer content-length 0
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=180272&pub_id=646&pub_click_id=NCT_iphone_de_ofid12829632_pidundefined_sub1,_sub2,_sub3,_nat28_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	28ms 13ms	Stylesheet text/plain	188.40.120.131 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.131.120.40.188.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Sat, 29 Jan 2022 09:31:42 GMT referrer-policy no-referrer content-length 0
GET H2	200	en www.visitdubai.com/ Redirect Chain https://md412.trckswrm.com/click?offer_id=232538&pub_id=10&pub_click_id=NCT_iphone_de_ofid13069147_pidundefined_sub1,_sub2,_sub3,_nat29_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1... https://ad.mobcho.com/click?pid=252&offer_id=33&sub2=AonzTIYAAAF-pS0V3AADSVkAAAAHAAAAAw&sub3=7_10&sub1=&sub4=&sub5=id1274972321 https://www.visitdubai.com/en/win-a-trip-with-rixos https://www.visitdubai.com/en	0 0	231ms 231ms	Stylesheet text/html	2a02:26f0:1700:798::374e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.visitdubai.com/en Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 2a02:26f0:1700:798::374e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Sat, 29 Jan 2022 09:31:42 GMT server AkamaiGHost strict-transport-security max-age=31536000 ; includeSubDomains ; preload location https://www.visitdubai.com/en cache-control max-age=0 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 0 expires Sat, 29 Jan 2022 09:31:42 GMT
GET H/1.1	200 OK	disabled.html zildd.g2afse.com/ Redirect Chain https://zildd.g2afse.com/click?pid=35&offer_id=3428509&sub1=NCT_iphone_de_ofid13063121_pidundefined_sub1,_sub2,_sub3,_nat30_sub4_sub5&sub2=747080undefined_,&sub3=id1274972321&sub4=1C0CB185-7858-4D7... http://zildd.g2afse.com/disabled.html	0 0	40ms 19ms	Stylesheet text/html	213.227.134.242 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://zildd.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 213.227.134.242 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location http://zildd.g2afse.com/disabled.html date Sat, 29 Jan 2022 09:31:42 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	51ms 14ms	Stylesheet text/plain	136.243.5.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=289106&pub_id=10&pub_click_id=NCT_iphone_de_ofid12782413_pidundefined_sub1,_sub2,_sub3,_nat31_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.243.5.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.30.5.243.136.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=210602&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid13072953_pidundefined_sub1,_sub2,_sub3,_nat32_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	26ms 12ms	Stylesheet text/plain	188.40.120.131 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.131.120.40.188.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Sat, 29 Jan 2022 09:31:42 GMT referrer-policy no-referrer content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	50ms 13ms	Stylesheet text/plain	136.243.5.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=26199&pub_id=10&pub_click_id=NCT_iphone_de_ofid11558045_pidundefined_sub1,_sub2,_sub3,_nat33_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.243.5.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.30.5.243.136.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	52ms 13ms	Stylesheet text/plain	136.243.5.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=654143&pub_id=10&pub_click_id=NCT_iphone_de_ofid13077299_pidundefined_sub1,_sub2,_sub3,_nat34_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.243.5.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.30.5.243.136.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=209238&pub_id=646&pub_click_id=NCT_iphone_de_ofid13073281_pidundefined_sub1,_sub2,_sub3,_nat35_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	28ms 13ms	Stylesheet text/plain	188.40.120.131 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.131.120.40.188.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Sat, 29 Jan 2022 09:31:42 GMT referrer-policy no-referrer content-length 0
