10reasonsmile.azurewebsites.net Open in urlscan Pro
13.67.129.26 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://10reasonsmile.azurewebsites.net/
Submission: On March 11 via manual (March 11th 2022, 9:21:45 am UTC) from FR — Scanned from FR

Summary HTTP 139 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 30 IPs in 7 countries across 39 domains to perform 139 HTTP transactions. The main IP is 13.67.129.26, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 10reasonsmile.azurewebsites.net.

This is the only time 10reasonsmile.azurewebsites.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	13.67.129.26 13.67.129.26	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	216.58.212.170 216.58.212.170	15169 (GOOGLE) (GOOGLE)
1	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
6	67.27.159.121 67.27.159.121	3356 (LEVEL3) (LEVEL3)
9	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
9	65.58.27.249 65.58.27.249	3356 (LEVEL3) (LEVEL3)
3	162.55.130.248 162.55.130.248	24940 (HETZNER-AS) (HETZNER-AS)
8 12	3.120.62.32 3.120.62.32	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
2 2	213.227.134.196 213.227.134.196	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	84.110.34.196 84.110.34.196	8551 (BEZEQ-INT...) (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone)
4	13.224.195.77 13.224.195.77	16509 (AMAZON-02) (AMAZON-02)
2	185.33.87.146 185.33.87.146	202015 (HZ-US-AS) (HZ-US-AS)
4 4	213.227.134.234 213.227.134.234	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	54.144.26.10 54.144.26.10	14618 (AMAZON-AES) (AMAZON-AES)
2 12	5.9.6.124 5.9.6.124	24940 (HETZNER-AS) (HETZNER-AS)
2 2	212.32.254.77 212.32.254.77	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.135.227 213.227.135.227	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5 6	116.202.243.43 116.202.243.43	24940 (HETZNER-AS) (HETZNER-AS)
6	54.88.202.215 54.88.202.215	14618 (AMAZON-AES) (AMAZON-AES)
2 2	167.86.121.134 167.86.121.134	51167 (CONTABO) (CONTABO)
2 2	172.67.211.95 172.67.211.95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	104.26.1.213 104.26.1.213	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	188.114.97.7 188.114.97.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	116.202.135.115 116.202.135.115	24940 (HETZNER-AS) (HETZNER-AS)
6 6	213.227.134.242 213.227.134.242	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	213.227.135.213 213.227.135.213	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	34.120.248.84 34.120.248.84	15169 (GOOGLE) (GOOGLE)
3	104.111.214.42 104.111.214.42	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.244.190.228 35.244.190.228	15169 (GOOGLE) (GOOGLE)
2 2	188.114.96.7 188.114.96.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
2	136.243.80.153 136.243.80.153	24940 (HETZNER-AS) (HETZNER-AS)
1 2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
1	142.250.185.214 142.250.185.214	15169 (GOOGLE) (GOOGLE)
1	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
1 1	172.67.37.227 172.67.37.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.77.201 104.21.77.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	213.227.156.19 213.227.156.19	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
139	30

13 13.67.129.26 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

10reasonsmile.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.170 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 67.27.159.121 (United States)

ASN3356 (LEVEL3, US)

cdn.runative-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.74.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 65.58.27.249 (United States)

ASN3356 (LEVEL3, US)

cdn.run-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.55.130.248 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.248.130.55.162.clients.your-server.de

run-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.120.62.32 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-62-32.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.134.196 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

go2.lkjlkjkljsdflkjsdfklsfjklsd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.110.34.196 (Netanya, Israel) 2 redirects

ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL)
PTR: bzq-84-110-34-196.static-ip.bezeqint.net

trxrc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.195.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-77.fra2.r.cloudfront.net

impression.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.87.146 (Ashburn, United States)

ASN202015 (HZ-US-AS, BG)

direct2.knmasdfsdgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.227.134.234 (Netherlands) 4 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ttmma.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.144.26.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-26-10.compute-1.amazonaws.com

trk.whisursand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 5.9.6.124 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.124.6.9.5.clients.your-server.de

apts.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
md412.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apply.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.32.254.77 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

waardex.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.135.227 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ermoza.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 116.202.243.43 (Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.43.243.202.116.clients.your-server.de

advdgt.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lambadapp.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.88.202.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-202-215.compute-1.amazonaws.com

trk.ad-serving-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trk.games-to-run123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.86.121.134 (Nuremberg, Germany) 2 redirects

ASN51167 (CONTABO, DE)
PTR: m13634.contaboserver.net

ila3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.211.95 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ultrapartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.1.213 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ucconn.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.7 (Medellín, Colombia)

ASN13335 (CLOUDFLARENET, US)

www.unique-private.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.135.115 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.115.135.202.116.clients.your-server.de

adcrt.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.227.134.242 (Netherlands) 6 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

maxtopmedia.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
labmediasolutions.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
appalgo.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.135.213 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

times25.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.248.84 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 84.248.120.34.bc.googleusercontent.com

click.mnmnck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.214.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-42.deploy.static.akamaitechnologies.com

apps.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.190.228 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 228.190.244.35.bc.googleusercontent.com

click.appmultiple.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.7 (Medellín, Colombia) 2 redirects

ASN13335 (CLOUDFLARENET, US)

zainzuri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.80.153 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.153.80.243.136.clients.your-server.de

pixel.runative-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.214 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.37.227 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

adjar.gotrackier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)

www.freegames4play.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.77.201 (None, )

ASN13335 (CLOUDFLARENET, US)

trk.bidrivo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.156.19 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

mookomedia.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	trckswrm.com 7 redirects apts.trckswrm.com — Cisco Umbrella Rank: 31820 advdgt.trckswrm.com — Cisco Umbrella Rank: 33841 md412.trckswrm.com — Cisco Umbrella Rank: 63184 lambadapp.trckswrm.com — Cisco Umbrella Rank: 119455 adcrt.trckswrm.com — Cisco Umbrella Rank: 365161 apply.trckswrm.com — Cisco Umbrella Rank: 39977 brainadv.trckswrm.com Failed	2 KB
13	azurewebsites.net 10reasonsmile.azurewebsites.net	362 KB
12	g2afse.com 12 redirects waardex.g2afse.com — Cisco Umbrella Rank: 63235 ermoza.g2afse.com — Cisco Umbrella Rank: 64992 ad-experience.g2afse.com Failed appricotads.g2afse.com Failed maxtopmedia.g2afse.com — Cisco Umbrella Rank: 59727 zildd.g2afse.com Failed labmediasolutions.g2afse.com — Cisco Umbrella Rank: 83082 mookomedia.g2afse.com — Cisco Umbrella Rank: 58554 appalgo.g2afse.com — Cisco Umbrella Rank: 52188 brainadv.g2afse.com — Cisco Umbrella Rank: 37553 Failed	3 KB
12	cpi-offers.com 8 redirects cpi-offers.com — Cisco Umbrella Rank: 31501	8 KB
12	run-syndicate.com cdn.run-syndicate.com — Cisco Umbrella Rank: 42049 run-syndicate.com — Cisco Umbrella Rank: 40445	19 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 88	729 KB
8	runative-syndicate.com cdn.runative-syndicate.com — Cisco Umbrella Rank: 39924 pixel.runative-syndicate.com — Cisco Umbrella Rank: 301744	814 KB
7	go2affise.com 4 redirects ttmma.go2affise.com — Cisco Umbrella Rank: 31997 times25.go2affise.com — Cisco Umbrella Rank: 157616	1005 B
5	ad-serving-ads.com trk.ad-serving-ads.com — Cisco Umbrella Rank: 39342
4	appsflyer.com impression.appsflyer.com — Cisco Umbrella Rank: 1711	1 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 static.doubleclick.net — Cisco Umbrella Rank: 310	1 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	14 KB
3	apple.com apps.apple.com — Cisco Umbrella Rank: 983
2	gstatic.com fonts.gstatic.com www.gstatic.com	18 KB
2	zainzuri.com 2 redirects zainzuri.com — Cisco Umbrella Rank: 56237	1 KB
2	appmultiple.net 2 redirects click.appmultiple.net — Cisco Umbrella Rank: 59346	249 B
2	unique-private.online www.unique-private.online
2	ucconn.live 2 redirects ucconn.live	1 KB
2	ultrapartners.com 2 redirects ultrapartners.com	956 B
2	ila3.co 2 redirects ila3.co — Cisco Umbrella Rank: 38422	1 KB
2	whisursand.com trk.whisursand.com — Cisco Umbrella Rank: 31067
2	knmasdfsdgs.com direct2.knmasdfsdgs.com — Cisco Umbrella Rank: 50935	276 B
2	trxrc.com 2 redirects trxrc.com — Cisco Umbrella Rank: 58810	979 B
2	lkjlkjkljsdflkjsdfklsfjklsd.com 2 redirects go2.lkjlkjkljsdflkjsdfklsfjklsd.com — Cisco Umbrella Rank: 46018	319 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	games-to-run123.com trk.games-to-run123.com — Cisco Umbrella Rank: 32194
1	bidrivo.com trk.bidrivo.com — Cisco Umbrella Rank: 125882	576 B
1	freegames4play.com www.freegames4play.com — Cisco Umbrella Rank: 178999
1	gotrackier.com 1 redirects adjar.gotrackier.com — Cisco Umbrella Rank: 43382	595 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	149 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 214	4 KB
1	mnmnck.com 1 redirects click.mnmnck.com — Cisco Umbrella Rank: 44026	167 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	37 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251	30 KB
0	mapuravity.com Failed 2idol64.mapuravity.com Failed
0	allontrk.com Failed c.allontrk.com Failed
0	soldbyphonder.com Failed direct4.soldbyphonder.com Failed
0	alibaba.com Failed offer.alibaba.com Failed
0	gilgalpush.com Failed private.gilgalpush.com Failed
139	39

	Domain	Requested by
13	10reasonsmile.azurewebsites.net	10reasonsmile.azurewebsites.net
12	cpi-offers.com	8 redirects 10reasonsmile.azurewebsites.net cpi-offers.com
9	apts.trckswrm.com	cpi-offers.com
9	cdn.run-syndicate.com	cdn.runative-syndicate.com
9	www.youtube.com	10reasonsmile.azurewebsites.net www.youtube.com
6	cdn.runative-syndicate.com	10reasonsmile.azurewebsites.net
5	trk.ad-serving-ads.com	cpi-offers.com
5	advdgt.trckswrm.com	5 redirects
4	ttmma.go2affise.com	4 redirects
4	impression.appsflyer.com	cpi-offers.com
3	www.google.com	cpi-offers.com www.youtube.com
3	apps.apple.com	cpi-offers.com
3	times25.go2affise.com	cpi-offers.com
3	run-syndicate.com	cdn.runative-syndicate.com
2	appalgo.g2afse.com	2 redirects
2	mookomedia.g2afse.com	2 redirects
2	labmediasolutions.g2afse.com	2 redirects
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	pixel.runative-syndicate.com	10reasonsmile.azurewebsites.net
2	zainzuri.com	2 redirects
2	click.appmultiple.net	2 redirects
2	maxtopmedia.g2afse.com	2 redirects
2	www.unique-private.online	cpi-offers.com
2	ucconn.live	2 redirects
2	ultrapartners.com	2 redirects
2	md412.trckswrm.com	2 redirects
2	ila3.co	2 redirects
2	ermoza.g2afse.com	2 redirects
2	waardex.g2afse.com	2 redirects
2	trk.whisursand.com	cpi-offers.com
2	direct2.knmasdfsdgs.com	cpi-offers.com
2	trxrc.com	2 redirects
2	go2.lkjlkjkljsdflkjsdfklsfjklsd.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	trk.games-to-run123.com	cpi-offers.com
1	trk.bidrivo.com	cpi-offers.com
1	www.freegames4play.com	cpi-offers.com
1	adjar.gotrackier.com	1 redirects
1	www.gstatic.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	click.mnmnck.com	1 redirects
1	apply.trckswrm.com	cpi-offers.com
1	adcrt.trckswrm.com	cpi-offers.com
1	lambadapp.trckswrm.com	cpi-offers.com
1	www.googletagmanager.com	10reasonsmile.azurewebsites.net
1	ajax.googleapis.com	10reasonsmile.azurewebsites.net
0	brainadv.g2afse.com Failed	cpi-offers.com
0	brainadv.trckswrm.com Failed	cpi-offers.com
0	2idol64.mapuravity.com Failed	cpi-offers.com
0	zildd.g2afse.com Failed	cpi-offers.com
0	appricotads.g2afse.com Failed	cpi-offers.com
0	ad-experience.g2afse.com Failed	cpi-offers.com
0	c.allontrk.com Failed	cpi-offers.com
0	direct4.soldbyphonder.com Failed	cpi-offers.com
0	offer.alibaba.com Failed	cpi-offers.com
0	private.gilgalpush.com Failed	10reasonsmile.azurewebsites.net
139	59

This site contains links to these domains. Also see Links.

Domain
10reasonstudy.azurewebsites.net
10reasonnorich.azurewebsites.net
10rasonstartupfail.azurewebsites.net
10reasonhome.azurewebsites.net
anqbzv.catchurluck.net
trafficstars.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
cpi-offers.com Amazon	`2021-10-26` - `2022-11-23`	a year	crt.sh
*.knmasdfsdgs.com Go Daddy Secure Certificate Authority - G2	`2021-07-14` - `2022-08-15`	a year	crt.sh
apts.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2022-02-15` - `2022-05-16`	3 months	crt.sh
lambadapp.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2022-02-01` - `2022-05-02`	3 months	crt.sh
adcrt.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2022-02-16` - `2022-05-17`	3 months	crt.sh
apply.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2022-02-15` - `2022-05-16`	3 months	crt.sh
*.go2affise.com Go Daddy Secure Certificate Authority - G2	`2021-10-09` - `2022-11-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://10reasonsmile.azurewebsites.net/
Frame ID: C753C6D48DDBA6C6FE61B24FA4C1B14A
Requests: 38 HTTP requests in this frame

Frame: https://www.youtube.com/embed/hRkZEZcN7-A
Frame ID: 018A2D291AA390DD97E085AFBAA0B771
Requests: 17 HTTP requests in this frame

Frame: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Frame ID: 7CBA0CBC5F3E50F717AA27FBE127F492
Requests: 56 HTTP requests in this frame

Frame: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Frame ID: C65F8D1CD8EDAF1A3AC20132D2E876D6
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Top 10 Reasons You Should Smile Every Day

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

139
Requests

27 %
HTTPS

0 %
IPv6

39
Domains

59
Subdomains

30
IPs

7
Countries

2205 kB
Transfer

4448 kB
Size

23
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://10reasonstudy.azurewebsites.net/
Title: Why You Should Study Abroad

Search URL Search Domain Scan URL

URL: https://10reasonnorich.azurewebsites.net/
Title: You’re Not Rich Yet

Search URL Search Domain Scan URL

URL: https://10rasonstartupfail.azurewebsites.net/
Title: Why Startups Fail

Search URL Search Domain Scan URL

URL: https://10reasonhome.azurewebsites.net/
Title: Why Do People Sell Their Homes

Search URL Search Domain Scan URL

URL: https://anqbzv.catchurluck.net/c/1f0a2cb367c37dee?s1=88137&s2=1217411&s3={site_id}&click_id={click_id}&j1=1&j3=1

Search URL Search Domain Scan URL

URL: https://trafficstars.com/
Title: Ads by TrafficStars

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_fr_ofid10910945_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat1_sub4_sub5&sub1=729_4850738&sub2=729_4850738_738_{sub2}&sub3=id1413942319&sub7=id1413942319 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1413942319&sub1=729_4850738&sub2=729_4850738_738_{sub2} HTTP 302
https://offer.alibaba.com/cps/3ba4i0jh?tp1=622b14a41f63740001cb5049&pid=729_4850738&adid= HTTP 0
http://offer.alibaba.com/product/w404

Request Chain 30

https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=738&offer_id=13189374&sub1={clickid}&sub2=738_{sub2}&sub3=Target3SL_nat2&sub4=5B2C59D6-CD91-499E-9C1E-30BB5AB332C3&sub5=id1413942319&sub6=682200 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://trxrc.com/t/951611?A1=NCT_iphone_fr_ofid13258664_pid616_sub1_sub2_sub3TbLabq_nat13_sub4_sub5&A5=682200616_ HTTP 302
https://impression.appsflyer.com/id1230088754?af_prt=cygobelmedia&pid=goplaym_int&af_siteid=1681_682200616__951611_71794_CIC&c=IOS_FR&aff_id=38360&aff_type=cellxpert&af_viewthrough_lookback=1d&clickid=11eca11ca8e07000934f23d2d46514cf_951611_71794&idfa=&advertising_id=&poid=951611_71794

Request Chain 32

https://kuno-gae.com/com.id1413942319?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd HTTP 302
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=a8cdf978-a11c-11ec-93f8-0a8d4c960769

Request Chain 33

https://ttmma.go2affise.com/click?pid=21&offer_id=518134&sub1=NCT_iphone_fr_ofid12180772_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat5_sub4_sub5&sub2=682200738_738_{sub2}&sub5=id1413942319 HTTP 302
https://ttmma.go2affise.com/click?pid=17&offer_id=543704&sub1=&sub2=21&sub4=&sub5=id1413942319&sub6=&sub8= HTTP 302
https://trk.whisursand.com/click?affid=25&clickid=622b14a450ec5300014a7bd2&category=01&androidid=&iosidfa=

