cpi-offers.com Open in urlscan Pro
35.157.81.48 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cpi-offers.com/fantastic.html
Submission: On October 11 via manual (October 11th 2021, 8:57:04 pm UTC) from US — Scanned from DE

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 22 domains to perform 45 HTTP transactions. The main IP is 35.157.81.48, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com.
TLS certificate: Issued by Amazon on November 25th 2020. Valid for: a year.

This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10 11	35.157.81.48 35.157.81.48	16509 (AMAZON-02) (AMAZON-02)
3 3	2606:4700:303... 2606:4700:3036::ac43:a5e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13 13	213.227.156.13 213.227.156.13	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 7	168.119.211.149 168.119.211.149	24940 (HETZNER-AS) (HETZNER-AS)
1 1	172.67.144.227 172.67.144.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	185.33.87.146 185.33.87.146	202015 (HZ-US-AS) (HZ-US-AS)
4 4	213.227.134.236 213.227.134.236	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 3	213.227.135.209 213.227.135.209	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
7 9	5.9.6.203 5.9.6.203	24940 (HETZNER-AS) (HETZNER-AS)
7 7	35.244.148.94 35.244.148.94	15169 (GOOGLE) (GOOGLE)
7 14	35.244.209.32 35.244.209.32	15169 (GOOGLE) (GOOGLE)
1	35.244.190.228 35.244.190.228	15169 (GOOGLE) (GOOGLE)
1 1	213.227.135.235 213.227.135.235	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.227.134.196 213.227.134.196	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.227.156.19 213.227.156.19	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	2606:4700:303... 2606:4700:3036::6815:1aea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:d94e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.210.173.107 3.210.173.107	14618 (AMAZON-AES) (AMAZON-AES)
1 1	213.227.156.233 213.227.156.233	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	35.241.13.125 35.241.13.125	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3033::6815:323a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.203.144.110 52.203.144.110	14618 (AMAZON-AES) (AMAZON-AES)
45	12

11 35.157.81.48 (Frankfurt am Main, Germany) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-81-48.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::ac43:a5e2 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

track.gowithads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 213.227.156.13 (Netherlands) 13 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

biggerpicture.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.xtraperfnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 168.119.211.149 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.149.211.119.168.clients.your-server.de

armr.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
advdgt.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.144.227 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lucazepa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.87.146 (Ashburn, United States)

ASN202015 (HZ-US-AS, BG)

direct2.knmasdfsdgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.227.134.236 (Netherlands) 4 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

media.appm.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.135.209 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

go2.enjoycpi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ttmma.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 5.9.6.203 (Germany) 7 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.203.6.9.5.clients.your-server.de

apts.trckswrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.244.148.94 (Kansas City, United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: 94.148.244.35.bc.googleusercontent.com

fkan.oakmastering.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 35.244.209.32 (Kansas City, United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: 32.209.244.35.bc.googleusercontent.com

fd.allsaintsyrt.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.190.228 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 228.190.244.35.bc.googleusercontent.com

click.appmultiple.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.135.235 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appscogent.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.134.196 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

adsperfection.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.156.19 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

appad.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:1aea (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

topictraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:d94e (United States)

ASN13335 (CLOUDFLARENET, US)

trk72.zperform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.210.173.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-173-107.compute-1.amazonaws.com

trk.ad-serving-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.156.233 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

nexamob.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.13.125 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 125.13.241.35.bc.googleusercontent.com

click.kanmobi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:323a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

track.toptradingspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.144.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-144-110.compute-1.amazonaws.com

trk.whisursand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	trckswrm.com 8 redirects armr.trckswrm.com apts.trckswrm.com advdgt.trckswrm.com brainadv.trckswrm.com Failed aptrt.trckswrm.com Failed	4 KB
15	g2afse.com 15 redirects biggerpicture.g2afse.com appscogent.g2afse.com mookomedia.g2afse.com Failed imagineads.g2afse.com Failed appad.g2afse.com apply.g2afse.com Failed nexamob.g2afse.com firearc.g2afse.com Failed	3 KB
14	allsaintsyrt.club 7 redirects fd.allsaintsyrt.club	2 KB
11	cpi-offers.com 10 redirects cpi-offers.com	5 KB
7	oakmastering.site 7 redirects fkan.oakmastering.site	2 KB
4	appm.app 4 redirects media.appm.app	955 B
3	go2affise.com 3 redirects adsperfection.go2affise.com ttmma.go2affise.com	611 B
3	gowithads.com 3 redirects track.gowithads.com	2 KB
2	kanmobi.net click.kanmobi.net	268 B
2	ad-serving-ads.com trk.ad-serving-ads.com
1	whisursand.com trk.whisursand.com
1	toptradingspot.com 1 redirects track.toptradingspot.com	287 B
1	zperform.com trk72.zperform.com
1	topictraff.com 1 redirects topictraff.com	670 B
1	xtraperfnow.com 1 redirects go.xtraperfnow.com	125 B
1	appmultiple.net click.appmultiple.net	171 B
1	enjoycpi.com go2.enjoycpi.com Failed	159 B
1	knmasdfsdgs.com direct2.knmasdfsdgs.com	138 B
1	google.com www.google.com
1	lucazepa.com 1 redirects lucazepa.com	553 B
0	mnmnck.com Failed click.mnmnck.com Failed
0	allontrk.com Failed c.allontrk.com Failed
45	22