GET H2	404	click times25.go2affise.com/	0 0	72ms 14ms	Stylesheet text/html	213.227.135.227 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://times25.go2affise.com/click?pid=607&offer_id=150951&sub1=NCT_iphone_de_ofid10617043_pidundefined_sub1,_sub2,_sub3,_nat36_sub4_sub5&sub2=747080undefined_,&sub5=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.227 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=195082&pub_id=646&pub_click_id=NCT_iphone_de_ofid13069973_pidundefined_sub1,_sub2,_sub3,_nat37_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1274... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	31ms 19ms	Stylesheet text/plain	188.40.120.131 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.131.120.40.188.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Sat, 29 Jan 2022 09:31:42 GMT referrer-policy no-referrer content-length 0
GET H2	403	details play.google.com/store/apps/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=656252&sub1=NCT_iphone_de_ofid13188731_pidundefined_sub1,_sub2,_sub3,_nat38_sub4_sub5&sub2=747080undefined_,&sub3=1C0CB185-7858-4D7E-8819-B1000... http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=656252&sub3=2 https://rewardsctr.com/t/941705?A1=61f5097e5e7dfd0001f7aebf&A5=1_656252&A4=&A3=2_&A2=2_&pip=45.141.152.68&plang=DE&pua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KH... https://1wijcp4.mapuravity.com/1wijcp4?p=2079_1_656252&sid=11ec80e644da18a091fac78150ca1522_941705_71159&android_a_id=2_&idfa=2_&app_id= https://play.google.com/store/apps/details?id=mx.com.bancoazteca.bazdigitalmovil&hl=en&gl=US&referrer=mobrain_2201290631a5a5c7eb41a33d	0 0	64ms 32ms	Stylesheet text/html	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/store/apps/details?id=mx.com.bancoazteca.bazdigitalmovil&hl=en&gl=US&referrer=mobrain_2201290631a5a5c7eb41a33d Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location https://play.google.com/store/apps/details?id=mx.com.bancoazteca.bazdigitalmovil&hl=en&gl=US&referrer=mobrain_2201290631a5a5c7eb41a33d Date Sat, 29 Jan 2022 09:31:43 GMT X-Adjust-Use-Original-Forwarded-For 1 Connection keep-alive Content-Length 4 Server nginx Content-Type application/json
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	68ms 14ms	Stylesheet text/plain	136.243.5.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=678915&pub_id=10&pub_click_id=NCT_iphone_de_ofid13177592_pidundefined_sub1,_sub2,_sub3,_nat39_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&gaid=1C0CB185-7858-4D7E-8819-B100018E40F6&idfa=1C0CB185-7858-4D7E-8819-B100018E40F6&app=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 136.243.5.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.30.5.243.136.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0
GET H/1.1	200 OK	recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=206636&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_de_ofid12995188_pidundefined_sub1,_sub2,_sub3,_nat40_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 75 B	29ms 18ms	Stylesheet text/plain	188.40.120.131 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol HTTP/1.1 Server 188.40.120.131 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.131.120.40.188.clients.your-server.de Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:42 GMT content-length 0 Redirect headers location http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725 date Sat, 29 Jan 2022 09:31:42 GMT referrer-policy no-referrer content-length 0
GET H2	200	/ www.google.com/ Redirect Chain https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D https://www.google.com/	0 0	104ms 78ms	Stylesheet text/html	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Sat, 29 Jan 2022 09:31:42 GMT referrer-policy origin cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWlcLZJwNndUb62C4qtM3MvpOSiMf62KpfzPg5o2%2F1uUAK7TYPwC6uYlbJg5bOjhn5TgnS60bLnEeniKkUX5%2B6FFXLgg%2BcWwNVlBlRmOLMN7lnw%2FAy1CGij7hrgM8Yc%3D"}],"group":"cf-nel","max_age":604800} location https://www.google.com cf-ray 6d5172f61ada9220-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	en www.visitdubai.com/ Redirect Chain https://md412.trckswrm.com/click?offer_id=67889&pub_id=10&pub_click_id=NCT_iphone_de_ofid12824993_pidundefined_sub1,_sub2,_sub3,_nat15_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id12... https://ad.mobcho.com/click?pid=252&offer_id=33&sub2=AqB0i3gAAAF-pS0aIgADSVkAAAAHAAAAAw&sub3=7_10&sub1=&sub4=&sub5=id1274972321 