Request Chain 35

https://waardex.g2afse.com/click?pid=134&offer_id=103377&offer_id=5350&sub1=NCT_iphone_fr_ofid13267854_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat7_sub4_sub5&sub2=682200738_738_{sub2}&sub3=5B2C59D6-CD91-499E-9C1E-30BB5AB332C3&sub4=id1413942319&sub5=id1413942319 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=931&cid=&sid=134&udid=&name=&info=WaardexSL&blockTime=0 HTTP 302
https://ermoza.g2afse.com/click?pid=31&offer_id=16198&sub1=NCT_iphone_fr_ofid13270100_pid616_sub1_sub2134_sub3WaardexSL_nat9_sub4_sub5&sub2=682200616_134&sub3=id281940292 HTTP 302
https://ermoza.g2afse.com/click?pid=1&offer_id=2171 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=600&cid=622b14a44f2a450001d0a222&sid=1_&udid=&name=&info=ExplorAdsSL&blockTime=0 HTTP 302
https://advdgt.trckswrm.com/click?offer_id=83546&pub_id=7&pub_click_id=NCT_iphone_fr_ofid13239268_pid616_sub1622b14a44f2a450001d0a222_sub21__sub3ExplorAdsSL_nat10_sub4_sub5&pub_sub_id=682200616&pub_sub_sub_id=1_&app=id510873505 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200616&creativeid=POP&category=01&androidid=

Request Chain 36

https://ila3.co/o/251178?p=17&aff_clickid=NCT_iphone_fr_ofid13254655_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat8_sub4_sub5&sub1=682200738_738_{sub2}&app_name=id1413942319 HTTP 302
https://impression.appsflyer.com/id1378956601?af_prt=moblin&pid=z2adigital_int&c=Zoomd_Kucoin_IOS_FR&af_siteid=21_z17inacnaba48w&af_viewthrough_lookback=1d&clickid=3521eca11ca8b9ae2064185d_251178_274003&advertising_id=&idfa=&af_c_id=251178&af_ad_type=banner&af_media_type=app&af_adset_id=274003&af_adset=274003&af_ad_id=274003%7C251178%7Czlpccooq8shla%7C%7C509933322%7C0%7C0&af_ad=274003%7C251178%7Czlpccooq8shla%7C%7C509933322%7C0%7C0

Request Chain 38

https://advdgt.trckswrm.com/click?offer_id=83546&pub_id=7&pub_click_id=NCT_iphone_fr_ofid13239268_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat10_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200738&creativeid=POP&category=01&androidid=

Request Chain 39

https://md412.trckswrm.com/click?offer_id=235801&pub_id=10&pub_click_id=NCT_iphone_fr_ofid13233795_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat11_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&gaid=5B2C59D6-CD91-499E-9C1E-30BB5AB332C3&idfa=5B2C59D6-CD91-499E-9C1E-30BB5AB332C3&app=id1413942319 HTTP 302
https://ultrapartners.com/redirect/id/36343/b/1/l/149/tp/h/s/Aha-0sEAAAF_eEiiBAADmoUAAAAsAAAABQ&subaff=44/tm/0 HTTP 302
https://ucconn.live/es/?id=53208480&affid=36343&m=0&landing=h&referrer=&src=Aha-0sEAAAF_eEiiBAADmoUAAAAsAAAABQ&subaff=44 HTTP 301
https://www.unique-private.online/es/?id=53208480&affid=36343&m=0&landing=h&referrer=&src=Aha-0sEAAAF_eEiiBAADmoUAAAAsAAAABQ&subaff=44&ucconn_uin=1290735865622b14a5341480.97386835

Request Chain 40

https://advdgt.trckswrm.com/click?offer_id=251019&pub_id=7&pub_click_id=NCT_iphone_fr_ofid12830917_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat12_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200738&creativeid=POP&category=01&androidid=

Request Chain 41

https://trxrc.com/t/951627?A1=NCT_iphone_fr_ofid13258663_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat13_sub4_sub5&A5=682200738_738_{sub2} HTTP 302
https://impression.appsflyer.com/id1230088754?af_prt=cygobelmedia&pid=keybali_int&c=IOS_FR&aff_id=38360&aff_type=cellxpert&af_siteid=1681_682200738_738_%7Bsub2%7D_951627_71799_%20Crypto%20&%20Trade%20CFDs&af_viewthrough_lookback=1d&clickid=11eca11ca8d30280934f23d2d46514cf_951627_71799&idfa=&advertising_id=

Request Chain 42

https://mookomedia.g2afse.com/click?pid=42&offer_id=203427&sub1=NCT_iphone_fr_ofid11753141_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat14_sub4_sub5&sub4=682200738_738_{sub2}&sub5=id1413942319 HTTP 302
https://appalgo.g2afse.com/click?pid=304&offer_id=88502&sub1=622b14a4d5b6960001816ec9&sub2=42_682200738_738_{sub2}&sub3=&sub4=&sub5=id1413942319 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0 HTTP 302
https://kuno-gae.com/com.id1453411110?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd HTTP 302
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=a8dbdc28-a11c-11ec-82ba-123e9f22444f

Request Chain 49

https://t.9696.me/click?pid=729&offer_id=146666&sub4=NCT_iphone_fr_ofid7838849_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat21_sub4_sub5&sub1=729_4850738&sub2=729_4850738_738_{sub2}&sub3=id1413942319&sub7=id1413942319 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1413942319&sub1=729_4850738&sub2=729_4850738_738_{sub2} HTTP 302
https://offer.alibaba.com/cps/3ba4i0jh?tp1=622b14a44627fc0001083197&pid=729_4850738&adid=

Request Chain 52

https://maxtopmedia.g2afse.com/click?pid=166&offer_id=91387&sub1=NCT_iphone_fr_ofid13243890_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat24_sub4_sub5&sub2=682200738_738_{sub2}&sub4=id1413942319 HTTP 302
https://maxtopmedia.g2afse.com/click?pid=166&offer_id=41297&sub4=91387 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=630&cid=622b14a4675232000174b5b5&sid=166_&udid=&name=&info=MTMsl&blockTime=0 HTTP 302
https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13189374&sub1=622b14a4675232000174b5b5&sub2=166_&sub3=MTMsl_nat2&sub4=EDEE9A54-1A21-4107-947D-62A3B5BAC3E2&sub5=id284035177&sub6=682200 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=682200616&q=

Request Chain 54

https://mookomedia.g2afse.com/click?pid=42&offer_id=256569&sub1=NCT_iphone_fr_ofid12637192_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat26_sub4_sub5&sub4=682200738_738_{sub2}&sub5=id1413942319 HTTP 302
https://appalgo.g2afse.com/click?pid=304&offer_id=91073&sub1=622b14a4f5ab980001846ea6&sub2=42_682200738_738_{sub2}&sub3=&sub4=&sub5=id1413942319 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0 HTTP 302
https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_fr_ofid10910945_pid616_sub1_sub2304_sub3appalgorem_nat1_sub4_sub5&sub1=729_4850616&sub2=729_4850616_304&sub3=id1342468799&sub7=id1342468799 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1342468799&sub1=729_4850616&sub2=729_4850616_304 HTTP 302
https://offer.alibaba.com/cps/rq9rg325?tp1=622b14a4eba1190001dfc543&pid=729_4850616&adid=

Request Chain 55

https://waardex.g2afse.com/click?pid=134&offer_id=103584&offer_id=5350&sub1=NCT_iphone_fr_ofid13270059_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat27_sub4_sub5&sub2=682200738_738_{sub2}&sub4=id1413942319&sub5=id1413942319 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=931&cid=&sid=134&udid=&name=&info=WaardexSL&blockTime=0 HTTP 302
https://c.allontrk.com/click?offer_id=207525&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13074050_pid616_sub1_sub2134_sub3WaardexSL_nat7_sub4_sub5&pub_sub_id=682200616&pub_sub_sub_id=134&app=id360466413

Request Chain 59

https://click.mnmnck.com/tracking/clicks?clickid=NCT_iphone_fr_ofid13218471_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat31_sub4_sub5&trafficsource=1373671014&offerid=441090158828585486&pub_subid=682200738_738_{sub2}&sub_placement=id1413942319 HTTP 302
https://apps.apple.com/fr/app/pmu-fr-pari-hippique-turf/id369344998?uo=4

Request Chain 61

https://md412.trckswrm.com/click?offer_id=232851&pub_id=10&pub_click_id=NCT_iphone_fr_ofid13067533_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat33_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319 HTTP 302
https://ultrapartners.com/redirect/id/36343/b/1/l/149/tp/h/s/AgIeapcAAAF_eEiiAwADmoUAAAAsAAAABQ&subaff=44/tm/0 HTTP 302
https://ucconn.live/es/?id=53208479&affid=36343&m=0&landing=h&referrer=&src=AgIeapcAAAF_eEiiAwADmoUAAAAsAAAABQ&subaff=44 HTTP 301
https://www.unique-private.online/es/?id=53208479&affid=36343&m=0&landing=h&referrer=&src=AgIeapcAAAF_eEiiAwADmoUAAAAsAAAABQ&subaff=44&ucconn_uin=1429772700622b14a5312381.81749098

Request Chain 63

https://click.appmultiple.net/tracking/click?clickid=NCT_iphone_fr_ofid12830469_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat35_sub4_sub5&trafficsource=1373692397&offerid=439329973051188517&pub_subid=682200738_738_{sub2}&sub_placement=id1413942319 HTTP 302
https://apps.apple.com/fr/app/cdiscount/id398364165?uo=4

Request Chain 66

https://click.appmultiple.net/tracking/click?clickid=NCT_iphone_fr_ofid13230467_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat38_sub4_sub5&trafficsource=1373692397&offerid=441280005241439070&pub_subid=682200738_738_{sub2}&sub_placement=id1413942319 HTTP 302
https://apps.apple.com/us/app/omada-make-sport-social/id1534593212?uo=4

Request Chain 67

https://ila3.co/o/248502?p=17&aff_clickid=NCT_iphone_fr_ofid13234990_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat39_sub4_sub5&sub1=682200738_738_{sub2}&app_name=id1413942319 HTTP 302
https://impression.appsflyer.com/id1332596741?af_prt=mobuppagency&pid=z2adigital_int&c=248502&af_siteid=S6pFJIRY&af_cost_model=CPI&af_viewthrough_lookback=1d&clickid=1111eca11ca8b9600013a8db_248502_271067&advertising_id=&idfa=&af_c_id=248502&af_ad_type=banner&af_media_type=app&af_adset_id=271067&af_adset=271067&af_ad_id=271067%7C248502%7Cz1g4z66k3t32f3%7C%7C509933322%7C0%7C0&af_ad=271067%7C248502%7Cz1g4z66k3t32f3%7C%7C509933322%7C0%7C0

Request Chain 69

https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
https://www.google.com/

Request Chain 79

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 96

https://ttmma.go2affise.com/click?pid=21&offer_id=482434&sub1=NCT_iphone_fr_ofid13023710_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat46_sub4_sub5&sub2=682200738_738_{sub2}&sub5=id1360098321 HTTP 302
https://ttmma.go2affise.com/click?pid=17&offer_id=543704&sub1=&sub2=21&sub4=&sub5=id1360098321&sub6=&sub8= HTTP 302
https://trk.whisursand.com/click?affid=25&clickid=622b14a4ed4c040001dc4b40&category=01&androidid=&iosidfa=

Request Chain 98

https://advdgt.trckswrm.com/click?offer_id=292597&pub_id=7&pub_click_id=NCT_iphone_fr_ofid13216570_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat48_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1360098321 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200738&creativeid=POP&category=01&androidid=

Request Chain 99

https://mookomedia.g2afse.com/click?pid=42&offer_id=260519&sub1=NCT_iphone_fr_ofid13023383_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat49_sub4_sub5&sub4=682200738_738_{sub2}&sub5=id1360098321 HTTP 302
https://2idol64.mapuravity.com/2idol64?p=42_682200738_738_{sub2}&sid=622b14a4b7186f00018aa0a9&android_id=&android_a_id=&idfa=&app_id=id1360098321&param1=

Request Chain 100

https://adjar.gotrackier.com/click?campaign_id=3227&pub_id=104&p1=NCT_iphone_fr_ofid13257335_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat50_sub4_sub5&source=682200738_738_{sub2}&app_name=id1360098321 HTTP 302
https://apts.trckswrm.com/click?offer_id=587693&pub_id=79&pub_click_id=622b14a56d68c00341c6ce47&pub_sub_id=104&pub_sub_sub_id=682200738_738_{sub2}&app=id1360098321&gaid=&idfa=

Request Chain 103

https://mookomedia.g2afse.com/click?pid=42&offer_id=334682&sub1=NCT_iphone_fr_ofid13219634_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat53_sub4_sub5&sub4=682200738_738_{sub2}&sub5=id1360098321 HTTP 302
https://appalgo.g2afse.com/click?pid=304&offer_id=97558&sub1=622b14a4f4429a00017942fe&sub2=42_682200738_738_{sub2}&sub3=&sub4=&sub5=id1360098321 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0 HTTP 302
https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13189374&sub1=&sub2=304&sub3=appalgorem_nat2&sub4=5C07667D-90DE-4CFC-BD5E-11F5E5AE68D5&sub5=id505500141&sub6=682200 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://ermoza.g2afse.com/click?pid=31&offer_id=16118&sub1=NCT_iphone_fr_ofid13264668_pid616_sub1_sub2_sub3TbLabq_nat12_sub4_sub5&sub2=682200616_&sub3=id290638154 HTTP 302
https://ermoza.g2afse.com/click?pid=1&offer_id=2171 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=600&cid=622b14a575c938000144041b&sid=1_&udid=&name=&info=ExplorAdsSL&blockTime=0 HTTP 302
https://ad-experience.g2afse.com/click?pid=2&offer_id=689671&sub1=NCT_iphone_fr_ofid13220302_pid616_sub1622b14a575c938000144041b_sub21__sub3ExplorAdsSL_nat5_sub4_sub5&sub2=682200616_1_&sub5=id1453989822

Request Chain 104

https://labmediasolutions.g2afse.com/click?pid=3&offer_id=185140&sub1=NCT_iphone_fr_ofid13266681_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat54_sub4_sub5&sub2=682200738_738_{sub2}&sub3=id1360098321&sub4=8B0690CC-2C64-47F7-B5D4-CF400A3F7733 HTTP 302
https://labmediasolutions.g2afse.com/click?pid=1&offer_id=73371 HTTP 302
https://www.freegames4play.com/

Request Chain 108

https://brainadv.g2afse.com/click?pid=3&offer_id=757372&sub3=NCT_iphone_fr_ofid13257232_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat58_sub4_sub5&sub1=682200738_738_{sub2}&sub2=id1360098321 HTTP 302
https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=682200738_738_{sub2}&idfa=&gaid=&app=id1360098321

Request Chain 109

https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
https://www.google.com/

Request Chain 110

https://c.allontrk.com/click?offer_id=210089&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13070713_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat42_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&gaid=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&idfa=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&app=id1360098321 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 112

https://c.allontrk.com/click?offer_id=184925&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13074040_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat44_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&gaid=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&idfa=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&app=id1360098321 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 113

https://c.allontrk.com/click?offer_id=210088&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13070648_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat47_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1360098321 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 115

https://c.allontrk.com/click?offer_id=120159&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13072586_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat9_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 117

https://c.allontrk.com/click?offer_id=208552&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13069692_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat51_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&gaid=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&idfa=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&app=id1360098321 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 118

https://ad-experience.g2afse.com/click?pid=2&offer_id=699140&sub1=NCT_iphone_fr_ofid13262870_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat52_sub4_sub5&sub2=682200738_738_{sub2}&sub5=id1360098321 HTTP 0
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=699140&sub3=2

Request Chain 119

https://mookomedia.g2afse.com/click?pid=42&offer_id=334682&sub1=NCT_iphone_fr_ofid13219634_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat53_sub4_sub5&sub4=682200738_738_{sub2}&sub5=id1360098321 HTTP 302
https://appalgo.g2afse.com/click?pid=304&offer_id=97558&sub1=622b14a50bd2da00012c6ec0&sub2=42_682200738_738_{sub2}&sub3=&sub4=&sub5=id1360098321 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0 HTTP 302
https://trk.games-to-run123.com/click?affid=47&cmpid=46c3758f65064e16&clickid=NCT_iphone_fr_ofid13267640_pid616_sub1_sub2304_sub3appalgorem_nat6_sub4_sub5&siteid=682200616_304&androidid=91D706A2-8316-4745-9D22-02F49D191A0C&iosidfa=91D706A2-8316-4745-9D22-02F49D191A0C

Request Chain 124

https://appricotads.g2afse.com/click?pid=251&offer_id=29613&ref_id=NCT_iphone_fr_ofid12711076_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat56_sub4_sub5&sub1=251_4850738&sub2=738_{sub2}&sub6=id1360098321 HTTP 0
http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850738&sub2=738_{sub2}&sub3=&sub4=&sub5=251&sub6=251_4850738&sub7=738_{sub2}&sub8=29613