	Domain	Requested by
14	fd.allsaintsyrt.club	7 redirects cpi-offers.com
12	biggerpicture.g2afse.com	12 redirects
11	cpi-offers.com	10 redirects
9	apts.trckswrm.com	7 redirects cpi-offers.com
7	fkan.oakmastering.site	7 redirects
6	armr.trckswrm.com	cpi-offers.com
4	media.appm.app	4 redirects
3	track.gowithads.com	3 redirects
2	ttmma.go2affise.com	2 redirects
2	click.kanmobi.net	cpi-offers.com
2	trk.ad-serving-ads.com	cpi-offers.com
1	trk.whisursand.com	cpi-offers.com
1	track.toptradingspot.com	1 redirects
1	nexamob.g2afse.com	1 redirects
1	advdgt.trckswrm.com	1 redirects
1	trk72.zperform.com	cpi-offers.com
1	topictraff.com	1 redirects
1	go.xtraperfnow.com	1 redirects
1	appad.g2afse.com	1 redirects
1	adsperfection.go2affise.com	1 redirects
1	appscogent.g2afse.com	1 redirects
1	click.appmultiple.net	cpi-offers.com
1	go2.enjoycpi.com	cpi-offers.com
1	direct2.knmasdfsdgs.com	cpi-offers.com
1	www.google.com	cpi-offers.com
1	lucazepa.com	1 redirects
0	firearc.g2afse.com Failed	cpi-offers.com
0	aptrt.trckswrm.com Failed	cpi-offers.com
0	brainadv.trckswrm.com Failed	cpi-offers.com
0	apply.g2afse.com Failed	cpi-offers.com
0	imagineads.g2afse.com Failed	cpi-offers.com
0	click.mnmnck.com Failed	cpi-offers.com
0	mookomedia.g2afse.com Failed	cpi-offers.com
0	c.allontrk.com Failed	cpi-offers.com
45	34

This site contains no links.

Subject Issuer	Validity	Valid
cpi-offers.com Amazon	`2020-11-25` - `2021-12-24`	a year	crt.sh
armr.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2021-10-01` - `2021-12-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.knmasdfsdgs.com Go Daddy Secure Certificate Authority - G2	`2021-07-14` - `2022-08-15`	a year	crt.sh
mm.ellafitzgeraldsayt.club Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-03-24`	2 years	crt.sh
click.appmultiple.net GTS CA 1D4	`2021-08-27` - `2021-11-25`	3 months	crt.sh
apts.trckswrm.com ZeroSSL RSA Domain Secure Site CA	`2021-10-01` - `2021-12-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
trk.games-to-run123.com Amazon	`2021-10-07` - `2022-11-04`	a year	crt.sh
*.kanmobi.net R3	`2021-09-26` - `2021-12-25`	3 months	crt.sh
trk.antaituced.com Amazon	`2020-11-26` - `2021-12-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cpi-offers.com/fantastic.html
Frame ID: E5ED814C25F8A6A01A286BE4B8AFDE1C
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

45
Requests

56 %
HTTPS

22 %
IPv6

22
Domains

34
Subdomains

12
IPs

3
Countries

5 kB
Transfer

11 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://track.gowithads.com/click?pid=141&offer_id=2291470&sub1=NCT_iphone_de_ofid12660432_pidundefined_sub1,_sub2,_sub3,_nat1_sub4_sub5&sub2=228230undefined_,&sub4=id339532909 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=&sid=141&udid=&name=&info=GOWMsl&blockTime=0 HTTP 302
https://biggerpicture.g2afse.com/click?pid=52&offer_id=280140&sub5=NCT_iphone_de_ofid12647258_pid616_sub1_sub2141_sub3GOWMsl_nat36_sub4_sub5&sub1=228230616_141&sub3=id311785642 HTTP 302
https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 HTTP 302
https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154

Request Chain 1

https://lucazepa.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
https://www.google.com/