https://www.visitdubai.com/en/win-a-trip-with-rixos https://www.visitdubai.com/en	0 0	227ms 227ms	Stylesheet text/html	2a02:26f0:1700:798::374e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.visitdubai.com/en Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 2a02:26f0:1700:798::374e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Sat, 29 Jan 2022 09:31:43 GMT server AkamaiGHost strict-transport-security max-age=31536000 ; includeSubDomains ; preload location https://www.visitdubai.com/en cache-control max-age=0 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 0 expires Sat, 29 Jan 2022 09:31:43 GMT
GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://nexamob.g2afse.com/click?pid=15&offer_id=254156&sub1=NCT_iphone_de_ofid13203617_pidundefined_sub1,_sub2,_sub3,_nat17_sub4_sub5&sub2=747080undefined_,&sub3=id1274972321&sub5=id1274972321 https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01	0 0	98ms 98ms	Stylesheet text/html	3.224.8.153 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 3.224.8.153 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-224-8-153.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:43 GMT content-length 13 content-type text/html Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 date Sat, 29 Jan 2022 09:31:43 GMT server nginx access-control-allow-origin * content-length 0
GET H2	200	id1262148500 impression.appsflyer.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=203764&sub1=NCT_iphone_de_ofid11755038_pidundefined_sub1,_sub2,_sub3,_nat22_sub4_sub5&sub4=747080undefined_,&sub5=id1274972321 https://appalgo.g2afse.com/click?pid=304&offer_id=88608&sub1=61f5097f78a17500013d37af&sub2=42_747080undefined_,&sub3=&sub4=&sub5=id1274972321 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0 https://ila3.co/o/211292?p=17&aff_clickid=NCT_iphone_de_ofid12593404_pid616_sub1_sub2304_sub3appalgorem_nat12_sub4_sub5&sub1=747080616&sub2=304&app_name=id393048976&bundle_id=id393048976 https://impression.appsflyer.com/id1262148500?af_siteid=120_210569&af_cost_model=CPI&af_prt=moblin&pid=z2adigital_int&c=Zoomd_Crypto_iOS_CPI_DE&af_viewthrough_lookback=1d&clickid=1231ec80e6459aa980...	2 B 311 B	34ms 34ms	Stylesheet text/html	52.222.236.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://impression.appsflyer.com/id1262148500?af_siteid=120_210569&af_cost_model=CPI&af_prt=moblin&pid=z2adigital_int&c=Zoomd_Crypto_iOS_CPI_DE&af_viewthrough_lookback=1d&clickid=1231ec80e6459aa980583d9d_211292_263946&advertising_id=459AA981-80E6-11EC-A5D9-8B866C8C4435&af_cost_model=CPI&af_cost_currency=USD&af_cost_value=3.5&af_adset=120_210569&af_channel=1840&af_c_id=211292&af_ad_type=banner&af_media_type=app&af_adset_id=263946&af_ad_id=263946%7C211292%7Czn7sc2cl0qj7n%7C304%7C665720449%7C0%7C0&af_ad=263946%7C211292%7Czn7sc2cl0qj7n%7C304%7C665720449%7C0%7C0 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 52.222.236.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-57.fra56.r.cloudfront.net Software http-kit / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 09:31:44 GMT via 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront) server http-kit x-amz-cf-pop FRA56-P4 strict-transport-security max-age=31536000; includeSubDomains x-cache Miss from cloudfront content-type text/html; charset=utf-8 cache-control no-cache content-length 2 x-amz-cf-id X1CmcKj7ZJCw_pUe9s-kuhRZHiasv0XEAtDEnzVtqFS6mkekGeR-Xw== Redirect headers Pragma no-cache Date Sat, 29 Jan 2022 09:31:44 GMT Referrer-Policy no-referrer Content-Type text/html; charset=utf-8 Location https://impression.appsflyer.com/id1262148500?af_siteid=120_210569&af_cost_model=CPI&af_prt=moblin&pid=z2adigital_int&c=Zoomd_Crypto_iOS_CPI_DE&af_viewthrough_lookback=1d&clickid=1231ec80e6459aa980583d9d_211292_263946&advertising_id=459AA981-80E6-11EC-A5D9-8B866C8C4435&af_cost_model=CPI&af_cost_currency=USD&af_cost_value=3.5&af_adset=120_210569&af_channel=1840&af_c_id=211292&af_ad_type=banner&af_media_type=app&af_adset_id=263946&af_ad_id=263946%7C211292%7Czn7sc2cl0qj7n%7C304%7C665720449%7C0%7C0&af_ad=263946%7C211292%7Czn7sc2cl0qj7n%7C304%7C665720449%7C0%7C0 Cache-Control no-store, no-cache, must-revalidate Content-Length 0 Expires 0