Request Chain 125

https://brainadv.g2afse.com/click?pid=3&offer_id=757372&sub3=NCT_iphone_fr_ofid13257232_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat58_sub4_sub5&sub1=682200738_738_{sub2}&sub2=id1360098321 HTTP 302
https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=682200738_738_{sub2}&idfa=&gaid=&app=id1360098321 HTTP 0
http://brainadv.g2afse.com/sl?id=60e2066c8bff280d95069af4&pid=17&sub1=16.25&sub3=An5299IAAAF_eEin-gAAAAAAAAAZAAAABQ&sub2=id1360098321&sub4=&sub5=&sub8=9gJf7FfkwDoFuRa1X9i__28

Request Chain 126

https://ad-experience.g2afse.com/click?pid=2&offer_id=668436&sub1=NCT_iphone_fr_ofid12769160_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat15_sub4_sub5&sub2=682200738_738_{sub2}&sub5=id1413942319 HTTP 0
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=668436&sub3=2

Request Chain 127

https://appricotads.g2afse.com/click?pid=251&offer_id=440373&ref_id=NCT_iphone_fr_ofid13260348_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat16_sub4_sub5&sub1=251_4850738&sub2=738_{sub2}&sub6=id1413942319 HTTP 0
http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850738&sub2=738_{sub2}&sub3=&sub4=&sub5=251&sub6=251_4850738&sub7=738_{sub2}&sub8=440373

Request Chain 128

https://c.allontrk.com/click?offer_id=210934&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13071098_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat18_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 129

https://c.allontrk.com/click?offer_id=210125&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13072041_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat20_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 130

https://t.9696.me/click?pid=729&offer_id=146666&sub4=NCT_iphone_fr_ofid7838849_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat21_sub4_sub5&sub1=729_4850738&sub2=729_4850738_738_{sub2}&sub3=id1413942319&sub7=id1413942319 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1413942319&sub1=729_4850738&sub2=729_4850738_738_{sub2} HTTP 302
https://offer.alibaba.com/cps/3ba4i0jh?tp1=622b14a6451a820001fd8c42&pid=729_4850738&adid= HTTP 0
http://offer.alibaba.com/product/w404

Request Chain 131

https://c.allontrk.com/click?offer_id=145251&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13069141_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat22_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 132

https://zildd.g2afse.com/click?pid=35&offer_id=3428510&sub1=NCT_iphone_fr_ofid13063122_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat25_sub4_sub5&sub2=682200738_738_{sub2}&sub3=id1413942319&sub4=5B2C59D6-CD91-499E-9C1E-30BB5AB332C3 HTTP 0
http://zildd.g2afse.com/disabled.html

Request Chain 133

https://mookomedia.g2afse.com/click?pid=42&offer_id=256569&sub1=NCT_iphone_fr_ofid12637192_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat26_sub4_sub5&sub4=682200738_738_{sub2}&sub5=id1413942319 HTTP 302
https://appalgo.g2afse.com/click?pid=304&offer_id=91073&sub1=622b14a6d590320001bfa0fc&sub2=42_682200738_738_{sub2}&sub3=&sub4=&sub5=id1413942319 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0 HTTP 302
https://advdgt.trckswrm.com/click?offer_id=83546&pub_id=7&pub_click_id=NCT_iphone_fr_ofid13239268_pid616_sub1_sub2304_sub3appalgorem_nat10_sub4_sub5&pub_sub_id=682200616&pub_sub_sub_id=304&app=id804708947 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200616&creativeid=POP&category=01&androidid=

Request Chain 134

https://waardex.g2afse.com/click?pid=134&offer_id=103584&offer_id=5350&sub1=NCT_iphone_fr_ofid13270059_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat27_sub4_sub5&sub2=682200738_738_{sub2}&sub4=id1413942319&sub5=id1413942319 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=931&cid=&sid=134&udid=&name=&info=WaardexSL&blockTime=0 HTTP 302
https://apts.trckswrm.com/click?offer_id=741267&pub_id=10&pub_click_id=NCT_iphone_fr_ofid13261280_pid616_sub1_sub2134_sub3WaardexSL_nat13_sub4_sub5&pub_sub_id=682200616&pub_sub_sub_id=134&app=id593715088

Request Chain 135

https://c.allontrk.com/click?offer_id=207267&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13005099_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat34_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 137

https://c.allontrk.com/click?offer_id=210072&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13070603_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat36_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 138

https://c.allontrk.com/click?offer_id=164775&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13070357_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat40_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

139 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
10reasonsmile.azurewebsites.net/ 14 KB
6 KB 586ms
285ms Document
text/html 13.67.129.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 13.67.129.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9f8560b75d553050b3c7a65a741a8791b16a2e6e329b3e0d65a4fa9985f79daf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

Content-Length: 5642
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 25 Jul 2019 18:29:59 GMT
Accept-Ranges: bytes
ETag: "5a9f3df71643d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 11 Mar 2022 09:21:38 GMT

GET
H/1.1 200
OK bootstrap.min.css
10reasonsmile.azurewebsites.net/css/ 118 KB
27 KB 182ms
181ms Stylesheet
text/css 13.67.129.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://10reasonsmile.azurewebsites.net/css/bootstrap.min.css
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 13.67.129.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: df6048f6206447db7177cb718878f7565c3dffcec19fd752d1c7b9f3a3568333

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:21:38 GMT
Content-Encoding: gzip
ETag: "d59f5c806036d51:0"
Last-Modified: Tue, 09 Jul 2019 14:13:37 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 27674

GET
H/1.1 200
OK main.css
10reasonsmile.azurewebsites.net/css/ 4 KB
2 KB 165ms
164ms Stylesheet
text/css 13.67.129.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://10reasonsmile.azurewebsites.net/css/main.css
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 13.67.129.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0577a8094f692b33f44666d22bc99606adb61d4a3ff87690b2a07f4c27ebe267

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:21:39 GMT
Content-Encoding: gzip
ETag: "1731ad816036d51:0"
Last-Modified: Tue, 09 Jul 2019 14:13:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1489

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
30 KB 151ms
48ms Script
text/javascript 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f10.1e100.net

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 07:22:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Mar 2023 07:22:17 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
10reasonsmile.azurewebsites.net/js/ 39 KB
14 KB 334ms
182ms Script
application/x-javascript 13.67.129.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://10reasonsmile.azurewebsites.net/js/bootstrap.min.js
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 13.67.129.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a915d483b99af421f4813e6b60599b4e39faff120e54b5e9838386d4ae1a4c60

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:21:39 GMT
Content-Encoding: gzip
ETag: "d9b0667a6036d51:0"
Last-Modified: Tue, 09 Jul 2019 14:13:27 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 14370

GET app.js
private.gilgalpush.com/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
37 KB 167ms
62ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-143001013-1

Requested by

Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6b6fd30626abacfeffd447ef79eeb16b088f9505760dce580ab7f0f6f153b2a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Mar 2022 09:21:40 GMT

GET
H/1.1 200
OK footer.png
10reasonsmile.azurewebsites.net/img/ 29 KB
29 KB 156ms
155ms Image
image/png 13.67.129.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://10reasonsmile.azurewebsites.net/img/footer.png
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 13.67.129.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7d77a681b81f2162cc11245da496c9369db1cf69d36f77ec0da69bfce4d05ff0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:21:39 GMT
Last-Modified: Tue, 09 Jul 2019 14:12:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "5d75e656036d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 29773

GET
H/1.1 200
OK Screenshot_2.png
10reasonsmile.azurewebsites.net/img/ 30 KB
30 KB 153ms
152ms Image
image/png 13.67.129.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://10reasonsmile.azurewebsites.net/img/Screenshot_2.png
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 13.67.129.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bf5f39432e2358863ccaa9a00ea78553e41eb194b3ee16a299716bbc753693a6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:21:39 GMT
Last-Modified: Tue, 09 Jul 2019 14:13:01 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "8059a16a6036d51:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 30917

GET
H/1.1 200
OK n.js Show response
cdn.runative-syndicate.com/sdk/v1/ 13 KB
5 KB 112ms
48ms Script
application/javascript 67.27.159.121
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.runative-syndicate.com/sdk/v1/n.js
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 67.27.159.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 653b2325d22c32a353ca70c93bc56b618a4af7a2294790bd639527ad0d3632ba

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 08:46:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 08:36:05 GMT
Server: nginx
Age: 18232494
ETag: W/"6114dd75-3202"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 5220

GET
H/1.1 200
OK topics-item01.jpg
10reasonsmile.azurewebsites.net/img/ 4 KB
5 KB 340ms
189ms Image
image/jpeg 13.67.129.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://10reasonsmile.azurewebsites.net/img/topics-item01.jpg
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 13.67.129.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 306c6d5ab9f0e945797a29d75fd1a94ab1cf1a6d1b8721939136c42899e13373

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:21:39 GMT
Last-Modified: Tue, 09 Jul 2019 14:13:11 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "3ae8e2706036d51:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4545

GET
H/1.1 200
OK topics-item02.jpg
10reasonsmile.azurewebsites.net/img/ 77 KB
77 KB 332ms
181ms Image
image/jpeg 13.67.129.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://10reasonsmile.azurewebsites.net/img/topics-item02.jpg
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 13.67.129.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0e134e5da29be292d123e718fc5d5d59a028fd901518e58dc435fed2463a56a0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:21:40 GMT
Last-Modified: Tue, 09 Jul 2019 14:13:14 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "7cff9b726036d51:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 78501

GET
H/1.1 200
OK topics-item03.jpg
10reasonsmile.azurewebsites.net/img/ 35 KB
35 KB 343ms
191ms Image
image/jpeg 13.67.129.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://10reasonsmile.azurewebsites.net/img/topics-item03.jpg
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 13.67.129.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f3aab753eb89f507c9bc9b2ff996f4911739958eb2d956bb9139c3b49ece6f01

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:21:40 GMT
Last-Modified: Tue, 09 Jul 2019 14:13:17 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "4f8734746036d51:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 35657

GET
H/1.1 200
OK topics-item04.jpg
10reasonsmile.azurewebsites.net/img/ 52 KB
52 KB 154ms
153ms Image
image/jpeg 13.67.129.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://10reasonsmile.azurewebsites.net/img/topics-item04.jpg
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 13.67.129.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e44db228ac747196dd66ddf123625cb0db9d06815785a5a05129c8ecf2213b2e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:21:39 GMT
Last-Modified: Tue, 09 Jul 2019 14:13:19 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "513fcc756036d51:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 52826

GET
H/1.1 200
OK topics-item05.jpg
10reasonsmile.azurewebsites.net/img/ 76 KB
76 KB 153ms
153ms Image
image/jpeg 13.67.129.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://10reasonsmile.azurewebsites.net/img/topics-item05.jpg
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 13.67.129.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d4aaf0a43e3a8172c956a18ee8381ef49d90acd4b6c00900cc0e7b6bc8704d14

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:21:39 GMT
Last-Modified: Tue, 09 Jul 2019 14:13:22 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "e2b587776036d51:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 78061

GET
H/1.1 200
OK custom.js Show response
10reasonsmile.azurewebsites.net/js/ 0
261 B 153ms
153ms Script
application/x-javascript 13.67.129.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://10reasonsmile.azurewebsites.net/js/custom.js
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 13.67.129.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:21:39 GMT
Last-Modified: Tue, 09 Jul 2019 14:13:29 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "6499a27b6036d51:0"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 0

GET
H2 200 hRkZEZcN7-A Show response
www.youtube.com/embed/ Frame 018A 59 KB
26 KB 218ms
114ms Document
text/html 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/hRkZEZcN7-A

Requested by

Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

9005ecc6931dc356a697fb50a62cf33c823c2a2d57c0d426e835a4d87b0ffa36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Mar 2022 09:21:40 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK bg.jpg
10reasonsmile.azurewebsites.net/img/ 8 KB
8 KB 248ms
156ms Image
image/jpeg 13.67.129.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://10reasonsmile.azurewebsites.net/img/bg.jpg
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/css/main.css
Protocol: HTTP/1.1
Server: 13.67.129.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cfa5028218f5b74e6820c3faa8fd932b255544a764f692d83cf0ea3829429be2

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:21:39 GMT
Last-Modified: Tue, 09 Jul 2019 14:12:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "c1d1ca5d6036d51:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 7860

GET
H/1.1 200
OK n.css
cdn.run-syndicate.com/sdk/v1/ 8 KB
8 KB 370ms
175ms Stylesheet
text/css 65.58.27.249
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.run-syndicate.com/sdk/v1/n.css
Requested by: Host: cdn.runative-syndicate.com
URL: http://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: HTTP/1.1
Server: 65.58.27.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 08:54:50 GMT
Last-Modified: Thu, 12 Aug 2021 08:36:05 GMT
Server: nginx
Age: 18232010
ETag: "6114dd75-2055"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 8277

GET
H/1.1 404
Not Found dynamic
run-syndicate.com/do2/0e22dc540f9d44abb3db44af8b0e3310/ 0
0 124ms
57ms Script
text/plain 162.55.130.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run-syndicate.com/do2/0e22dc540f9d44abb3db44af8b0e3310/dynamic?format=jsonp&count=1&w=1600&h=1200&keywords=Top,Reasons,You,Should,Smile,Every,Day&adtype=label-under&callback=callback_pwjti
Requested by: Host: cdn.runative-syndicate.com
URL: http://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: HTTP/1.1
Server: 162.55.130.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.248.130.55.162.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Mar 2022 09:21:40 GMT
Server: nginx
X-Api-Version: 2
Vary: *
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store, no-transform, must-revalidate
Connection: keep-alive
Content-Length: 28
X-Request-Id: 8345e5b96d9ebe7c
Expires: 0

GET
H/1.1 404
Not Found dynamic
run-syndicate.com/do2/0e22dc540f9d44abb3db44af8b0e3310/ 0
0 116ms
56ms Script
text/plain 162.55.130.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run-syndicate.com/do2/0e22dc540f9d44abb3db44af8b0e3310/dynamic?format=jsonp&count=1&w=1600&h=1200&keywords=Top,Reasons,You,Should,Smile,Every,Day&adtype=label-under&callback=callback_luevt
Requested by: Host: cdn.runative-syndicate.com
URL: http://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: HTTP/1.1
Server: 162.55.130.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.248.130.55.162.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Mar 2022 09:21:40 GMT
Server: nginx
X-Api-Version: 2
Vary: *
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store, no-transform, must-revalidate
Connection: keep-alive
Content-Length: 28
X-Request-Id: 2f042aec232c1261
Expires: 0

GET
H/1.1 404
Not Found dynamic
run-syndicate.com/do2/124d81d798d4451ca900766aa5adb262/ 0
0 114ms
56ms Script
text/plain 162.55.130.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://run-syndicate.com/do2/124d81d798d4451ca900766aa5adb262/dynamic?format=jsonp&count=6&w=1600&h=1200&keywords=Top,Reasons,You,Should,Smile,Every,Day&adtype=label-under&callback=callback_NlarA
Requested by: Host: cdn.runative-syndicate.com
URL: http://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: HTTP/1.1
Server: 162.55.130.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.248.130.55.162.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Mar 2022 09:21:40 GMT
Server: nginx
X-Api-Version: 2
Vary: *
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store, no-transform, must-revalidate
Connection: keep-alive
Content-Length: 28
X-Request-Id: 2150301b5d57d94e
Expires: 0

GET
H2 200 fantastic.html Show response
cpi-offers.com/ Frame 7CBA 11 KB
2 KB 155ms
48ms Document
text/html 3.120.62.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.62.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-62-32.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: 83fdd1a4d845a805ca1f35f55e3ebdb6197a1d6403e49e48915a3a7a09e8a892

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-type: text/html; charset=utf-8
server: nginx/1.14.1
x-powered-by: Express
access-control-allow-origin: *
etag: W/"2a51-nU43ySwsOoonjVq+LljN2mjKctw"
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 fantastic.html Show response
cpi-offers.com/ Frame C65F 5 KB
1 KB 670ms
638ms Document
text/html 3.120.62.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.62.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-62-32.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: 164bd4dedb19e1ea61c4ff9885ce554323a4db4bd860fff68c27dcb6c0b3919e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-type: text/html; charset=utf-8
server: nginx/1.14.1
x-powered-by: Express
access-control-allow-origin: *
etag: W/"15a7-g4q4HZbqFtqCRwMcWkRziJgTCV0"
vary: Accept-Encoding
content-encoding: gzip

GET
H/1.1 200
OK backup.js Show response
cdn.run-syndicate.com/sdk/v1/ 2 KB
1 KB 350ms
175ms Script
application/javascript 65.58.27.249
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.run-syndicate.com/sdk/v1/backup.js?count=1&w=1600&h=1200&keywords=Top,Reasons,You,Should,Smile,Every,Day&adtype=label-under&spot=0e22dc540f9d44abb3db44af8b0e3310&callback=callback_SMbF9
Requested by: Host: cdn.runative-syndicate.com
URL: http://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: HTTP/1.1
Server: 65.58.27.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: d9e0b79a0def9421c2976d45af2c7487e8cb8168a1b34f63fcbb7a156aac404c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 09:31:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Aug 2021 09:24:21 GMT
Server: nginx
Age: 18748185
ETag: W/"610cffc5-9bc"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 1017