Request Chain 4

https://track.gowithads.com/click?pid=141&offer_id=2241427&sub1=NCT_iphone_de_ofid12225176_pidundefined_sub1,_sub2,_sub3,_nat5_sub4_sub5&sub2=228230undefined_,&sub4=id339532909 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=&sid=141&udid=&name=&info=GOWMsl&blockTime=0 HTTP 302
https://media.appm.app/click?pid=263&offer_id=76520&sub1=NCT_iphone_de_ofid12654242_pid616_sub1_sub2141_sub3GOWMsl_nat7_sub4_sub5&sub2=228230616&sub3=id393048976&sub4=141&sub5=D19CE44F-88D2-40EA-968D-9C34A1DA2C18&sub6=id393048976 HTTP 302
https://media.appm.app/sl?id=5c13c0a659b8ac00406bd7d4&pid=6&sub1=NCT_iphone_de_ofid12654242_pid616_sub1_sub2141_sub3GOWMsl_nat7_sub4_sub5&sub2=263_228230616&sub3=id393048976&sub5=D19CE44F-88D2-40EA-968D-9C34A1DA2C18 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=938&cid=6164a502b013ce0001c42b7a&sid=6&udid=&name=&info=appmarketppre&blockTime=0 HTTP 302
https://go2.enjoycpi.com/click?pid=616&offer_id=4141322&sub1=6164a502b013ce0001c42b7a&sub2=6&sub3=appmarketppre_nat4&sub4=318DF0A0-9EB8-4122-8892-B9A85F170B80&sub5=id487946174&sub6=228230 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://apts.trckswrm.com/click?offer_id=227839&pub_id=9&pub_click_id=NCT_iphone_de_ofid11781659_pid616_sub1_sub2_sub3TbLabq_nat20_sub4_sub5&pub_sub_id=228230616&pub_sub_sub_id=&app=id1197354394 HTTP 302
https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=82_9&pducid=AjNtR1IAAAF8cSSQsQADef8AAAAJAAAAAA&pddo=id1197354394&pdumid=&pssc2=82_9 HTTP 302
https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 HTTP 302
https://fd.allsaintsyrt.club/healthCheck?pisc1=286

Request Chain 6

https://biggerpicture.g2afse.com/click?pid=52&offer_id=275192&sub5=NCT_iphone_de_ofid12643258_pidundefined_sub1,_sub2,_sub3,_nat7_sub4_sub5&sub1=228230undefined_,&sub3=id339532909&sub4=41F87CC9-D379-402A-A90D-0E6953A77285 HTTP 302
https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 HTTP 302
https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154

Request Chain 8

https://appscogent.g2afse.com/click?pid=27&offer_id=535735&sub1=NCT_iphone_de_ofid12617766_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&sub2=228230undefined_,&sub5=id339532909 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1011&cid=&sid=27_228230undefined_,&udid=&name=&info=AppscogentSL&blockTime=0 HTTP 302
https://apts.trckswrm.com/click?offer_id=196103&pub_id=9&pub_click_id=NCT_iphone_de_ofid12635517_pid616_sub1_sub227_228230undefined_,_sub3AppscogentSL_nat19_sub4_sub5&pub_sub_id=228230616&pub_sub_sub_id=27_228230undefined_,&app=id1452992954 HTTP 302
https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=82_9&pducid=AmbW3_0AAAF8cSSOzQAC_gcAAAAJAAAAAA&pddo=id1452992954&pdumid=&pssc2=82_9 HTTP 302
https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 HTTP 302
https://fd.allsaintsyrt.club/healthCheck?pisc1=286

Request Chain 9

https://adsperfection.go2affise.com/click?pid=691&offer_id=218361&ref_id=NCT_iphone_de_ofid10863739_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&sub1=228230undefined_,&sub3=id339532909&sub5=id339532909 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0 HTTP 302
https://apts.trckswrm.com/click?offer_id=196103&pub_id=10&pub_click_id=NCT_iphone_de_ofid12635592_pid616_sub1,_sub2,_sub3adsperfectionppre_nat19_sub4_sub5&pub_sub_id=228230616&pub_sub_sub_id=,&app=id1389111413 HTTP 302
https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=101_10&pducid=AhlQf8AAAAF8cSSO1AAC_gcAAAAKAAAAAA&pddo=id1389111413&pdumid=&pssc2=101_10 HTTP 302
https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 HTTP 302
https://fd.allsaintsyrt.club/healthCheck?pisc1=286

Request Chain 10

https://track.gowithads.com/click?pid=141&offer_id=2200168&sub1=NCT_iphone_de_ofid11988219_pidundefined_sub1,_sub2,_sub3,_nat11_sub4_sub5&sub2=228230undefined_,&sub4=id339532909 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=&sid=141&udid=&name=&info=GOWMsl&blockTime=0 HTTP 302
https://biggerpicture.g2afse.com/click?pid=52&offer_id=256756&sub5=NCT_iphone_de_ofid12240463_pid616_sub1_sub2141_sub3GOWMsl_nat15_sub4_sub5&sub1=228230616_141&sub3=id1119322983 HTTP 302
https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 HTTP 302
https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154

Request Chain 14

https://biggerpicture.g2afse.com/click?pid=52&offer_id=242884&sub5=NCT_iphone_de_ofid12114288_pidundefined_sub1,_sub2,_sub3,_nat15_sub4_sub5&sub1=228230undefined_,&sub3=id339532909 HTTP 302
https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 HTTP 302
https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154

Request Chain 15

https://biggerpicture.g2afse.com/click?pid=52&offer_id=280189&sub5=NCT_iphone_de_ofid12647324_pidundefined_sub1,_sub2,_sub3,_nat16_sub4_sub5&sub1=228230undefined_,&sub3=id339532909 HTTP 302
https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 HTTP 302
https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154

Request Chain 16

https://imagineads.g2afse.com/click?pid=38&offer_id=4828&sub1=NCT_iphone_de_ofid12426113_pidundefined_sub1,_sub2,_sub3,_nat17_sub4_sub5&sub2=228230undefined_,&sub4=id339532909&sub5=id339532909 HTTP 302
https://imagineads.g2afse.com/click?pid=11&offer_id=2287