GET		redirect direct4.soldbyphonder.com/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=654457&sub1=NCT_iphone_de_ofid12209444_pidundefined_sub1,_sub2,_sub3,_nat23_sub4_sub5&sub2=747080undefined_,&sub5=id1274972321 http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=654457&sub3=2 https://olamob.g2afse.com/click?pid=38&offer_id=1081198&sub1=61f50980d31e15000160b542&sub2=1_654457&sub3=2&sub4=&sub8=|676723,1 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 https://kuno-gae.com/com.id768469908?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=45b2ec73-80e6-11ec-a1ce-1281bcc02555	0 0
GET H2	404	click trafficred.g2afse.com/ Redirect Chain https://md412.trckswrm.com/click?offer_id=229310&pub_id=10&pub_click_id=NCT_iphone_de_ofid13103047_pidundefined_sub1,_sub2,_sub3,_nat24_sub4_sub5&pub_sub_id=747080undefined&pub_sub_sub_id=,&app=id1... https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=AubbfK8AAAF-pS0c9gADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1274972321	0 0	20ms 20ms	Stylesheet text/html	213.227.156.193 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=AubbfK8AAAF-pS0c9gADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 213.227.156.193 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=AubbfK8AAAF-pS0c9gADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id1274972321 date Sat, 29 Jan 2022 09:31:44 GMT referrer-policy no-referrer content-length 0
GET H2	404	click times25.go2affise.com/	0 0	28ms 27ms	Stylesheet text/html	213.227.135.227 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://times25.go2affise.com/click?pid=607&offer_id=150951&sub1=NCT_iphone_de_ofid10617043_pidundefined_sub1,_sub2,_sub3,_nat36_sub4_sub5&sub2=747080undefined_,&sub5=id1274972321 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.227 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H2	404	click trafficred.g2afse.com/ Redirect Chain https://ad-experience.g2afse.com/click?pid=2&offer_id=656252&sub1=NCT_iphone_de_ofid13188731_pidundefined_sub1,_sub2,_sub3,_nat38_sub4_sub5&sub2=747080undefined_,&sub3=1C0CB185-7858-4D7E-8819-B1000... http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=656252&sub3=2 https://olamob.g2afse.com/click?pid=38&offer_id=919685&sub1=61f50980a0e1ea0001e211bf&sub2=1_656252&sub3=2&sub4=&sub8=|666716,1 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=38&udid=&name=&info=OlaMobSL&blockTime=0 https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=12789778&sub1=&sub2=38&sub3=OlaMobSL_nat9&sub4=5B697D0B-E650-4649-9630-C0E65C2B08C0&sub5=id462678375&sub6=747080 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://md412.trckswrm.com/click?offer_id=67889&pub_id=10&pub_click_id=NCT_iphone_de_ofid12824993_pid616_sub1_sub2_sub3TbLabq_nat15_sub4_sub5&pub_sub_id=747080616&pub_sub_sub_id=&app=id546473125 https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=Akdk_zwAAAF-pS0djQADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id546473125	0 0	15ms 15ms	Stylesheet text/html	213.227.156.193 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=Akdk_zwAAAF-pS0djQADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id546473125 Requested by Host: cpi-offers.com URL: http://cpi-offers.com/FANTASTIC.HTML?SIZE=0&RED=0&IDS=&LASTID=&APID=429&CID=&SID=535&UDID=&NAME=&INFO=LAMBADASL&BLOCKTIME=0 Protocol H2 Server 213.227.156.193 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers location https://trafficred.g2afse.com/click?pid=4&offer_id=601&ref_id=Akdk_zwAAAF-pS0djQADJeAAAAAHAAAAAw&sub2=7_10&sub5=&sub4=&sub6=id546473125 date Sat, 29 Jan 2022 09:31:44 GMT referrer-policy no-referrer content-length 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

direct4.soldbyphonder.com

URL

https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=44c705d6-80e6-11ec-a4a7-0a78e27594e7

Domain

imagineads.g2afse.com

URL

https://imagineads.g2afse.com/click?pid=5&offer_id=7294

Domain

direct4.soldbyphonder.com

URL

https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=45b2ec73-80e6-11ec-a1ce-1281bcc02555