GET
H/1.1 200
OK backup.js Show response
cdn.run-syndicate.com/sdk/v1/ 2 KB
1 KB 350ms
175ms Script
application/javascript 65.58.27.249
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.run-syndicate.com/sdk/v1/backup.js?count=1&w=1600&h=1200&keywords=Top,Reasons,You,Should,Smile,Every,Day&adtype=label-under&spot=0e22dc540f9d44abb3db44af8b0e3310&callback=callback_qHhbn
Requested by: Host: cdn.runative-syndicate.com
URL: http://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: HTTP/1.1
Server: 65.58.27.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: d9e0b79a0def9421c2976d45af2c7487e8cb8168a1b34f63fcbb7a156aac404c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 09:31:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Aug 2021 09:24:21 GMT
Server: nginx
Age: 18748185
ETag: W/"610cffc5-9bc"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 1017

GET
H/1.1 200
OK backup.js Show response
cdn.run-syndicate.com/sdk/v1/ 2 KB
1 KB 350ms
175ms Script
application/javascript 65.58.27.249
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.run-syndicate.com/sdk/v1/backup.js?count=6&w=1600&h=1200&keywords=Top,Reasons,You,Should,Smile,Every,Day&adtype=label-under&spot=124d81d798d4451ca900766aa5adb262&callback=callback_OFcws
Requested by: Host: cdn.runative-syndicate.com
URL: http://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: HTTP/1.1
Server: 65.58.27.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: d9e0b79a0def9421c2976d45af2c7487e8cb8168a1b34f63fcbb7a156aac404c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 09:31:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Aug 2021 09:24:21 GMT
Server: nginx
Age: 18748185
ETag: W/"610cffc5-9bc"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 1017

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 151ms
47ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143001013-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4608
date: Fri, 11 Mar 2022 08:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 11 Mar 2022 10:04:52 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/87b9576a/ Frame 018A 338 KB
46 KB 48ms
46ms Stylesheet
text/css 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/87b9576a/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hRkZEZcN7-A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

sffe /

Resource Hash

2476db472bf1df970adab62d57f3a0b552319b91459a39a728b10130ed10c817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/hRkZEZcN7-A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 18:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47168
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 01:42:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 Mar 2023 18:40:55 GMT

GET
H2 200 main.js Show response
cpi-offers.com/jsf/ Frame 7CBA 3 KB
1 KB 48ms
44ms Script
application/javascript 3.120.62.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cpi-offers.com/jsf/main.js
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.62.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-62-32.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: 3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-encoding: gzip
etag: "160126-2720-1645428716000"
last-modified: Mon, 21 Feb 2022 07:31:56 GMT
server: nginx/1.14.1
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600

GET

w404
offer.alibaba.com/product/ Frame 7CBA
Redirect Chain

https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_fr_ofid10910945_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat1_sub4_sub5&sub1=729_4850738&sub2=729_4850738_738_{sub2}&sub3=id...
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1413942319&sub1=729_4850738&sub2=729_4850738_738_{sub2}
https://offer.alibaba.com/cps/3ba4i0jh?tp1=622b14a41f63740001cb5049&pid=729_4850738&adid=
http://offer.alibaba.com/product/w404

0
0

GET
H2

200

id1230088754
impression.appsflyer.com/ Frame 7CBA
Redirect Chain

https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=738&offer_id=13189374&sub1={clickid}&sub2=738_{sub2}&sub3=Target3SL_nat2&sub4=5B2C59D6-CD91-499E-9C1E-30BB5AB332C3&sub5=id1413942319&sub6=682200
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0
https://trxrc.com/t/951611?A1=NCT_iphone_fr_ofid13258664_pid616_sub1_sub2_sub3TbLabq_nat13_sub4_sub5&A5=682200616_
https://impression.appsflyer.com/id1230088754?af_prt=cygobelmedia&pid=goplaym_int&af_siteid=1681_682200616__951611_71794_CIC&c=IOS_FR&aff_id=38360&aff_type=cellxpert&af_viewthrough_lookback=1d&clic...

2 B
310 B

80ms
78ms

Stylesheet
text/html

13.224.195.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://impression.appsflyer.com/id1230088754?af_prt=cygobelmedia&pid=goplaym_int&af_siteid=1681_682200616__951611_71794_CIC&c=IOS_FR&aff_id=38360&aff_type=cellxpert&af_viewthrough_lookback=1d&clickid=11eca11ca8e07000934f23d2d46514cf_951611_71794&idfa=&advertising_id=&poid=951611_71794

Requested by

Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0

Protocol

Server

13.224.195.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-77.fra2.r.cloudfront.net

Software

http-kit /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
server: http-kit
x-amz-cf-pop: FRA2-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
cache-control: no-cache
content-length: 2
x-amz-cf-id: 3rSWMUTA19ZwkSUkreIAeSVh7jlmQy0-zhJBTsegK8M942agdLgrlg==

Redirect headers

Location: https://impression.appsflyer.com/id1230088754?af_prt=cygobelmedia&pid=goplaym_int&af_siteid=1681_682200616__951611_71794_CIC&c=IOS_FR&aff_id=38360&aff_type=cellxpert&af_viewthrough_lookback=1d&clickid=11eca11ca8e07000934f23d2d46514cf_951611_71794&idfa=&advertising_id=&poid=951611_71794
Date: Fri, 11 Mar 2022 09:21:40 GMT
Content-Length: 1246
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

GET
H/1.1 204
No Content redirect
direct2.knmasdfsdgs.com/ Frame 7CBA 0
138 B 346ms
109ms Stylesheet
text/html 185.33.87.146
HZ-US-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=682200738&q=
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:21:40 GMT
Server: nginx
Connection: close
Content-Type: text/html; charset=utf-8

GET

redirect
direct4.soldbyphonder.com/ Frame 7CBA
Redirect Chain

https://kuno-gae.com/com.id1413942319?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=a8cdf978-a11c-11ec-93f8-0a8d4c960769

0
0

GET
H2

404

click
trk.whisursand.com/ Frame 7CBA
Redirect Chain

https://ttmma.go2affise.com/click?pid=21&offer_id=518134&sub1=NCT_iphone_fr_ofid12180772_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat5_sub4_sub5&sub2=682200738_738_{sub2}&sub5=id1413942319
https://ttmma.go2affise.com/click?pid=17&offer_id=543704&sub1=&sub2=21&sub4=&sub5=id1413942319&sub6=&sub8=
https://trk.whisursand.com/click?affid=25&clickid=622b14a450ec5300014a7bd2&category=01&androidid=&iosidfa=

0
0

352ms
112ms

Stylesheet
text/html

54.144.26.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.whisursand.com/click?affid=25&clickid=622b14a450ec5300014a7bd2&category=01&androidid=&iosidfa=
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Server: 54.144.26.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-26-10.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-length: 13
content-type: text/html

Redirect headers

location: https://trk.whisursand.com/click?affid=25&clickid=622b14a450ec5300014a7bd2&category=01&androidid=&iosidfa=
date: Fri, 11 Mar 2022 09:21:40 GMT
referer
referrer-policy: no-referrer
server: nginx
access-control-allow-origin: *
content-length: 0

GET
H/1.1 200
OK click
apts.trckswrm.com/ Frame 7CBA 0
75 B 210ms
59ms Stylesheet
text/plain 5.9.6.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=608027&pub_id=10&pub_click_id=NCT_iphone_fr_ofid12956954_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat6_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&gaid=5B2C59D6-CD91-499E-9C1E-30BB5AB332C3&idfa=5B2C59D6-CD91-499E-9C1E-30BB5AB332C3&app=id1413942319
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.6.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.124.6.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-length: 0

GET
H2

404

click
trk.ad-serving-ads.com/ Frame 7CBA
Redirect Chain

https://waardex.g2afse.com/click?pid=134&offer_id=103377&offer_id=5350&sub1=NCT_iphone_fr_ofid13267854_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat7_sub4_sub5&sub2=682200738_738_{sub2}&sub...
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=931&cid=&sid=134&udid=&name=&info=WaardexSL&blockTime=0
https://ermoza.g2afse.com/click?pid=31&offer_id=16198&sub1=NCT_iphone_fr_ofid13270100_pid616_sub1_sub2134_sub3WaardexSL_nat9_sub4_sub5&sub2=682200616_134&sub3=id281940292
https://ermoza.g2afse.com/click?pid=1&offer_id=2171
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=600&cid=622b14a44f2a450001d0a222&sid=1_&udid=&name=&info=ExplorAdsSL&blockTime=0
https://advdgt.trckswrm.com/click?offer_id=83546&pub_id=7&pub_click_id=NCT_iphone_fr_ofid13239268_pid616_sub1622b14a44f2a450001d0a222_sub21__sub3ExplorAdsSL_nat10_sub4_sub5&pub_sub_id=682200616&pub...
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200616&creativeid=POP&category=01&androidid=

0
0

111ms
111ms

Stylesheet
text/html

54.88.202.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200616&creativeid=POP&category=01&androidid=
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Server: 54.88.202.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-202-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:41 GMT
content-length: 13
content-type: text/html

Redirect headers

location: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200616&creativeid=POP&category=01&androidid=
date: Fri, 11 Mar 2022 09:21:40 GMT
referrer-policy: no-referrer
content-length: 0

GET
H2

200

id1378956601
impression.appsflyer.com/ Frame 7CBA
Redirect Chain

https://ila3.co/o/251178?p=17&aff_clickid=NCT_iphone_fr_ofid13254655_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat8_sub4_sub5&sub1=682200738_738_{sub2}&app_name=id1413942319
https://impression.appsflyer.com/id1378956601?af_prt=moblin&pid=z2adigital_int&c=Zoomd_Kucoin_IOS_FR&af_siteid=21_z17inacnaba48w&af_viewthrough_lookback=1d&clickid=3521eca11ca8b9ae2064185d_251178_2...

2 B
311 B

181ms
75ms

Stylesheet
text/html

13.224.195.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://impression.appsflyer.com/id1378956601?af_prt=moblin&pid=z2adigital_int&c=Zoomd_Kucoin_IOS_FR&af_siteid=21_z17inacnaba48w&af_viewthrough_lookback=1d&clickid=3521eca11ca8b9ae2064185d_251178_274003&advertising_id=&idfa=&af_c_id=251178&af_ad_type=banner&af_media_type=app&af_adset_id=274003&af_adset=274003&af_ad_id=274003%7C251178%7Czlpccooq8shla%7C%7C509933322%7C0%7C0&af_ad=274003%7C251178%7Czlpccooq8shla%7C%7C509933322%7C0%7C0

Requested by

Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0

Protocol

Server

13.224.195.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-77.fra2.r.cloudfront.net

Software

http-kit /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
server: http-kit
x-amz-cf-pop: FRA2-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
cache-control: no-cache
content-length: 2
x-amz-cf-id: 8O328MFCR4jKXEH_GYYwBC5Lpg3S3MQikPtGBeSpkVD2Okrm3OoGUw==

Redirect headers

pragma: no-cache
date: Fri, 11 Mar 2022 09:21:40 GMT
referrer-policy: no-referrer
content-type: text/html; charset=utf-8
location: https://impression.appsflyer.com/id1378956601?af_prt=moblin&pid=z2adigital_int&c=Zoomd_Kucoin_IOS_FR&af_siteid=21_z17inacnaba48w&af_viewthrough_lookback=1d&clickid=3521eca11ca8b9ae2064185d_251178_274003&advertising_id=&idfa=&af_c_id=251178&af_ad_type=banner&af_media_type=app&af_adset_id=274003&af_adset=274003&af_ad_id=274003%7C251178%7Czlpccooq8shla%7C%7C509933322%7C0%7C0&af_ad=274003%7C251178%7Czlpccooq8shla%7C%7C509933322%7C0%7C0
cache-control: no-store, no-cache, must-revalidate
keep-alive: timeout=5
content-length: 0
expires: 0

GET click
c.allontrk.com/ Frame 7CBA 0
0

GET
H2

404

click
trk.ad-serving-ads.com/ Frame 7CBA
Redirect Chain

https://advdgt.trckswrm.com/click?offer_id=83546&pub_id=7&pub_click_id=NCT_iphone_fr_ofid13239268_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat10_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_...
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200738&creativeid=POP&category=01&androidid=

0
0

365ms
111ms

Stylesheet
text/html

54.88.202.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200738&creativeid=POP&category=01&androidid=
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Server: 54.88.202.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-202-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-length: 13
content-type: text/html

Redirect headers

location: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200738&creativeid=POP&category=01&androidid=
date: Fri, 11 Mar 2022 09:21:40 GMT
referrer-policy: no-referrer
content-length: 0

GET
H2

200

/
www.unique-private.online/es/ Frame 7CBA
Redirect Chain

https://md412.trckswrm.com/click?offer_id=235801&pub_id=10&pub_click_id=NCT_iphone_fr_ofid13233795_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat11_sub4_sub5&pub_sub_id=682200738&pub_sub_sub...
https://ultrapartners.com/redirect/id/36343/b/1/l/149/tp/h/s/Aha-0sEAAAF_eEiiBAADmoUAAAAsAAAABQ&subaff=44/tm/0
https://ucconn.live/es/?id=53208480&affid=36343&m=0&landing=h&referrer=&src=Aha-0sEAAAF_eEiiBAADmoUAAAAsAAAABQ&subaff=44
https://www.unique-private.online/es/?id=53208480&affid=36343&m=0&landing=h&referrer=&src=Aha-0sEAAAF_eEiiBAADmoUAAAAsAAAABQ&subaff=44&ucconn_uin=1290735865622b14a5341480.97386835

0
0

573ms
399ms

Stylesheet
text/html

188.114.97.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unique-private.online/es/?id=53208480&affid=36343&m=0&landing=h&referrer=&src=Aha-0sEAAAF_eEiiBAADmoUAAAAsAAAABQ&subaff=44&ucconn_uin=1290735865622b14a5341480.97386835
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Server: 188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Fri, 11 Mar 2022 09:21:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
location: https://www.unique-private.online/es/?id=53208480&affid=36343&m=0&landing=h&referrer=&src=Aha-0sEAAAF_eEiiBAADmoUAAAAsAAAABQ&subaff=44&ucconn_uin=1290735865622b14a5341480.97386835
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3il7yBZZWqZ06j%2FVwCc6T2ciQwPmDytiQafCE4g7FlOwVJX3gm3rRvU5KwIH%2FDe1Uxv6Jg%2BUS1BbYDVNJ5wszbZxHEAhXJVhICRH1T%2B5WosKMFwLhiifr%2B0%2BG6VX"}],"group":"cf-nel","max_age":604800}
cf-ray: 6ea338a82f263b7f-CDG
access-control-allow-headers: origin, x-requested-with, content-type
x-xss-protection: 1; mode=block

GET
H2

404

click
trk.ad-serving-ads.com/ Frame 7CBA
Redirect Chain

https://advdgt.trckswrm.com/click?offer_id=251019&pub_id=7&pub_click_id=NCT_iphone_fr_ofid12830917_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat12_sub4_sub5&pub_sub_id=682200738&pub_sub_sub...
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200738&creativeid=POP&category=01&androidid=

0
0

366ms
112ms

Stylesheet
text/html

54.88.202.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200738&creativeid=POP&category=01&androidid=
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Server: 54.88.202.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-202-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-length: 13
content-type: text/html

Redirect headers

location: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200738&creativeid=POP&category=01&androidid=
date: Fri, 11 Mar 2022 09:21:40 GMT
referrer-policy: no-referrer
content-length: 0

GET
H2

200

id1230088754
impression.appsflyer.com/ Frame 7CBA
Redirect Chain

https://trxrc.com/t/951627?A1=NCT_iphone_fr_ofid13258663_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat13_sub4_sub5&A5=682200738_738_{sub2}
https://impression.appsflyer.com/id1230088754?af_prt=cygobelmedia&pid=keybali_int&c=IOS_FR&aff_id=38360&aff_type=cellxpert&af_siteid=1681_682200738_738_%7Bsub2%7D_951627_71799_%20Crypto%20&%20Trade...