Request Chain 17

https://apts.trckswrm.com/click?offer_id=531171&pub_id=9&pub_click_id=NCT_iphone_de_ofid12636066_pidundefined_sub1,_sub2,_sub3,_nat18_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id339532909 HTTP 302
https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=82_9&pducid=AhspfQUAAAF8cSSOpwAIGuMAAAAJAAAAAA&pddo=id339532909&pdumid=&pssc2=82_9 HTTP 302
https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 HTTP 302
https://fd.allsaintsyrt.club/healthCheck?pisc1=286

Request Chain 18

https://appad.g2afse.com/click?pid=33&offer_id=144400&sub1=NCT_iphone_de_ofid12635550_pidundefined_sub1,_sub2,_sub3,_nat19_sub4_sub5&sub2=228230undefined_,&sub7=id339532909 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=947&cid=&sid=33&udid=&name=&info=appadppre&blockTime=0 HTTP 302
https://apts.trckswrm.com/click?offer_id=536901&pub_id=55&pub_click_id=NCT_iphone_de_ofid12654166_pid616_sub1_sub233_sub3appadppre_nat27_sub4_sub5&pub_sub_id=228230616&pub_sub_sub_id=33&app=id1504499700

Request Chain 19

https://go.xtraperfnow.com/click?pid=321&offer_id=387617&sub1=NCT_iphone_de_ofid9462941_pidundefined_sub1,_sub2,_sub3,_nat20_sub4_sub5&sub2=228230undefined_,&sub5=id339532909 HTTP 302
https://topictraff.com/l/270202009bbc91917c37?source=321_228230undefined_, HTTP 302
https://trk72.zperform.com/l/270202009bbc91917c37.js?source=321_228230undefined_,

Request Chain 21

https://advdgt.trckswrm.com/click?offer_id=94429&pub_id=7&pub_click_id=NCT_iphone_de_ofid12665960_pidundefined_sub1,_sub2,_sub3,_nat22_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id339532909 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_228230undefined&creativeid=POP&category=01

Request Chain 22

https://nexamob.g2afse.com/click?pid=15&offer_id=185015&sub1=NCT_iphone_de_ofid12614457_pidundefined_sub1,_sub2,_sub3,_nat23_sub4_sub5&sub2=228230undefined_,&sub3=id339532909&sub5=id339532909 HTTP 302
https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01

Request Chain 24

https://apts.trckswrm.com/click?offer_id=143436&pub_id=10&pub_click_id=NCT_iphone_de_ofid11079432_pidundefined_sub1,_sub2,_sub3,_nat25_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id339532909 HTTP 302
https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=82_10&pducid=AjR7CfkAAAF8cSSOpwACMEwAAAAKAAAAAA&pddo=id339532909&pdumid=&pssc2=82_10 HTTP 302
https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 HTTP 302
https://fd.allsaintsyrt.club/healthCheck?pisc1=286

Request Chain 25

https://biggerpicture.g2afse.com/click?pid=52&offer_id=272056&sub5=NCT_iphone_de_ofid12627517_pidundefined_sub1,_sub2,_sub3,_nat26_sub4_sub5&sub1=228230undefined_,&sub3=id339532909 HTTP 302
https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 HTTP 302
https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154

Request Chain 26

https://apts.trckswrm.com/click?offer_id=490371&pub_id=9&pub_click_id=NCT_iphone_de_ofid12488836_pidundefined_sub1,_sub2,_sub3,_nat27_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id339532909 HTTP 302
https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=82_9&pducid=AuPUtskAAAF8cSSOqAAHe4MAAAAJAAAAAA&pddo=id339532909&pdumid=&pssc2=82_9 HTTP 302
https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 HTTP 302
https://fd.allsaintsyrt.club/healthCheck?pisc1=286

Request Chain 28

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1653346&sub1=NCT_iphone_de_ofid12643397_pidundefined_sub1,_sub2,_sub3,_nat29_sub4_sub5&sub2=228230undefined_,&sub5=id339532909 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://brainadv.g2afse.com/click?pid=3&offer_id=496699&sub3=NCT_iphone_de_ofid11587523_pid616_sub1_sub22_sub3ElishaSL_nat39_sub4_sub5&sub1=228230616_2&sub2=id1413942319&sub4=3BB19E78-BB51-49BB-87B5-2CDE4216182D&sub5=3BB19E78-BB51-49BB-87B5-2CDE4216182D HTTP 302
https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&idfa=3BB19E78-BB51-49BB-87B5-2CDE4216182D&gaid=3BB19E78-BB51-49BB-87B5-2CDE4216182D&app=id1413942319

Request Chain 29

https://apts.trckswrm.com/click?offer_id=310085&pub_id=9&pub_click_id=NCT_iphone_de_ofid11686620_pidundefined_sub1,_sub2,_sub3,_nat30_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id339532909 HTTP 302
https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=82_9&pducid=Av0DVV0AAAF8cSSOqAAEu0UAAAAJAAAAAA&pddo=id339532909&pdumid=&pssc2=82_9 HTTP 302
https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 HTTP 302
https://fd.allsaintsyrt.club/healthCheck?pisc1=286

Request Chain 33

https://track.toptradingspot.com/click?pid=134&offer_id=45586&offer_id=5350&sub1=NCT_iphone_de_ofid12511519_pidundefined_sub1,_sub2,_sub3,_nat34_sub4_sub5&sub2=228230undefined_,&sub3=41F87CC9-D379-402A-A90D-0E6953A77285&sub4=id339532909&sub5=id339532909 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=931&cid=&sid=134&udid=&name=&info=WaardexSL&blockTime=0 HTTP 302
https://media.appm.app/click?pid=206&offer_id=76519&sub1=NCT_iphone_de_ofid12653909_pid616_sub1_sub2134_sub3WaardexSL_nat8_sub4_sub5&sub2=228230616&sub3=id1483008483&sub4=134 HTTP 302
https://media.appm.app/sl?id=5c13c0a659b8ac00406bd7d4&pid=6&sub1=NCT_iphone_de_ofid12653909_pid616_sub1_sub2134_sub3WaardexSL_nat8_sub4_sub5&sub2=206_228230616&sub3=id1483008483&sub5= HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=938&cid=6164a501494a0200019b6cc4&sid=6&udid=&name=&info=appmarketppre&blockTime=0 HTTP 302
https://click.kanmobi.net/tracking/click?clickid=NCT_iphone_de_ofid10954911_pid616_sub16164a501494a0200019b6cc4_sub26_sub3appmarketppre_nat31_sub4_sub5&trafficsource=1373697408&offerid=434223445108954882&sub_placement=id605569663&pub_subid=228230616_6

Request Chain 34

https://track.toptradingspot.com/click?pid=134&offer_id=45991&offer_id=5350&sub1=NCT_iphone_de_ofid12564733_pidundefined_sub1,_sub2,_sub3,_nat35_sub4_sub5&sub2=228230undefined_,&sub4=id339532909&sub5=id339532909 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=931&cid=&sid=134&udid=&name=&info=WaardexSL&blockTime=0 HTTP 302
https://aptrt.trckswrm.com/click?offer_id=7316&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid10284885_pid616_sub1_sub2134_sub3WaardexSL_nat40_sub4_sub5&pub_sub_id=228230616&pub_sub_sub_id=134&idfa=43BBBC11-B6BD-4EFB-91A8-BE00A0361984&gaid=43BBBC11-B6BD-4EFB-91A8-BE00A0361984&app=id1503028915

Request Chain 35

https://ttmma.go2affise.com/click?pid=21&offer_id=518429&sub1=NCT_iphone_de_ofid12210194_pidundefined_sub1,_sub2,_sub3,_nat36_sub4_sub5&sub2=228230undefined_,&sub5=id339532909 HTTP 302
https://ttmma.go2affise.com/click?pid=314&offer_id=521871&sub1=&sub2=21 HTTP 302
https://trk.whisursand.com/click?affid=25&clickid=6164a501e5e81c000176c473&category=01&androidid=&iosidfa=

Request Chain 39

https://mookomedia.g2afse.com/click?pid=42&offer_id=225682&sub1=NCT_iphone_de_ofid12393823_pidundefined_sub1,_sub2,_sub3,_nat40_sub4_sub5&sub4=228230undefined_,&sub3=41F87CC9-D379-402A-A90D-0E6953A77285&sub2=41F87CC9-D379-402A-A90D-0E6953A77285&sub5=id339532909 HTTP 302
https://allmarketing.g2afse.com/click?pid=779&offer_id=4632190&sub1=6164a501116f52000163fe12&sub2=42_228230undefined_,&sub3=41F87CC9-D379-402A-A90D-0E6953A77285_41F87CC9-D379-402A-A90D-0E6953A77285&sub4=id339532909 HTTP 302
https://firearc.g2afse.com/click?pid=409&offer_id=14021630&sub1=6164a5027bc06f0001383792&sub2=779

Request Chain 40

https://go2.enjoycpi.com/click?pid=undefined&offer_id=4141322&sub1=,&sub2=,&sub3=,_nat4&sub4=41F87CC9-D379-402A-A90D-0E6953A77285&sub5=id339532909&sub6=228230 HTTP 0
http://go2.enjoycpi.com/disabled.html

Request Chain 41

https://c.allontrk.com/click?offer_id=159676&pub_id=646&pub_click_id=NCT_iphone_de_ofid12646052_pidundefined_sub1,_sub2,_sub3,_nat8_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&gaid=41F87CC9-D379-402A-A90D-0E6953A77285&idfa=41F87CC9-D379-402A-A90D-0E6953A77285&app=id339532909 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 42

https://c.allontrk.com/click?offer_id=158713&pub_id=646&pub_click_id=NCT_iphone_de_ofid12633790_pidundefined_sub1,_sub2,_sub3,_nat12_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id339532909 HTTP 0
http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Request Chain 43

https://mookomedia.g2afse.com/click?pid=42&offer_id=205494&sub1=NCT_iphone_de_ofid11976009_pidundefined_sub1,_sub2,_sub3,_nat13_sub4_sub5&sub4=228230undefined_,&sub3=41F87CC9-D379-402A-A90D-0E6953A77285&sub2=41F87CC9-D379-402A-A90D-0E6953A77285&sub5=id339532909 HTTP 0
http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106