2 B
310 B

76ms
75ms

Stylesheet
text/html

13.224.195.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://impression.appsflyer.com/id1230088754?af_prt=cygobelmedia&pid=keybali_int&c=IOS_FR&aff_id=38360&aff_type=cellxpert&af_siteid=1681_682200738_738_%7Bsub2%7D_951627_71799_%20Crypto%20&%20Trade%20CFDs&af_viewthrough_lookback=1d&clickid=11eca11ca8d30280934f23d2d46514cf_951627_71799&idfa=&advertising_id=

Requested by

Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0

Protocol

Server

13.224.195.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-77.fra2.r.cloudfront.net

Software

http-kit /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
server: http-kit
x-amz-cf-pop: FRA2-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
cache-control: no-cache
content-length: 2
x-amz-cf-id: geE3i8df8LRXkVBfEkANuy-8fGW816avnQVtLWch-iBQAsNDhuOnKw==

Redirect headers

Location: https://impression.appsflyer.com/id1230088754?af_prt=cygobelmedia&pid=keybali_int&c=IOS_FR&aff_id=38360&aff_type=cellxpert&af_siteid=1681_682200738_738_%7Bsub2%7D_951627_71799_%20Crypto%20&%20Trade%20CFDs&af_viewthrough_lookback=1d&clickid=11eca11ca8d30280934f23d2d46514cf_951627_71799&idfa=&advertising_id=
Date: Fri, 11 Mar 2022 09:21:40 GMT
Content-Length: 1285
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

GET

redirect
direct4.soldbyphonder.com/ Frame 7CBA
Redirect Chain

https://mookomedia.g2afse.com/click?pid=42&offer_id=203427&sub1=NCT_iphone_fr_ofid11753141_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat14_sub4_sub5&sub4=682200738_738_{sub2}&sub5=id1413942319
https://appalgo.g2afse.com/click?pid=304&offer_id=88502&sub1=622b14a4d5b6960001816ec9&sub2=42_682200738_738_{sub2}&sub3=&sub4=&sub5=id1413942319
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0
https://kuno-gae.com/com.id1453411110?adTagId=02e994e0-6245-11eb-b38b-0a81a74fa1fd
https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=a8dbdc28-a11c-11ec-82ba-123e9f22444f

0
0

GET click
ad-experience.g2afse.com/ Frame 7CBA 0
0

GET click
appricotads.g2afse.com/ Frame 7CBA 0
0

GET
H/1.1 200
OK click
lambadapp.trckswrm.com/ Frame 7CBA 0
75 B 206ms
57ms Stylesheet
text/plain 116.202.243.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lambadapp.trckswrm.com/click?offer_id=156&pub_id=10&pub_click_id=NCT_iphone_fr_ofid13243193_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat17_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319&ext_offer_id={offer_id}&ext_pub_id=682200738
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.243.43 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.243.202.116.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-length: 0

GET click
c.allontrk.com/ Frame 7CBA 0
0

GET
H/1.0 503
Service Unavailable click
adcrt.trckswrm.com/ Frame 7CBA 0
0 204ms
56ms Stylesheet
text/html 116.202.135.115
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adcrt.trckswrm.com/click?offer_id=163249&pub_id=9&pub_click_id=NCT_iphone_fr_ofid11437561_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat19_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: HTTP/1.0
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.135.115 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.115.135.202.116.clients.your-server.de
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET click
c.allontrk.com/ Frame 7CBA 0
0

GET

3ba4i0jh
offer.alibaba.com/cps/ Frame 7CBA
Redirect Chain

https://t.9696.me/click?pid=729&offer_id=146666&sub4=NCT_iphone_fr_ofid7838849_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat21_sub4_sub5&sub1=729_4850738&sub2=729_4850738_738_{sub2}&sub3=id...
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1413942319&sub1=729_4850738&sub2=729_4850738_738_{sub2}
https://offer.alibaba.com/cps/3ba4i0jh?tp1=622b14a44627fc0001083197&pid=729_4850738&adid=

0
0

GET click
c.allontrk.com/ Frame 7CBA 0
0

GET
H/1.1 200
OK click
apply.trckswrm.com/ Frame 7CBA 0
75 B 185ms
57ms Stylesheet
text/plain 5.9.6.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apply.trckswrm.com/click?offer_id=45975&pub_id=29&pub_click_id=NCT_iphone_fr_ofid13253360_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat23_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319&idfa=5B2C59D6-CD91-499E-9C1E-30BB5AB332C3&gaid=5B2C59D6-CD91-499E-9C1E-30BB5AB332C3
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.6.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.124.6.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-length: 0

GET
H/1.1

204
No Content

redirect
direct2.knmasdfsdgs.com/ Frame 7CBA
Redirect Chain

https://maxtopmedia.g2afse.com/click?pid=166&offer_id=91387&sub1=NCT_iphone_fr_ofid13243890_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat24_sub4_sub5&sub2=682200738_738_{sub2}&sub4=id141394...
https://maxtopmedia.g2afse.com/click?pid=166&offer_id=41297&sub4=91387
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=630&cid=622b14a4675232000174b5b5&sid=166_&udid=&name=&info=MTMsl&blockTime=0
https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13189374&sub1=622b14a4675232000174b5b5&sub2=166_&sub3=MTMsl_nat2&sub4=EDEE9A54-1A21-4107-947D-62A3B5BAC3E2&sub5=id284035177&sub6=6...
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0
https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=682200616&q=

0
138 B

320ms
111ms

Stylesheet
text/html

185.33.87.146
HZ-US-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=682200616&q=
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: HTTP/1.1
Server: 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:21:40 GMT
Server: nginx
Connection: close
Content-Type: text/html; charset=utf-8

Redirect headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-encoding: gzip
server: nginx/1.14.1
location: https://direct2.knmasdfsdgs.com/redirect?aff=10057&saff=682200616&q=
x-powered-by: Express
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *

GET click
zildd.g2afse.com/ Frame 7CBA 0
0

GET

rq9rg325
offer.alibaba.com/cps/ Frame 7CBA
Redirect Chain

https://mookomedia.g2afse.com/click?pid=42&offer_id=256569&sub1=NCT_iphone_fr_ofid12637192_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat26_sub4_sub5&sub4=682200738_738_{sub2}&sub5=id1413942319
https://appalgo.g2afse.com/click?pid=304&offer_id=91073&sub1=622b14a4f5ab980001846ea6&sub2=42_682200738_738_{sub2}&sub3=&sub4=&sub5=id1413942319
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0
https://t.9696.me/click?pid=729&offer_id=148506&sub4=NCT_iphone_fr_ofid10910945_pid616_sub1_sub2304_sub3appalgorem_nat1_sub4_sub5&sub1=729_4850616&sub2=729_4850616_304&sub3=id1342468799&sub7=id1342...
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1342468799&sub1=729_4850616&sub2=729_4850616_304
https://offer.alibaba.com/cps/rq9rg325?tp1=622b14a4eba1190001dfc543&pid=729_4850616&adid=

0
0

GET

click
c.allontrk.com/ Frame 7CBA
Redirect Chain

https://waardex.g2afse.com/click?pid=134&offer_id=103584&offer_id=5350&sub1=NCT_iphone_fr_ofid13270059_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat27_sub4_sub5&sub2=682200738_738_{sub2}&su...
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=931&cid=&sid=134&udid=&name=&info=WaardexSL&blockTime=0
https://c.allontrk.com/click?offer_id=207525&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13074050_pid616_sub1_sub2134_sub3WaardexSL_nat7_sub4_sub5&pub_sub_id=682200616&pub_sub_sub_id=134&a...

0
0

GET
H/1.1 200
OK click
apts.trckswrm.com/ Frame 7CBA 0
75 B 204ms
58ms Stylesheet
text/plain 5.9.6.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=731537&pub_id=55&pub_click_id=NCT_iphone_fr_ofid13250032_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat28_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.6.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.124.6.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-length: 0

GET
H/1.1 200
OK click
apts.trckswrm.com/ Frame 7CBA 0
75 B 203ms
57ms Stylesheet
text/plain 5.9.6.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=736517&pub_id=55&pub_click_id=NCT_iphone_fr_ofid13256386_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat29_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.6.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.124.6.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-length: 0

GET
H2 404 click
times25.go2affise.com/ Frame 7CBA 0
0 154ms
48ms Stylesheet
text/html 213.227.135.213
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://times25.go2affise.com/click?pid=607&offer_id=150951&sub1=NCT_iphone_fr_ofid10617043_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat30_sub4_sub5&sub2=682200738_738_{sub2}&sub5=id1413942319
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.135.213 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

id369344998
apps.apple.com/fr/app/pmu-fr-pari-hippique-turf/ Frame 7CBA
Redirect Chain

https://click.mnmnck.com/tracking/clicks?clickid=NCT_iphone_fr_ofid13218471_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat31_sub4_sub5&trafficsource=1373671014&offerid=441090158828585486&pub...
https://apps.apple.com/fr/app/pmu-fr-pari-hippique-turf/id369344998?uo=4

0
0

1246ms
1104ms

Stylesheet
text/html

104.111.214.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.apple.com/fr/app/pmu-fr-pari-hippique-turf/id369344998?uo=4
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Server: 104.111.214.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-42.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: https://apps.apple.com/fr/app/pmu-fr-pari-hippique-turf/id369344998?uo=4
date: Fri, 11 Mar 2022 09:21:40 GMT
via: 1.1 google
x-powered-by: Express
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 404 click
times25.go2affise.com/ Frame 7CBA 0
0 155ms
48ms Stylesheet
text/html 213.227.135.213
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://times25.go2affise.com/click?pid=607&offer_id=112018&sub1=NCT_iphone_fr_ofid12643982_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat32_sub4_sub5&sub2=682200738_738_{sub2}&sub5=id1413942319
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.135.213 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

/
www.unique-private.online/es/ Frame 7CBA
Redirect Chain

https://md412.trckswrm.com/click?offer_id=232851&pub_id=10&pub_click_id=NCT_iphone_fr_ofid13067533_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat33_sub4_sub5&pub_sub_id=682200738&pub_sub_sub...
https://ultrapartners.com/redirect/id/36343/b/1/l/149/tp/h/s/AgIeapcAAAF_eEiiAwADmoUAAAAsAAAABQ&subaff=44/tm/0
https://ucconn.live/es/?id=53208479&affid=36343&m=0&landing=h&referrer=&src=AgIeapcAAAF_eEiiAwADmoUAAAAsAAAABQ&subaff=44
https://www.unique-private.online/es/?id=53208479&affid=36343&m=0&landing=h&referrer=&src=AgIeapcAAAF_eEiiAwADmoUAAAAsAAAABQ&subaff=44&ucconn_uin=1429772700622b14a5312381.81749098

0
0

596ms
410ms

Stylesheet
text/html

188.114.97.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unique-private.online/es/?id=53208479&affid=36343&m=0&landing=h&referrer=&src=AgIeapcAAAF_eEiiAwADmoUAAAAsAAAABQ&subaff=44&ucconn_uin=1429772700622b14a5312381.81749098
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Server: 188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Fri, 11 Mar 2022 09:21:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
location: https://www.unique-private.online/es/?id=53208479&affid=36343&m=0&landing=h&referrer=&src=AgIeapcAAAF_eEiiAwADmoUAAAAsAAAABQ&subaff=44&ucconn_uin=1429772700622b14a5312381.81749098
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXe%2BMej4G09hnwbUXpA45I1apdBEnwY0gfKjbJb800ljMEYfc%2FohVENtwbbR%2BraOvzI1Itd%2FOsZepcxMM%2BVTqfr5B0hn9UKqPDiiRqnjuiM9mVrCpNNvSVSiAQmC"}],"group":"cf-nel","max_age":604800}
cf-ray: 6ea338a82f243b7f-CDG
access-control-allow-headers: origin, x-requested-with, content-type
x-xss-protection: 1; mode=block

GET click
c.allontrk.com/ Frame 7CBA 0
0

GET
H2

200

id398364165
apps.apple.com/fr/app/cdiscount/ Frame 7CBA
Redirect Chain

https://click.appmultiple.net/tracking/click?clickid=NCT_iphone_fr_ofid12830469_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat35_sub4_sub5&trafficsource=1373692397&offerid=439329973051188517...
https://apps.apple.com/fr/app/cdiscount/id398364165?uo=4

0
0

986ms
690ms

Stylesheet
text/html

104.111.214.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.apple.com/fr/app/cdiscount/id398364165?uo=4
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Server: 104.111.214.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-42.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: https://apps.apple.com/fr/app/cdiscount/id398364165?uo=4
date: Fri, 11 Mar 2022 09:21:40 GMT
via: 1.1 google
x-powered-by: Express
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET click
c.allontrk.com/ Frame 7CBA 0
0

GET
H/1.1 200
OK click
apts.trckswrm.com/ Frame 7CBA 0
75 B 203ms
58ms Stylesheet
text/plain 5.9.6.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=735984&pub_id=9&pub_click_id=NCT_iphone_fr_ofid13259942_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat37_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.6.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.124.6.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-length: 0

GET
H2

200

id1534593212
apps.apple.com/us/app/omada-make-sport-social/ Frame 7CBA
Redirect Chain

https://click.appmultiple.net/tracking/click?clickid=NCT_iphone_fr_ofid13230467_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat38_sub4_sub5&trafficsource=1373692397&offerid=441280005241439070...
https://apps.apple.com/us/app/omada-make-sport-social/id1534593212?uo=4

0
0

630ms
488ms

Stylesheet
text/html

104.111.214.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.apple.com/us/app/omada-make-sport-social/id1534593212?uo=4
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Server: 104.111.214.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-42.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: https://apps.apple.com/us/app/omada-make-sport-social/id1534593212?uo=4
date: Fri, 11 Mar 2022 09:21:40 GMT
via: 1.1 google
x-powered-by: Express
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

id1332596741
impression.appsflyer.com/ Frame 7CBA
Redirect Chain

https://ila3.co/o/248502?p=17&aff_clickid=NCT_iphone_fr_ofid13234990_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat39_sub4_sub5&sub1=682200738_738_{sub2}&app_name=id1413942319
https://impression.appsflyer.com/id1332596741?af_prt=mobuppagency&pid=z2adigital_int&c=248502&af_siteid=S6pFJIRY&af_cost_model=CPI&af_viewthrough_lookback=1d&clickid=1111eca11ca8b9600013a8db_248502...

2 B
310 B

179ms
72ms

Stylesheet
text/html

13.224.195.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://impression.appsflyer.com/id1332596741?af_prt=mobuppagency&pid=z2adigital_int&c=248502&af_siteid=S6pFJIRY&af_cost_model=CPI&af_viewthrough_lookback=1d&clickid=1111eca11ca8b9600013a8db_248502_271067&advertising_id=&idfa=&af_c_id=248502&af_ad_type=banner&af_media_type=app&af_adset_id=271067&af_adset=271067&af_ad_id=271067%7C248502%7Cz1g4z66k3t32f3%7C%7C509933322%7C0%7C0&af_ad=271067%7C248502%7Cz1g4z66k3t32f3%7C%7C509933322%7C0%7C0

Requested by

Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0

Protocol

Server

13.224.195.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-77.fra2.r.cloudfront.net

Software

http-kit /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
server: http-kit
x-amz-cf-pop: FRA2-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
cache-control: no-cache
content-length: 2
x-amz-cf-id: Jr_8TabitVN6g2JQ0gXaCSv3IVURQQB80pgavJKQBm6YZDCTCocM4w==

Redirect headers

pragma: no-cache
date: Fri, 11 Mar 2022 09:21:40 GMT
referrer-policy: no-referrer
content-type: text/html; charset=utf-8
location: https://impression.appsflyer.com/id1332596741?af_prt=mobuppagency&pid=z2adigital_int&c=248502&af_siteid=S6pFJIRY&af_cost_model=CPI&af_viewthrough_lookback=1d&clickid=1111eca11ca8b9600013a8db_248502_271067&advertising_id=&idfa=&af_c_id=248502&af_ad_type=banner&af_media_type=app&af_adset_id=271067&af_adset=271067&af_ad_id=271067%7C248502%7Cz1g4z66k3t32f3%7C%7C509933322%7C0%7C0&af_ad=271067%7C248502%7Cz1g4z66k3t32f3%7C%7C509933322%7C0%7C0
cache-control: no-store, no-cache, must-revalidate
keep-alive: timeout=5
content-length: 0
expires: 0

GET click
c.allontrk.com/ Frame 7CBA 0
0

GET
H2

200

/
www.google.com/ Frame 7CBA
Redirect Chain

https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D
https://www.google.com/

0
0

235ms
133ms

Stylesheet
text/html

142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Fri, 11 Mar 2022 09:21:40 GMT
referrer-policy: origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4pI4mkvytxNWW0WT2uh69yRmJDyR967w5c2h2IBFhc1J1CHyjQ5nLxvwru6atXKtfxVHnYr9o8NNYYM7chE2KHSj3l0uY%2Fcf611OFH5UZLlf2F4r8kEAQM8L8MC3GQ%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.google.com
cf-ray: 6ea338a2e8b14063-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 018A 15 KB
16 KB 152ms
46ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hRkZEZcN7-A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 252215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Mar 2023 11:18:05 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/87b9576a/www-embed-player.vflset/ Frame 018A 279 KB
86 KB 77ms
77ms Script
text/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/87b9576a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hRkZEZcN7-A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

sffe /

Resource Hash

155444405fb19dc6af2cd7cd0e9ce83998ab6d9f984345c6bea0154b57aade7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/hRkZEZcN7-A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 18:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88078
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 01:42:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 Mar 2023 18:40:55 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/87b9576a/player_ias.vflset/fr_FR/ Frame 018A 2 MB
523 KB 140ms
140ms Script
text/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/87b9576a/player_ias.vflset/fr_FR/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hRkZEZcN7-A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

sffe /

Resource Hash

70ad19a16f75d9bd6720db77ebbd21a8a97aad621eca7b823f154162ce9113fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/hRkZEZcN7-A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 18:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52257
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 535654
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 01:42:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 Mar 2023 18:50:43 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/87b9576a/fetch-polyfill.vflset/ Frame 018A 9 KB
3 KB 138ms
138ms Script
text/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/87b9576a/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hRkZEZcN7-A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/hRkZEZcN7-A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 18:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 01:42:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 Mar 2023 18:40:55 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 111ms
54ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2072044752&t=pageview&_s=1&dl=http%3A%2F%2F10reasonsmile.azurewebsites.net%2F&ul=en-us&de=UTF-8&dt=Top%2010%20Reasons%20You%20Should%20Smile%20Every%20Day&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=933526693&gjid=860749822&cid=219365707.1646990500&tid=UA-143001013-1&_gid=503885361.1646990500&_r=1&gtm=2ou370&z=1150443209