45 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request fantastic.html Show response cpi-offers.com/	10 KB 2 KB	33ms 10ms	Document text/html	35.157.81.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.81.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-81-48.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `c8ca9461372573dbb65b417f50e39b89b3411e41df6c70dcab2665e1e873500e` Request headers :method GET :authority cpi-offers.com :scheme https :path /fantastic.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Mon, 11 Oct 2021 20:56:33 GMT content-type text/html; charset=utf-8 server nginx/1.14.1 x-powered-by Express access-control-allow-origin * etag W/"2681-RbeAIEDjSnwSid+lX8hxIaIdDDI" vary Accept-Encoding content-encoding gzip
GET H/1.1	200 OK	recommendation armr.trckswrm.com/ Redirect Chain https://track.gowithads.com/click?pid=141&offer_id=2291470&sub1=NCT_iphone_de_ofid12660432_pidundefined_sub1,_sub2,_sub3,_nat1_sub4_sub5&sub2=228230undefined_,&sub4=id339532909 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=&sid=141&udid=&name=&info=GOWMsl&blockTime=0 https://biggerpicture.g2afse.com/click?pid=52&offer_id=280140&sub5=NCT_iphone_de_ofid12647258_pid616_sub1_sub2141_sub3GOWMsl_nat36_sub4_sub5&sub1=228230616_141&sub3=id311785642 https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154	211 B 288 B	2ms 2ms	Stylesheet text/html	168.119.211.149 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 168.119.211.149 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.149.211.119.168.clients.your-server.de Software / Resource Hash `516e05f03f60c82de48ddc4d50994d4368e8a086444153d3d7776d7957299323` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:34 GMT content-length 211 Redirect headers location https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 date Mon, 11 Oct 2021 20:56:34 GMT server nginx access-control-allow-origin * content-length 0
GET H2	200	/ www.google.com/ Redirect Chain https://lucazepa.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D https://www.google.com/	0 0	100ms 79ms	Stylesheet text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Redirect headers date Mon, 11 Oct 2021 20:56:33 GMT referrer-policy origin cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tf2Y2CoOgcBCeDZfVMCrk5U5haFl3WjQtschZpswnX5ZG%2FtH8pLFXAi6cjHmZqm0QuE6cJpJbVe30J5ityxww5Brw6mDQ0YrBXX7AVpj1tjsO07yUE%2BfbEjA2vxxAKY%3D"}],"group":"cf-nel","max_age":604800} location https://www.google.com cf-ray 69cafeeabd1764a3-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 0
GET H/1.1	204 No Content	redirect direct2.knmasdfsdgs.com/	0 138 B	355ms 106ms	Stylesheet text/html	185.33.87.146 HZ-US-AS
General Check archive.org Show headers Download Go to Full URL https://direct2.knmasdfsdgs.com/redirect?aff=10010&saff=228230undefined&q= Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.33.87.146 Ashburn, United States, ASN202015 (HZ-US-AS, BG), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 11 Oct 2021 20:56:33 GMT Server nginx Connection close Content-Type text/html; charset=utf-8
GET		click go2.enjoycpi.com/	0 0

GET H2	200	healthCheck fd.allsaintsyrt.club/ Redirect Chain https://track.gowithads.com/click?pid=141&offer_id=2241427&sub1=NCT_iphone_de_ofid12225176_pidundefined_sub1,_sub2,_sub3,_nat5_sub4_sub5&sub2=228230undefined_,&sub4=id339532909 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=&sid=141&udid=&name=&info=GOWMsl&blockTime=0 https://media.appm.app/click?pid=263&offer_id=76520&sub1=NCT_iphone_de_ofid12654242_pid616_sub1_sub2141_sub3GOWMsl_nat7_sub4_sub5&sub2=228230616&sub3=id393048976&sub4=141&sub5=D19CE44F-88D2-40EA-96... https://media.appm.app/sl?id=5c13c0a659b8ac00406bd7d4&pid=6&sub1=NCT_iphone_de_ofid12654242_pid616_sub1_sub2141_sub3GOWMsl_nat7_sub4_sub5&sub2=263_228230616&sub3=id393048976&sub5=D19CE44F-88D2-40EA... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=938&cid=6164a502b013ce0001c42b7a&sid=6&udid=&name=&info=appmarketppre&blockTime=0 https://go2.enjoycpi.com/click?pid=616&offer_id=4141322&sub1=6164a502b013ce0001c42b7a&sub2=6&sub3=appmarketppre_nat4&sub4=318DF0A0-9EB8-4122-8892-B9A85F170B80&sub5=id487946174&sub6=228230 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://apts.trckswrm.com/click?offer_id=227839&pub_id=9&pub_click_id=NCT_iphone_de_ofid11781659_pid616_sub1_sub2_sub3TbLabq_nat20_sub4_sub5&pub_sub_id=228230616&pub_sub_sub_id=&app=id1197354394 https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=82_9&pducid=AjNtR1IAAAF8cSSQsQADef8AAAAJAAAAAA&pddo=id1197354394&pdumid=&pssc2=82_9 https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 https://fd.allsaintsyrt.club/healthCheck?pisc1=286	1 B 59 B	165ms 165ms	Stylesheet text/plain	35.244.209.32 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd.allsaintsyrt.club/healthCheck?pisc1=286 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.209.32 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 32.209.244.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash `6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:34 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 1 content-type text/plain; charset=utf-8 Redirect headers access-control-allow-origin * date Mon, 11 Oct 2021 20:56:34 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 0 location https://fd.allsaintsyrt.club/healthCheck?pisc1=286
GET H2	200	click click.appmultiple.net/tracking/	38 B 171 B	52ms 20ms	Stylesheet text/html	35.244.190.228 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://click.appmultiple.net/tracking/click?clickid=NCT_iphone_de_ofid10533067_pidundefined_sub1,_sub2,_sub3,_nat6_sub4_sub5&trafficsource=1373696474&offerid=433416832265475490&pub_subid=228230undefined&sub_placement=id339532909_, Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.190.228 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 228.190.244.35.bc.googleusercontent.com Software / Express Resource Hash `52f9fdd3c4077c13e78ac5453347a79f5c2f18a5fec199a36052d19946d6e61c` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:33 GMT via 1.1 google alt-svc clear x-powered-by Express etag W/"26-1e24f617" content-length 38 content-type text/html; charset=utf-8
GET H/1.1	200 OK	recommendation armr.trckswrm.com/ Redirect Chain https://biggerpicture.g2afse.com/click?pid=52&offer_id=275192&sub5=NCT_iphone_de_ofid12643258_pidundefined_sub1,_sub2,_sub3,_nat7_sub4_sub5&sub1=228230undefined_,&sub3=id339532909&sub4=41F87CC9-D37... https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154	211 B 288 B	13ms 3ms	Stylesheet text/html	168.119.211.149 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 168.119.211.149 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.149.211.119.168.clients.your-server.de Software / Resource Hash `b929aaa79cfbf6ca58f41dde805eeb6c34f63bd1a9dd360299e72409f8d77ddb` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:33 GMT content-length 211 Redirect headers location https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 date Mon, 11 Oct 2021 20:56:33 GMT server nginx access-control-allow-origin * content-length 0
GET		click c.allontrk.com/	0 0

GET H2	200	healthCheck fd.allsaintsyrt.club/ Redirect Chain https://appscogent.g2afse.com/click?pid=27&offer_id=535735&sub1=NCT_iphone_de_ofid12617766_pidundefined_sub1,_sub2,_sub3,_nat9_sub4_sub5&sub2=228230undefined_,&sub5=id339532909 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=1011&cid=&sid=27_228230undefined_,&udid=&name=&info=AppscogentSL&blockTime=0 https://apts.trckswrm.com/click?offer_id=196103&pub_id=9&pub_click_id=NCT_iphone_de_ofid12635517_pid616_sub1_sub227_228230undefined_,_sub3AppscogentSL_nat19_sub4_sub5&pub_sub_id=228230616&pub_sub_s... https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=82_9&pducid=AmbW3_0AAAF8cSSOzQAC_gcAAAAJAAAAAA&pddo=id1452992954&pdumid=&pssc2=82_9 https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 https://fd.allsaintsyrt.club/healthCheck?pisc1=286	1 B 59 B	334ms 334ms	Stylesheet text/plain	35.244.209.32 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd.allsaintsyrt.club/healthCheck?pisc1=286 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.209.32 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 32.209.244.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash `6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:34 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 1 content-type text/plain; charset=utf-8 Redirect headers access-control-allow-origin * date Mon, 11 Oct 2021 20:56:34 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 0 location https://fd.allsaintsyrt.club/healthCheck?pisc1=286
GET H2	200	healthCheck fd.allsaintsyrt.club/ Redirect Chain https://adsperfection.go2affise.com/click?pid=691&offer_id=218361&ref_id=NCT_iphone_de_ofid10863739_pidundefined_sub1,_sub2,_sub3,_nat10_sub4_sub5&sub1=228230undefined_,&sub3=id339532909&sub5=id339... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0 https://apts.trckswrm.com/click?offer_id=196103&pub_id=10&pub_click_id=NCT_iphone_de_ofid12635592_pid616_sub1,_sub2,_sub3adsperfectionppre_nat19_sub4_sub5&pub_sub_id=228230616&pub_sub_sub_id=,&app=... https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=101_10&pducid=AhlQf8AAAAF8cSSO1AAC_gcAAAAKAAAAAA&pddo=id1389111413&pdumid=&pssc2=101_10 https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 https://fd.allsaintsyrt.club/healthCheck?pisc1=286	1 B 59 B	210ms 210ms	Stylesheet text/plain	35.244.209.32 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd.allsaintsyrt.club/healthCheck?pisc1=286 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.209.32 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 32.209.244.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash `6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:34 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 1 content-type text/plain; charset=utf-8 Redirect headers access-control-allow-origin * date Mon, 11 Oct 2021 20:56:33 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 0 location https://fd.allsaintsyrt.club/healthCheck?pisc1=286
GET H/1.1	200 OK	recommendation armr.trckswrm.com/ Redirect Chain https://track.gowithads.com/click?pid=141&offer_id=2200168&sub1=NCT_iphone_de_ofid11988219_pidundefined_sub1,_sub2,_sub3,_nat11_sub4_sub5&sub2=228230undefined_,&sub4=id339532909 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=748&cid=&sid=141&udid=&name=&info=GOWMsl&blockTime=0 https://biggerpicture.g2afse.com/click?pid=52&offer_id=256756&sub5=NCT_iphone_de_ofid12240463_pid616_sub1_sub2141_sub3GOWMsl_nat15_sub4_sub5&sub1=228230616_141&sub3=id1119322983 https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154	211 B 288 B	3ms 2ms	Stylesheet text/html	168.119.211.149 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 168.119.211.149 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.149.211.119.168.clients.your-server.de Software / Resource Hash `7151611d0328380c5ae09981dd21a165d16151f853597f3048935bcb650095d9` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:34 GMT content-length 211 Redirect headers location https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 date Mon, 11 Oct 2021 20:56:34 GMT server nginx access-control-allow-origin * content-length 0
GET		click c.allontrk.com/	0 0