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://10reasonsmile.azurewebsites.net/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 09:21:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://10reasonsmile.azurewebsites.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK backup.gif
pixel.runative-syndicate.com/api/v1/ 35 B
223 B 126ms
56ms Image
image/gif 136.243.80.153
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.runative-syndicate.com/api/v1/backup.gif?t=native&s=0e22dc540f9d44abb3db44af8b0e3310
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 136.243.80.153 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.153.80.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:21:40 GMT
Server: nginx
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 35
Content-Type: image/gif; charset=utf-8

GET
H/1.1 200
OK 6.png
cdn.runative-syndicate.com/imges/backup/cdn_img/ 511 KB
511 KB 47ms
46ms Image
image/png 67.27.159.121
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.runative-syndicate.com/imges/backup/cdn_img/6.png
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 67.27.159.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 14ad59b59aaa7a620459adbd198a399bf412ba885dfc75ab7c14686ce851f0ab

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 05:36:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 08:36:05 GMT
Server: nginx
Age: 4938327
ETag: W/"6114dd75-7fb34"
Vary: Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 523147

GET
H/1.1 200
OK backup.js Show response
cdn.run-syndicate.com/sdk/v1/ 2 KB
1 KB 175ms
175ms Script
application/javascript 65.58.27.249
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.run-syndicate.com/sdk/v1/backup.js?count=5&w=1600&h=1200&keywords=Top,Reasons,You,Should,Smile,Every,Day&adtype=label-under&spot=124d81d798d4451ca900766aa5adb262&callback=callback_4LknV
Requested by: Host: cdn.runative-syndicate.com
URL: http://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: HTTP/1.1
Server: 65.58.27.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: d9e0b79a0def9421c2976d45af2c7487e8cb8168a1b34f63fcbb7a156aac404c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 09:31:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Aug 2021 09:24:21 GMT
Server: nginx
Age: 18748185
ETag: W/"610cffc5-9bc"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 1017

GET
H/1.1 200
OK backup.gif
pixel.runative-syndicate.com/api/v1/ 35 B
223 B 112ms
56ms Image
image/gif 136.243.80.153
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.runative-syndicate.com/api/v1/backup.gif?t=native&s=124d81d798d4451ca900766aa5adb262
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 136.243.80.153 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.153.80.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 09:21:40 GMT
Server: nginx
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 35
Content-Type: image/gif; charset=utf-8

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 018A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

112ms
56ms

XHR
application/json

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hRkZEZcN7-A

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

8295526e8db3feff122caa2e4b6824208e8782c8cce34c90ddee3d6c925d67de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 11 Mar 2022 09:21:40 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 018A 29 B
588 B 149ms
47ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/87b9576a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:14:18 GMT
x-content-type-options: nosniff
age: 442
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Mar 2022 09:29:18 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/87b9576a/player_ias.vflset/fr_FR/ Frame 018A 119 KB
37 KB 49ms
49ms Script
text/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/87b9576a/player_ias.vflset/fr_FR/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/87b9576a/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

sffe /

Resource Hash

fe624d2142439c0a2e6d8f06598dd7dbee4ff189665a8a1f06ed716ca5d8fd05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/hRkZEZcN7-A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 18:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52257
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37914
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 01:42:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 Mar 2023 18:50:43 GMT

GET
H2 200 b11n7QwaEucVJQMKB-LsSDNLMoQ5L9B69t4x3UT_5Ww.js Show response
www.google.com/js/th/ Frame 018A 35 KB
14 KB 48ms
47ms Script
text/javascript 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/b11n7QwaEucVJQMKB-LsSDNLMoQ5L9B69t4x3UT_5Ww.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/87b9576a/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

sffe /

Resource Hash

6f5d67ed0c1a12e71525030a07e2ec48334b3284392fd07af6de31dd44ffe56c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 13:43:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 157063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13670
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 18:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 13:43:57 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/87b9576a/player_ias.vflset/fr_FR/ Frame 018A 26 KB
8 KB 48ms
48ms Script
text/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/87b9576a/player_ias.vflset/fr_FR/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/87b9576a/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

sffe /

Resource Hash

f6ccf2bcbaf8544a369545bccdd49d25522e4a1645e9bdd66bec955ba3f25f26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/hRkZEZcN7-A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 18:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7803
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 01:42:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 Mar 2023 18:54:57 GMT

GET
DATA 200
OK truncated
/ Frame 018A 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQf4wsrdKAP2TXeif4pWfolVxIqcDrY5cNJv3udEA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 018A 4 KB
4 KB 172ms
63ms Image
image/jpeg 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQf4wsrdKAP2TXeif4pWfolVxIqcDrY5cNJv3udEA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hRkZEZcN7-A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

fife /

Resource Hash

55099c5b266b70c579a81343e5b6b8c77c4009ea5b898544318834a148f19f4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4036
x-xss-protection: 0
server: fife
etag: "v8d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 07 Mar 2022 04:37:51 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/hRkZEZcN7-A/ Frame 018A 149 KB
149 KB 229ms
121ms Image
image/webp 142.250.185.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/hRkZEZcN7-A/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hRkZEZcN7-A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.214 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f22.1e100.net

Software

sffe /

Resource Hash

b38e95c8a450f66da3f6ddadc1c8927d4af9296a40cec233f38bcd9d2d22ac24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "1484405626"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 152118
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 11 Mar 2022 11:21:40 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 018A 0
9 B 46ms
46ms Image
text/plain 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Cthcbg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/hRkZEZcN7-A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/hRkZEZcN7-A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 018A 4 KB
3 KB 168ms
59ms Script
text/javascript 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/87b9576a/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Mar 2022 09:21:40 GMT

GET
H/1.1 200
OK backup.js Show response
cdn.run-syndicate.com/sdk/v1/ 2 KB
1 KB 176ms
175ms Script
application/javascript 65.58.27.249
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.run-syndicate.com/sdk/v1/backup.js?count=4&w=1600&h=1200&keywords=Top,Reasons,You,Should,Smile,Every,Day&adtype=label-under&spot=124d81d798d4451ca900766aa5adb262&callback=callback_owM0E
Requested by: Host: cdn.runative-syndicate.com
URL: http://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: HTTP/1.1
Server: 65.58.27.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: d9e0b79a0def9421c2976d45af2c7487e8cb8168a1b34f63fcbb7a156aac404c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 09:31:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Aug 2021 09:24:21 GMT
Server: nginx
Age: 18748185
ETag: W/"610cffc5-9bc"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 1017

GET
H2 200 main.js Show response
cpi-offers.com/jsf/ Frame C65F 3 KB
1 KB 48ms
46ms Script
application/javascript 3.120.62.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cpi-offers.com/jsf/main.js
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.62.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-62-32.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: 3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-encoding: gzip
etag: "292932-2720-1645428716000"
last-modified: Mon, 21 Feb 2022 07:31:56 GMT
server: nginx/1.14.1
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600

GET
H/1.1 200
OK click
apts.trckswrm.com/ Frame C65F 0
75 B 58ms
57ms Stylesheet
text/plain 5.9.6.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=729169&pub_id=55&pub_click_id=NCT_iphone_fr_ofid13248336_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat41_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&idfa=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&gaid=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&app=id1360098321
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.6.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.124.6.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-length: 0

GET click
c.allontrk.com/ Frame C65F 0
0

GET
H/1.1 200
OK click
apts.trckswrm.com/ Frame C65F 0
75 B 57ms
56ms Stylesheet
text/plain 5.9.6.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=728425&pub_id=55&pub_click_id=NCT_iphone_fr_ofid13267588_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat43_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&idfa=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&gaid=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&app=id1360098321
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.6.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.124.6.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-length: 0

GET click
c.allontrk.com/ Frame C65F 0
0

GET
H/1.1 200
OK click
apts.trckswrm.com/ Frame C65F 0
75 B 59ms
57ms Stylesheet
text/plain 5.9.6.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=739039&pub_id=9&pub_click_id=NCT_iphone_fr_ofid13259448_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat45_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1360098321
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.6.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.124.6.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-length: 0

GET
H2

404

click
trk.whisursand.com/ Frame C65F
Redirect Chain

https://ttmma.go2affise.com/click?pid=21&offer_id=482434&sub1=NCT_iphone_fr_ofid13023710_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat46_sub4_sub5&sub2=682200738_738_{sub2}&sub5=id1360098321
https://ttmma.go2affise.com/click?pid=17&offer_id=543704&sub1=&sub2=21&sub4=&sub5=id1360098321&sub6=&sub8=
https://trk.whisursand.com/click?affid=25&clickid=622b14a4ed4c040001dc4b40&category=01&androidid=&iosidfa=

0
0

111ms
111ms

Stylesheet
text/html

54.144.26.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.whisursand.com/click?affid=25&clickid=622b14a4ed4c040001dc4b40&category=01&androidid=&iosidfa=
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Server: 54.144.26.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-26-10.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-length: 13
content-type: text/html

Redirect headers

location: https://trk.whisursand.com/click?affid=25&clickid=622b14a4ed4c040001dc4b40&category=01&androidid=&iosidfa=
date: Fri, 11 Mar 2022 09:21:40 GMT
referer
referrer-policy: no-referrer
server: nginx
access-control-allow-origin: *
content-length: 0

GET click
c.allontrk.com/ Frame C65F 0
0

GET
H2

404

click
trk.ad-serving-ads.com/ Frame C65F
Redirect Chain

https://advdgt.trckswrm.com/click?offer_id=292597&pub_id=7&pub_click_id=NCT_iphone_fr_ofid13216570_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat48_sub4_sub5&pub_sub_id=682200738&pub_sub_sub...
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200738&creativeid=POP&category=01&androidid=

0
0

112ms
111ms

Stylesheet
text/html

54.88.202.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200738&creativeid=POP&category=01&androidid=
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Server: 54.88.202.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-202-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:40 GMT
content-length: 13
content-type: text/html

Redirect headers

location: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200738&creativeid=POP&category=01&androidid=
date: Fri, 11 Mar 2022 09:21:40 GMT
referrer-policy: no-referrer
content-length: 0

GET

2idol64
2idol64.mapuravity.com/ Frame C65F
Redirect Chain

https://mookomedia.g2afse.com/click?pid=42&offer_id=260519&sub1=NCT_iphone_fr_ofid13023383_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat49_sub4_sub5&sub4=682200738_738_{sub2}&sub5=id1360098321
https://2idol64.mapuravity.com/2idol64?p=42_682200738_738_{sub2}&sid=622b14a4b7186f00018aa0a9&android_id=&android_a_id=&idfa=&app_id=id1360098321&param1=

0
0

GET
H/1.1

200
OK

click
apts.trckswrm.com/ Frame C65F
Redirect Chain

https://adjar.gotrackier.com/click?campaign_id=3227&pub_id=104&p1=NCT_iphone_fr_ofid13257335_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat50_sub4_sub5&source=682200738_738_{sub2}&app_name=i...
https://apts.trckswrm.com/click?offer_id=587693&pub_id=79&pub_click_id=622b14a56d68c00341c6ce47&pub_sub_id=104&pub_sub_sub_id=682200738_738_{sub2}&app=id1360098321&gaid=&idfa=

0
75 B

58ms
58ms

Stylesheet
text/plain

5.9.6.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=587693&pub_id=79&pub_click_id=622b14a56d68c00341c6ce47&pub_sub_id=104&pub_sub_sub_id=682200738_738_{sub2}&app=id1360098321&gaid=&idfa=
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: HTTP/1.1
Server: 5.9.6.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.124.6.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:41 GMT
content-length: 0

Redirect headers

date: Fri, 11 Mar 2022 09:21:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://apts.trckswrm.com/click?offer_id=587693&pub_id=79&pub_click_id=622b14a56d68c00341c6ce47&pub_sub_id=104&pub_sub_sub_id=682200738_738_{sub2}&app=id1360098321&gaid=&idfa=
cf-ray: 6ea338a6af1240e7-CDG
content-length: 0
x-rt: 195

GET click
c.allontrk.com/ Frame C65F 0
0

GET click
ad-experience.g2afse.com/ Frame C65F 0
0

GET

click
ad-experience.g2afse.com/ Frame C65F
Redirect Chain

https://mookomedia.g2afse.com/click?pid=42&offer_id=334682&sub1=NCT_iphone_fr_ofid13219634_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat53_sub4_sub5&sub4=682200738_738_{sub2}&sub5=id1360098321
https://appalgo.g2afse.com/click?pid=304&offer_id=97558&sub1=622b14a4f4429a00017942fe&sub2=42_682200738_738_{sub2}&sub3=&sub4=&sub5=id1360098321
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0
https://go2.lkjlkjkljsdflkjsdfklsfjklsd.com/click?pid=616&offer_id=13189374&sub1=&sub2=304&sub3=appalgorem_nat2&sub4=5C07667D-90DE-4CFC-BD5E-11F5E5AE68D5&sub5=id505500141&sub6=682200
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0
https://ermoza.g2afse.com/click?pid=31&offer_id=16118&sub1=NCT_iphone_fr_ofid13264668_pid616_sub1_sub2_sub3TbLabq_nat12_sub4_sub5&sub2=682200616_&sub3=id290638154
https://ermoza.g2afse.com/click?pid=1&offer_id=2171
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=600&cid=622b14a575c938000144041b&sid=1_&udid=&name=&info=ExplorAdsSL&blockTime=0
https://ad-experience.g2afse.com/click?pid=2&offer_id=689671&sub1=NCT_iphone_fr_ofid13220302_pid616_sub1622b14a575c938000144041b_sub21__sub3ExplorAdsSL_nat5_sub4_sub5&sub2=682200616_1_&sub5=id14539...

0
0

GET
H2

200

/
www.freegames4play.com/ Frame C65F
Redirect Chain

https://labmediasolutions.g2afse.com/click?pid=3&offer_id=185140&sub1=NCT_iphone_fr_ofid13266681_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat54_sub4_sub5&sub2=682200738_738_{sub2}&sub3=id1...
https://labmediasolutions.g2afse.com/click?pid=1&offer_id=73371
https://www.freegames4play.com/

0
0

259ms
171ms

Stylesheet
text/html

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freegames4play.com/
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Server: 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: https://www.freegames4play.com/
date: Fri, 11 Mar 2022 09:21:40 GMT
server: nginx
access-control-allow-origin: *
content-length: 0

GET
H2 200 click
trk.bidrivo.com/ Frame C65F 22 B
576 B 161ms
66ms Stylesheet
text/plain 104.21.77.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.bidrivo.com/click?campaign_id=447423&pub_id=75&p1=NCT_iphone_fr_ofid13247264_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat55_sub4_sub5&source=682200738_738_{sub2}&app_name=id1360098321&idfa=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&gaid=8B0690CC-2C64-47F7-B5D4-CF400A3F7733
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.77.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-err: CSS_REQUEST
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Fri, 11 Mar 2022 09:21:40 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLYmqlWuXoGcTIfMayV2t5m8OSVvCUg21sYrCkxk3moC6ofJZOqpzJEsXGPpX%2BhegYp9oHPl%2Ftr0%2BGmFzeB8Nt%2FDYcxr6Vc3P6zXkXVR2yrEtcKoksvbsJS0KooNUJ%2BmTmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6ea338a69dd00814-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22
x-rt: 0

GET click
appricotads.g2afse.com/ Frame C65F 0
0

GET
H2 404 click
times25.go2affise.com/ Frame C65F 0
0 47ms
45ms Stylesheet
text/html 213.227.135.213
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://times25.go2affise.com/click?pid=607&offer_id=93556&sub1=NCT_iphone_fr_ofid12622743_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat57_sub4_sub5&sub2=682200738_738_{sub2}&sub5=id1360098321
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.135.213 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET

recommendation
brainadv.trckswrm.com/ Frame C65F
Redirect Chain

https://brainadv.g2afse.com/click?pid=3&offer_id=757372&sub3=NCT_iphone_fr_ofid13257232_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat58_sub4_sub5&sub1=682200738_738_{sub2}&sub2=id1360098321
https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=682200738_738_{sub2}&idfa=&gaid=&app=id1360098321

0
0

GET
H3

200

/
www.google.com/ Frame C65F
Redirect Chain

https://zainzuri.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D
https://www.google.com/

0
0

187ms
128ms

Stylesheet
text/html

142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H3
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Fri, 11 Mar 2022 09:21:40 GMT
referrer-policy: origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amcTA%2Fchkav3RDWtzTfVtjwIi7vzWBNJzcGdK8iOM%2B7xz%2BRN69%2FicFu0n0oFXyeFn7RGeNvqQzp%2FE136ZtYt6TGu7dM%2BbDiusJDQqrZlsynoBNIm1iFtIInwL6zsCzI%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.google.com
cf-ray: 6ea338a64d1d99c6-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET

recommendation
c.allontrk.com/ Frame C65F
Redirect Chain

https://c.allontrk.com/click?offer_id=210089&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13070713_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat42_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
0

GET
H/1.1 200
OK backup.js Show response
cdn.run-syndicate.com/sdk/v1/ 2 KB
1 KB 175ms
175ms Script
application/javascript 65.58.27.249
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.run-syndicate.com/sdk/v1/backup.js?count=3&w=1600&h=1200&keywords=Top,Reasons,You,Should,Smile,Every,Day&adtype=label-under&spot=124d81d798d4451ca900766aa5adb262&callback=callback_u2MUU
Requested by: Host: cdn.runative-syndicate.com
URL: http://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: HTTP/1.1
Server: 65.58.27.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: d9e0b79a0def9421c2976d45af2c7487e8cb8168a1b34f63fcbb7a156aac404c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 09:31:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Aug 2021 09:24:21 GMT
Server: nginx
Age: 18748185
ETag: W/"610cffc5-9bc"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 1017

GET

recommendation
c.allontrk.com/ Frame C65F
Redirect Chain

https://c.allontrk.com/click?offer_id=184925&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13074040_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat44_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
0

GET

recommendation
c.allontrk.com/ Frame C65F
Redirect Chain

https://c.allontrk.com/click?offer_id=210088&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13070648_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat47_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
0

GET
H/1.1 200
OK backup.js Show response
cdn.run-syndicate.com/sdk/v1/ 2 KB
1 KB 176ms
176ms Script
application/javascript 65.58.27.249
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.run-syndicate.com/sdk/v1/backup.js?count=2&w=1600&h=1200&keywords=Top,Reasons,You,Should,Smile,Every,Day&adtype=label-under&spot=124d81d798d4451ca900766aa5adb262&callback=callback_hz9RY
Requested by: Host: cdn.runative-syndicate.com
URL: http://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: HTTP/1.1
Server: 65.58.27.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: d9e0b79a0def9421c2976d45af2c7487e8cb8168a1b34f63fcbb7a156aac404c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 09:31:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Aug 2021 09:24:21 GMT
Server: nginx
Age: 18748186
ETag: W/"610cffc5-9bc"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 1017

GET

recommendation
c.allontrk.com/ Frame 7CBA
Redirect Chain

https://c.allontrk.com/click?offer_id=120159&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13072586_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat9_sub4_sub5&pub_sub_id=682200738&pub_...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
0

GET
H/1.1 200
OK backup.js Show response
cdn.run-syndicate.com/sdk/v1/ 2 KB
1 KB 180ms
180ms Script
application/javascript 65.58.27.249
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.run-syndicate.com/sdk/v1/backup.js?count=1&w=1600&h=1200&keywords=Top,Reasons,You,Should,Smile,Every,Day&adtype=label-under&spot=124d81d798d4451ca900766aa5adb262&callback=callback_JPqZ1
Requested by: Host: cdn.runative-syndicate.com
URL: http://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: HTTP/1.1
Server: 65.58.27.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: d9e0b79a0def9421c2976d45af2c7487e8cb8168a1b34f63fcbb7a156aac404c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 09:31:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Aug 2021 09:24:21 GMT
Server: nginx
Age: 18748186
ETag: W/"610cffc5-9bc"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 1017

GET

recommendation
c.allontrk.com/ Frame C65F
Redirect Chain

https://c.allontrk.com/click?offer_id=208552&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13069692_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat51_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
0

GET

sl
ad-experience.g2afse.com/ Frame C65F
Redirect Chain

https://ad-experience.g2afse.com/click?pid=2&offer_id=699140&sub1=NCT_iphone_fr_ofid13262870_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat52_sub4_sub5&sub2=682200738_738_{sub2}&sub5=id13600...
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=699140&sub3=2

0
0

GET
H2

404

click
trk.games-to-run123.com/ Frame C65F
Redirect Chain

https://mookomedia.g2afse.com/click?pid=42&offer_id=334682&sub1=NCT_iphone_fr_ofid13219634_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat53_sub4_sub5&sub4=682200738_738_{sub2}&sub5=id1360098321
https://appalgo.g2afse.com/click?pid=304&offer_id=97558&sub1=622b14a50bd2da00012c6ec0&sub2=42_682200738_738_{sub2}&sub3=&sub4=&sub5=id1360098321
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0
https://trk.games-to-run123.com/click?affid=47&cmpid=46c3758f65064e16&clickid=NCT_iphone_fr_ofid13267640_pid616_sub1_sub2304_sub3appalgorem_nat6_sub4_sub5&siteid=682200616_304&androidid=91D706A2-83...

0
0

118ms
112ms

Stylesheet
text/html

54.88.202.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.games-to-run123.com/click?affid=47&cmpid=46c3758f65064e16&clickid=NCT_iphone_fr_ofid13267640_pid616_sub1_sub2304_sub3appalgorem_nat6_sub4_sub5&siteid=682200616_304&androidid=91D706A2-8316-4745-9D22-02F49D191A0C&iosidfa=91D706A2-8316-4745-9D22-02F49D191A0C
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Server: 54.88.202.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-202-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:41 GMT
content-length: 13
content-type: text/html

Redirect headers

date: Fri, 11 Mar 2022 09:21:41 GMT
content-encoding: gzip
server: nginx/1.14.1
location: https://trk.games-to-run123.com/click?affid=47&cmpid=46c3758f65064e16&clickid=NCT_iphone_fr_ofid13267640_pid616_sub1_sub2304_sub3appalgorem_nat6_sub4_sub5&siteid=682200616_304&androidid=91D706A2-8316-4745-9D22-02F49D191A0C&iosidfa=91D706A2-8316-4745-9D22-02F49D191A0C
x-powered-by: Express
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *

GET
H/1.1 200
OK 5.jpg
cdn.runative-syndicate.com/imges/backup/cdn_img/ 12 KB
12 KB 47ms
46ms Image
image/jpeg 67.27.159.121
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.runative-syndicate.com/imges/backup/cdn_img/5.jpg
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 67.27.159.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: e2a7b23149955178712e1ec9de2a27a27fae9a6d97f4420b98c1123d53fce49a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 19:47:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 08:36:05 GMT
Server: nginx
Age: 11367246
ETag: W/"6114dd75-2fef"
Vary: Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 11999

GET
H/1.1 200
OK 9.png
cdn.runative-syndicate.com/imges/backup/cdn_img/ 256 KB
256 KB 93ms
47ms Image
image/png 67.27.159.121
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.runative-syndicate.com/imges/backup/cdn_img/9.png
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 67.27.159.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 21ab6d6fa46ff680fd085759131e1f2024d4aec490811700130c41bcb37542ae

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 21:36:33 GMT
Last-Modified: Thu, 12 Aug 2021 08:36:05 GMT
Server: nginx
Age: 16285508
ETag: "6114dd75-3fe7d"
Vary: Accept-Encoding
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 261757

GET
H/1.1 200
OK 2.jpg
cdn.runative-syndicate.com/imges/backup/cdn_img/ 15 KB
15 KB 93ms
47ms Image
image/jpeg 67.27.159.121
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.runative-syndicate.com/imges/backup/cdn_img/2.jpg
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 67.27.159.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: b2880bb2c93cb19dd7a3be8482c1ca5ac89df578c17858937b2589c70c546286

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 09:02:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 08:36:05 GMT
Server: nginx
Age: 2333954
ETag: W/"6114dd75-3b52"
Vary: Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 14995

GET
H/1.1 200
OK 1.jpg
cdn.runative-syndicate.com/imges/backup/cdn_img/ 13 KB
14 KB 91ms
45ms Image
image/jpeg 67.27.159.121
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.runative-syndicate.com/imges/backup/cdn_img/1.jpg
Requested by: Host: 10reasonsmile.azurewebsites.net
URL: http://10reasonsmile.azurewebsites.net/
Protocol: HTTP/1.1
Server: 67.27.159.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: e0df0be14cf5b41f26dc1042d167519854448ab37e9725d0e1039687b1cad370

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://10reasonsmile.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 17:48:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 08:36:05 GMT
Server: nginx
Age: 4548806
ETag: W/"6114dd75-35f4"
Vary: Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 13678

GET

sl
appricotads.g2afse.com/ Frame C65F
Redirect Chain

https://appricotads.g2afse.com/click?pid=251&offer_id=29613&ref_id=NCT_iphone_fr_ofid12711076_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat56_sub4_sub5&sub1=251_4850738&sub2=738_{sub2}&sub6...
http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850738&sub2=738_{sub2}&sub3=&sub4=&sub5=251&sub6=251_4850738&sub7=738_{sub2}&sub8=29613

0
0

GET

sl
brainadv.g2afse.com/ Frame C65F
Redirect Chain

https://brainadv.g2afse.com/click?pid=3&offer_id=757372&sub3=NCT_iphone_fr_ofid13257232_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat58_sub4_sub5&sub1=682200738_738_{sub2}&sub2=id1360098321
https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=682200738_738_{sub2}&idfa=&gaid=&app=id1360098321
http://brainadv.g2afse.com/sl?id=60e2066c8bff280d95069af4&pid=17&sub1=16.25&sub3=An5299IAAAF_eEin-gAAAAAAAAAZAAAABQ&sub2=id1360098321&sub4=&sub5=&sub8=9gJf7FfkwDoFuRa1X9i__28

0
0

GET

sl
ad-experience.g2afse.com/ Frame 7CBA
Redirect Chain

https://ad-experience.g2afse.com/click?pid=2&offer_id=668436&sub1=NCT_iphone_fr_ofid12769160_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat15_sub4_sub5&sub2=682200738_738_{sub2}&sub5=id14139...
http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=668436&sub3=2

0
0

GET

sl
appricotads.g2afse.com/ Frame 7CBA
Redirect Chain

https://appricotads.g2afse.com/click?pid=251&offer_id=440373&ref_id=NCT_iphone_fr_ofid13260348_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat16_sub4_sub5&sub1=251_4850738&sub2=738_{sub2}&sub...
http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850738&sub2=738_{sub2}&sub3=&sub4=&sub5=251&sub6=251_4850738&sub7=738_{sub2}&sub8=440373

0
0

GET

recommendation
c.allontrk.com/ Frame 7CBA
Redirect Chain

https://c.allontrk.com/click?offer_id=210934&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13071098_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat18_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
0

GET

recommendation
c.allontrk.com/ Frame 7CBA
Redirect Chain

https://c.allontrk.com/click?offer_id=210125&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13072041_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat20_sub4_sub5&pub_sub_id=682200738&pub...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
0

GET

w404
offer.alibaba.com/product/ Frame 7CBA
Redirect Chain

https://t.9696.me/click?pid=729&offer_id=146666&sub4=NCT_iphone_fr_ofid7838849_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat21_sub4_sub5&sub1=729_4850738&sub2=729_4850738_738_{sub2}&sub3=id...
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=id1413942319&sub1=729_4850738&sub2=729_4850738_738_{sub2}
https://offer.alibaba.com/cps/3ba4i0jh?tp1=622b14a6451a820001fd8c42&pid=729_4850738&adid=
http://offer.alibaba.com/product/w404

0
0

GET

recommendation
c.allontrk.com/ Frame 7CBA
Redirect Chain

https://c.allontrk.com/click?offer_id=145251&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13069141_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat22_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
0

GET

disabled.html
zildd.g2afse.com/ Frame 7CBA
Redirect Chain

https://zildd.g2afse.com/click?pid=35&offer_id=3428510&sub1=NCT_iphone_fr_ofid13063122_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat25_sub4_sub5&sub2=682200738_738_{sub2}&sub3=id1413942319&...
http://zildd.g2afse.com/disabled.html

0
0

GET
H2

404

click
trk.ad-serving-ads.com/ Frame 7CBA
Redirect Chain

https://mookomedia.g2afse.com/click?pid=42&offer_id=256569&sub1=NCT_iphone_fr_ofid12637192_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat26_sub4_sub5&sub4=682200738_738_{sub2}&sub5=id1413942319
https://appalgo.g2afse.com/click?pid=304&offer_id=91073&sub1=622b14a6d590320001bfa0fc&sub2=42_682200738_738_{sub2}&sub3=&sub4=&sub5=id1413942319
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=304&udid=&name=&info=appalgorem&blockTime=0
https://advdgt.trckswrm.com/click?offer_id=83546&pub_id=7&pub_click_id=NCT_iphone_fr_ofid13239268_pid616_sub1_sub2304_sub3appalgorem_nat10_sub4_sub5&pub_sub_id=682200616&pub_sub_sub_id=304&app=id80...
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200616&creativeid=POP&category=01&androidid=

0
0

112ms
112ms

Stylesheet
text/html

54.88.202.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200616&creativeid=POP&category=01&androidid=
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: H2
Server: 54.88.202.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-202-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:42 GMT
content-length: 13
content-type: text/html

Redirect headers

location: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200616&creativeid=POP&category=01&androidid=
date: Fri, 11 Mar 2022 09:21:42 GMT
referrer-policy: no-referrer
content-length: 0

GET
H/1.1

200
OK

click
apts.trckswrm.com/ Frame 7CBA
Redirect Chain

https://waardex.g2afse.com/click?pid=134&offer_id=103584&offer_id=5350&sub1=NCT_iphone_fr_ofid13270059_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat27_sub4_sub5&sub2=682200738_738_{sub2}&su...
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=931&cid=&sid=134&udid=&name=&info=WaardexSL&blockTime=0
https://apts.trckswrm.com/click?offer_id=741267&pub_id=10&pub_click_id=NCT_iphone_fr_ofid13261280_pid616_sub1_sub2134_sub3WaardexSL_nat13_sub4_sub5&pub_sub_id=682200616&pub_sub_sub_id=134&app=id593...

0
75 B

57ms
57ms

Stylesheet
text/plain

5.9.6.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://apts.trckswrm.com/click?offer_id=741267&pub_id=10&pub_click_id=NCT_iphone_fr_ofid13261280_pid616_sub1_sub2134_sub3WaardexSL_nat13_sub4_sub5&pub_sub_id=682200616&pub_sub_sub_id=134&app=id593715088
Requested by: Host: cpi-offers.com
URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0
Protocol: HTTP/1.1
Server: 5.9.6.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.124.6.9.5.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 09:21:42 GMT
content-length: 0

Redirect headers

date: Fri, 11 Mar 2022 09:21:42 GMT
content-encoding: gzip
server: nginx/1.14.1
location: https://apts.trckswrm.com/click?offer_id=741267&pub_id=10&pub_click_id=NCT_iphone_fr_ofid13261280_pid616_sub1_sub2134_sub3WaardexSL_nat13_sub4_sub5&pub_sub_id=682200616&pub_sub_sub_id=134&app=id593715088
x-powered-by: Express
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *

GET

recommendation
c.allontrk.com/ Frame 7CBA
Redirect Chain

https://c.allontrk.com/click?offer_id=207267&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13005099_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat34_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 018A 28 B
50 B 62ms
61ms XHR
application/json 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/87b9576a/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/hRkZEZcN7-A
X-YouTube-Client-Version: 1.20220309.01.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtBTzF2M2h3V044OCikqayRBg%3D%3D
X-YouTube-Ad-Signals: dt=1646990500466&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C730%2C400&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 11 Mar 2022 09:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

GET

recommendation
c.allontrk.com/ Frame 7CBA
Redirect Chain

https://c.allontrk.com/click?offer_id=210072&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13070603_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat36_sub4_sub5&pub_sub_id=682200738&pub...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
0

GET

recommendation
c.allontrk.com/ Frame 7CBA
Redirect Chain

https://c.allontrk.com/click?offer_id=164775&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13070357_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat40_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id...
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: private.gilgalpush.com
URL: https://private.gilgalpush.com/app.js

Domain: offer.alibaba.com
URL: http://offer.alibaba.com/product/w404

Domain: direct4.soldbyphonder.com
URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=a8cdf978-a11c-11ec-93f8-0a8d4c960769

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=120159&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13072586_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat9_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319

Domain: direct4.soldbyphonder.com
URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=a8dbdc28-a11c-11ec-82ba-123e9f22444f

Domain: ad-experience.g2afse.com
URL: https://ad-experience.g2afse.com/click?pid=2&offer_id=668436&sub1=NCT_iphone_fr_ofid12769160_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat15_sub4_sub5&sub2=682200738_738_{sub2}&sub5=id1413942319

Domain: appricotads.g2afse.com
URL: https://appricotads.g2afse.com/click?pid=251&offer_id=440373&ref_id=NCT_iphone_fr_ofid13260348_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat16_sub4_sub5&sub1=251_4850738&sub2=738_{sub2}&sub6=id1413942319

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=210934&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13071098_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat18_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=210125&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13072041_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat20_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319

Domain: offer.alibaba.com
URL: https://offer.alibaba.com/cps/3ba4i0jh?tp1=622b14a44627fc0001083197&pid=729_4850738&adid=

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=145251&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13069141_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat22_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319

Domain: zildd.g2afse.com
URL: https://zildd.g2afse.com/click?pid=35&offer_id=3428510&sub1=NCT_iphone_fr_ofid13063122_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat25_sub4_sub5&sub2=682200738_738_{sub2}&sub3=id1413942319&sub4=5B2C59D6-CD91-499E-9C1E-30BB5AB332C3

Domain: offer.alibaba.com
URL: https://offer.alibaba.com/cps/rq9rg325?tp1=622b14a4eba1190001dfc543&pid=729_4850616&adid=

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=207525&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13074050_pid616_sub1_sub2134_sub3WaardexSL_nat7_sub4_sub5&pub_sub_id=682200616&pub_sub_sub_id=134&app=id360466413

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=207267&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13005099_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat34_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=210072&pub_id=726&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13070603_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat36_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=164775&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13070357_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat40_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=210089&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13070713_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat42_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&gaid=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&idfa=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&app=id1360098321

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=184925&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13074040_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat44_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&gaid=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&idfa=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&app=id1360098321

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=210088&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13070648_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat47_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1360098321

Domain: 2idol64.mapuravity.com
URL: https://2idol64.mapuravity.com/2idol64?p=42_682200738_738_{sub2}&sid=622b14a4b7186f00018aa0a9&android_id=&android_a_id=&idfa=&app_id=id1360098321&param1=

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=208552&pub_id=646&pub_click_id=NCT_iphone_fr_ofid13069692_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat51_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&gaid=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&idfa=8B0690CC-2C64-47F7-B5D4-CF400A3F7733&app=id1360098321

Domain: ad-experience.g2afse.com
URL: https://ad-experience.g2afse.com/click?pid=2&offer_id=699140&sub1=NCT_iphone_fr_ofid13262870_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat52_sub4_sub5&sub2=682200738_738_{sub2}&sub5=id1360098321

Domain: ad-experience.g2afse.com
URL: https://ad-experience.g2afse.com/click?pid=2&offer_id=689671&sub1=NCT_iphone_fr_ofid13220302_pid616_sub1622b14a575c938000144041b_sub21__sub3ExplorAdsSL_nat5_sub4_sub5&sub2=682200616_1_&sub5=id1453989822

Domain: appricotads.g2afse.com
URL: https://appricotads.g2afse.com/click?pid=251&offer_id=29613&ref_id=NCT_iphone_fr_ofid12711076_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat56_sub4_sub5&sub1=251_4850738&sub2=738_{sub2}&sub6=id1360098321

Domain: brainadv.trckswrm.com
URL: https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&pub_sub_sub_id=682200738_738_{sub2}&idfa=&gaid=&app=id1360098321

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: ad-experience.g2afse.com
URL: http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=699140&sub3=2

Domain: appricotads.g2afse.com
URL: http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850738&sub2=738_{sub2}&sub3=&sub4=&sub5=251&sub6=251_4850738&sub7=738_{sub2}&sub8=29613

Domain: brainadv.g2afse.com
URL: http://brainadv.g2afse.com/sl?id=60e2066c8bff280d95069af4&pid=17&sub1=16.25&sub3=An5299IAAAF_eEin-gAAAAAAAAAZAAAABQ&sub2=id1360098321&sub4=&sub5=&sub8=9gJf7FfkwDoFuRa1X9i__28

Domain: ad-experience.g2afse.com
URL: http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=668436&sub3=2

Domain: appricotads.g2afse.com
URL: http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850738&sub2=738_{sub2}&sub3=&sub4=&sub5=251&sub6=251_4850738&sub7=738_{sub2}&sub8=440373

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: offer.alibaba.com
URL: http://offer.alibaba.com/product/w404

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: zildd.g2afse.com
URL: http://zildd.g2afse.com/disabled.html

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.10reasonsmile.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinity Value: 6ecb3a5b457e8ea5234532db4c793ee1513f327796b20068e525fc9da6c3dde4
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 5XPQFaa4DxE
.youtube.com/	1970-01-20 05:49:02	Name: VISITOR_INFO1_LIVE Value: AO1v3hwWN88
.10reasonsmile.azurewebsites.net/	1970-01-20 19:01:02	Name: _ga Value: GA1.3.219365707.1646990500
.10reasonsmile.azurewebsites.net/	1970-01-20 01:31:16	Name: _gid Value: GA1.3.503885361.1646990500
.10reasonsmile.azurewebsites.net/	1970-01-20 01:29:50	Name: _gat_gtag_UA_143001013_1 Value: 1
ttmma.go2affise.com/	1970-01-20 10:15:26	Name: afoffers Value: {"543704":1646990500}
maxtopmedia.g2afse.com/	1970-01-20 10:15:26	Name: afclick Value: 622b14a4675232000174b5b5
maxtopmedia.g2afse.com/	1970-01-20 10:15:26	Name: afoffers Value: {"41297":1646990500}
.google.com/	1970-01-20 02:13:02	Name: 1P_JAR Value: 2022-03-11-09
ttmma.go2affise.com/	1970-01-20 10:15:26	Name: afclick Value: 622b14a4ed4c040001dc4b40
labmediasolutions.g2afse.com/	1970-01-20 10:15:26	Name: afclick Value: 622b14a404edef0001e5b009
labmediasolutions.g2afse.com/	1970-01-20 10:15:26	Name: afoffers Value: {"73371":1646990500}
.alibaba.com/	1969-12-31 23:59:59	Name: cookie2 Value: a1879b8d4f605fbd83181719dd877f3c
.alibaba.com/	1970-01-23 14:55:48	Name: t Value: 2438ad8a5fd7b125970c49fe4b5bb71b
.alibaba.com/	1969-12-31 23:59:59	Name: _tb_token_ Value: edeeee7e71d65
.google.com/	1970-01-20 05:53:21	Name: NID Value: 511=DLwi3ljbG7U3g2EBGQ0-WS1V2a0aYNgVfHYA9hmopnlQ7JzdVaqntbmEFIKJM3ag9J5zCZGvLA9k6EmvC59ziPzU2XAWb7b3bu0KytdH4HfbKynStjDVGrRpO4B3_w7NLtZbLtJqeHlp8FbpBCJzLweWH_0UUKRuhZXn38xNuTE
ermoza.g2afse.com/	1970-01-20 10:15:26	Name: afclick Value: 622b14a575c938000144041b
ermoza.g2afse.com/	1970-01-20 10:15:26	Name: afoffers Value: {"2171":1646990501}
.gotrackier.com/	1970-01-20 01:29:52	Name: __cf_bm Value: d001edfd475f6b481e2199ffcbdb1ca999edffec-1646990501-0-AfYwnVmuOjjcxP2akf1jU5Ip1HXYlFLpOmdvQUMJcHjZkBh0Vqai+lcz5uVcN8p6RRVQ0mlfJ7671WlAEjyRHTs=
t.9696.me/	1970-01-20 10:15:26	Name: afclick Value: 622b14a6451a820001fd8c42
mookomedia.g2afse.com/	1970-01-20 10:15:26	Name: afclick Value: 622b14a6d590320001bfa0fc
mookomedia.g2afse.com/	1970-01-20 10:15:26	Name: afoffers Value: {"334682":1646990501,"256569":1646990502}

38 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://private.gilgalpush.com/app.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: http://run-syndicate.com/do2/0e22dc540f9d44abb3db44af8b0e3310/dynamic?format=jsonp&count=1&w=1600&h=1200&keywords=Top,Reasons,You,Should,Smile,Every,Day&adtype=label-under&callback=callback_luevt Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://run-syndicate.com/do2/0e22dc540f9d44abb3db44af8b0e3310/dynamic?format=jsonp&count=1&w=1600&h=1200&keywords=Top,Reasons,You,Should,Smile,Every,Day&adtype=label-under&callback=callback_pwjti Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://run-syndicate.com/do2/124d81d798d4451ca900766aa5adb262/dynamic?format=jsonp&count=6&w=1600&h=1200&keywords=Top,Reasons,You,Should,Smile,Every,Day&adtype=label-under&callback=callback_NlarA Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://times25.go2affise.com/click?pid=607&offer_id=150951&sub1=NCT_iphone_fr_ofid10617043_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat30_sub4_sub5&sub2=682200738_738_{sub2}&sub5=id1413942319 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://times25.go2affise.com/click?pid=607&offer_id=112018&sub1=NCT_iphone_fr_ofid12643982_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat32_sub4_sub5&sub2=682200738_738_{sub2}&sub5=id1413942319 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://adcrt.trckswrm.com/click?offer_id=163249&pub_id=9&pub_click_id=NCT_iphone_fr_ofid11437561_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat19_sub4_sub5&pub_sub_id=682200738&pub_sub_sub_id=738_{sub2}&app=id1413942319 Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=a8cdf978-a11c-11ec-93f8-0a8d4c960769 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://direct4.soldbyphonder.com/redirect?aff=4018&saff=ZFB&q=&clickid=a8dbdc28-a11c-11ec-82ba-123e9f22444f Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://trk.whisursand.com/click?affid=25&clickid=622b14a450ec5300014a7bd2&category=01&androidid=&iosidfa= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200738&creativeid=POP&category=01&androidid= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200738&creativeid=POP&category=01&androidid= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://times25.go2affise.com/click?pid=607&offer_id=93556&sub1=NCT_iphone_fr_ofid12622743_pid738_sub1{clickid}_sub2738_{sub2}_sub3Target3SL_nat57_sub4_sub5&sub2=682200738_738_{sub2}&sub5=id1360098321 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 22) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://offer.alibaba.com/product/w404'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://2idol64.mapuravity.com/2idol64?p=42_682200738_738_{sub2}&sid=622b14a4b7186f00018aa0a9&android_id=&android_a_id=&idfa=&app_id=id1360098321&param1= Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 26) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 30) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200738&creativeid=POP&category=01&androidid= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.whisursand.com/click?affid=25&clickid=622b14a4ed4c040001dc4b40&category=01&androidid=&iosidfa= Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 36) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200616&creativeid=POP&category=01&androidid= Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 38) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 44) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 46) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=699140&sub3=2'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://trk.games-to-run123.com/click?affid=47&cmpid=46c3758f65064e16&clickid=NCT_iphone_fr_ofid13267640_pid616_sub1_sub2304_sub3appalgorem_nat6_sub4_sub5&siteid=682200616_304&androidid=91D706A2-8316-4745-9D22-02F49D191A0C&iosidfa=91D706A2-8316-4745-9D22-02F49D191A0C Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 54) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850738&sub2=738_{sub2}&sub3=&sub4=&sub5=251&sub6=251_4850738&sub7=738_{sub2}&sub8=29613'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 50) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://ad-experience.g2afse.com/sl?id=5c9cb536d0348f004454f1b2&pid=1&sub2=668436&sub3=2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 58) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://brainadv.g2afse.com/sl?id=60e2066c8bff280d95069af4&pid=17&sub1=16.25&sub3=An5299IAAAF_eEin-gAAAAAAAAAZAAAABQ&sub2=id1360098321&sub4=&sub5=&sub8=9gJf7FfkwDoFuRa1X9i__28'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 52) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&ref_id=&sub1=251_4850738&sub2=738_{sub2}&sub3=&sub4=&sub5=251&sub6=251_4850738&sub7=738_{sub2}&sub8=440373'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 56) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 60) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 62) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://offer.alibaba.com/product/w404'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 64) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 70) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://zildd.g2afse.com/disabled.html'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_682200616&creativeid=POP&category=01&androidid= Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 88) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 92) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0(Line 100) Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=738&cid={clickid}&sid={pid}_{sub2}&udid={sub3}&name=topreason&info=Target3SL&blockTime=0' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10reasonsmile.azurewebsites.net
2idol64.mapuravity.com
ad-experience.g2afse.com
adcrt.trckswrm.com
adjar.gotrackier.com
advdgt.trckswrm.com
ajax.googleapis.com
appalgo.g2afse.com
apply.trckswrm.com
appricotads.g2afse.com
apps.apple.com
apts.trckswrm.com
brainadv.g2afse.com
brainadv.trckswrm.com
c.allontrk.com
cdn.run-syndicate.com
cdn.runative-syndicate.com
click.appmultiple.net
click.mnmnck.com
cpi-offers.com
direct2.knmasdfsdgs.com
direct4.soldbyphonder.com
ermoza.g2afse.com
fonts.gstatic.com
go2.lkjlkjkljsdflkjsdfklsfjklsd.com
googleads.g.doubleclick.net
i.ytimg.com
ila3.co
impression.appsflyer.com
labmediasolutions.g2afse.com
lambadapp.trckswrm.com
maxtopmedia.g2afse.com
md412.trckswrm.com
mookomedia.g2afse.com
offer.alibaba.com
pixel.runative-syndicate.com
private.gilgalpush.com
run-syndicate.com
static.doubleclick.net
times25.go2affise.com
trk.ad-serving-ads.com
trk.bidrivo.com
trk.games-to-run123.com
trk.whisursand.com
trxrc.com
ttmma.go2affise.com
ucconn.live
ultrapartners.com
waardex.g2afse.com
www.freegames4play.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.unique-private.online
www.youtube.com
yt3.ggpht.com
zainzuri.com
zildd.g2afse.com
2idol64.mapuravity.com
ad-experience.g2afse.com
appricotads.g2afse.com
brainadv.g2afse.com
brainadv.trckswrm.com
c.allontrk.com
direct4.soldbyphonder.com
offer.alibaba.com
private.gilgalpush.com
zildd.g2afse.com
104.111.214.42
104.21.77.201
104.26.1.213
116.202.135.115
116.202.243.43
13.224.195.77
13.67.129.26
136.243.80.153
142.250.181.225
142.250.185.104
142.250.185.195
142.250.185.214
142.250.185.230
142.250.186.100
142.250.186.78
142.250.74.206
162.55.130.248
167.86.121.134
172.217.16.131
172.67.211.95
172.67.37.227
185.33.87.146
188.114.96.7
188.114.97.7
212.32.254.77
213.227.134.196
213.227.134.234
213.227.134.242
213.227.135.213
213.227.135.227
213.227.156.19
216.58.212.162
216.58.212.170
23.227.38.74
3.120.62.32
34.120.248.84
35.244.190.228
5.9.6.124
54.144.26.10
54.88.202.215
65.58.27.249
67.27.159.121
84.110.34.196
0577a8094f692b33f44666d22bc99606adb61d4a3ff87690b2a07f4c27ebe267
0e134e5da29be292d123e718fc5d5d59a028fd901518e58dc435fed2463a56a0
14ad59b59aaa7a620459adbd198a399bf412ba885dfc75ab7c14686ce851f0ab
155444405fb19dc6af2cd7cd0e9ce83998ab6d9f984345c6bea0154b57aade7d
164bd4dedb19e1ea61c4ff9885ce554323a4db4bd860fff68c27dcb6c0b3919e
1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6
21ab6d6fa46ff680fd085759131e1f2024d4aec490811700130c41bcb37542ae
2476db472bf1df970adab62d57f3a0b552319b91459a39a728b10130ed10c817
24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
306c6d5ab9f0e945797a29d75fd1a94ab1cf1a6d1b8721939136c42899e13373
3915a438fffb3acbaade25f7b5e9d3f76589dbc02048463b3fbfeb8c4e7955a1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
55099c5b266b70c579a81343e5b6b8c77c4009ea5b898544318834a148f19f4e
653b2325d22c32a353ca70c93bc56b618a4af7a2294790bd639527ad0d3632ba
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6fd30626abacfeffd447ef79eeb16b088f9505760dce580ab7f0f6f153b2a7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f5d67ed0c1a12e71525030a07e2ec48334b3284392fd07af6de31dd44ffe56c
70ad19a16f75d9bd6720db77ebbd21a8a97aad621eca7b823f154162ce9113fd
7d77a681b81f2162cc11245da496c9369db1cf69d36f77ec0da69bfce4d05ff0
8295526e8db3feff122caa2e4b6824208e8782c8cce34c90ddee3d6c925d67de
83fdd1a4d845a805ca1f35f55e3ebdb6197a1d6403e49e48915a3a7a09e8a892
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
9005ecc6931dc356a697fb50a62cf33c823c2a2d57c0d426e835a4d87b0ffa36
9f8560b75d553050b3c7a65a741a8791b16a2e6e329b3e0d65a4fa9985f79daf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a915d483b99af421f4813e6b60599b4e39faff120e54b5e9838386d4ae1a4c60
b2880bb2c93cb19dd7a3be8482c1ca5ac89df578c17858937b2589c70c546286
b38e95c8a450f66da3f6ddadc1c8927d4af9296a40cec233f38bcd9d2d22ac24
bf5f39432e2358863ccaa9a00ea78553e41eb194b3ee16a299716bbc753693a6
cfa5028218f5b74e6820c3faa8fd932b255544a764f692d83cf0ea3829429be2
d4aaf0a43e3a8172c956a18ee8381ef49d90acd4b6c00900cc0e7b6bc8704d14
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9e0b79a0def9421c2976d45af2c7487e8cb8168a1b34f63fcbb7a156aac404c
df6048f6206447db7177cb718878f7565c3dffcec19fd752d1c7b9f3a3568333
e0df0be14cf5b41f26dc1042d167519854448ab37e9725d0e1039687b1cad370
e2a7b23149955178712e1ec9de2a27a27fae9a6d97f4420b98c1123d53fce49a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44db228ac747196dd66ddf123625cb0db9d06815785a5a05129c8ecf2213b2e
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f3aab753eb89f507c9bc9b2ff996f4911739958eb2d956bb9139c3b49ece6f01
f6ccf2bcbaf8544a369545bccdd49d25522e4a1645e9bdd66bec955ba3f25f26
fe624d2142439c0a2e6d8f06598dd7dbee4ff189665a8a1f06ed716ca5d8fd05

10reasonsmile.azurewebsites.net Open in urlscan Pro 13.67.129.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

139 Requests

27 %HTTPS

0 %IPv6

39 Domains

59 Subdomains

30 IPs

7 Countries

2205 kBTransfer

4448 kBSize

23 Cookies

6 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

10reasonsmile.azurewebsites.net Open in urlscan Pro
13.67.129.26 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

27 %
HTTPS

0 %
IPv6

39
Domains

59
Subdomains

30
IPs

7
Countries

2205 kB
Transfer

4448 kB
Size

23
Cookies

139 HTTP transactions
1 data transactions