GET		click mookomedia.g2afse.com/	0 0

GET		clicks click.mnmnck.com/tracking/	0 0

GET H/1.1	200 OK	recommendation armr.trckswrm.com/ Redirect Chain https://biggerpicture.g2afse.com/click?pid=52&offer_id=242884&sub5=NCT_iphone_de_ofid12114288_pidundefined_sub1,_sub2,_sub3,_nat15_sub4_sub5&sub1=228230undefined_,&sub3=id339532909 https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154	211 B 288 B	8ms 2ms	Stylesheet text/html	168.119.211.149 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 168.119.211.149 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.149.211.119.168.clients.your-server.de Software / Resource Hash `4b425c7edbcf2106b533cdd1b8fd7f5255edc630db914a90107ea94b3c52a135` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:33 GMT content-length 211 Redirect headers location https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 date Mon, 11 Oct 2021 20:56:33 GMT server nginx access-control-allow-origin * content-length 0
GET H/1.1	200 OK	recommendation armr.trckswrm.com/ Redirect Chain https://biggerpicture.g2afse.com/click?pid=52&offer_id=280189&sub5=NCT_iphone_de_ofid12647324_pidundefined_sub1,_sub2,_sub3,_nat16_sub4_sub5&sub1=228230undefined_,&sub3=id339532909 https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154	211 B 288 B	9ms 2ms	Stylesheet text/html	168.119.211.149 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 168.119.211.149 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.149.211.119.168.clients.your-server.de Software / Resource Hash `c8a166e2b5db9055862ed4f6e1e32bad4bb67b39385bdc3c4c5a0bffd2fed32e` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:33 GMT content-length 211 Redirect headers location https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 date Mon, 11 Oct 2021 20:56:33 GMT server nginx access-control-allow-origin * content-length 0
GET		click imagineads.g2afse.com/ Redirect Chain https://imagineads.g2afse.com/click?pid=38&offer_id=4828&sub1=NCT_iphone_de_ofid12426113_pidundefined_sub1,_sub2,_sub3,_nat17_sub4_sub5&sub2=228230undefined_,&sub4=id339532909&sub5=id339532909 https://imagineads.g2afse.com/click?pid=11&offer_id=2287	0 0

GET H2	200	healthCheck fd.allsaintsyrt.club/ Redirect Chain https://apts.trckswrm.com/click?offer_id=531171&pub_id=9&pub_click_id=NCT_iphone_de_ofid12636066_pidundefined_sub1,_sub2,_sub3,_nat18_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id339... https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=82_9&pducid=AhspfQUAAAF8cSSOpwAIGuMAAAAJAAAAAA&pddo=id339532909&pdumid=&pssc2=82_9 https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 https://fd.allsaintsyrt.club/healthCheck?pisc1=286	1 B 80 B	103ms 103ms	Stylesheet text/plain	35.244.209.32 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd.allsaintsyrt.club/healthCheck?pisc1=286 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.209.32 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 32.209.244.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash `6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:34 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 1 content-type text/plain; charset=utf-8 Redirect headers access-control-allow-origin * date Mon, 11 Oct 2021 20:56:33 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 0 location https://fd.allsaintsyrt.club/healthCheck?pisc1=286
GET H/1.1	200 OK	click apts.trckswrm.com/ Redirect Chain https://appad.g2afse.com/click?pid=33&offer_id=144400&sub1=NCT_iphone_de_ofid12635550_pidundefined_sub1,_sub2,_sub3,_nat19_sub4_sub5&sub2=228230undefined_,&sub7=id339532909 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=947&cid=&sid=33&udid=&name=&info=appadppre&blockTime=0 https://apts.trckswrm.com/click?offer_id=536901&pub_id=55&pub_click_id=NCT_iphone_de_ofid12654166_pid616_sub1_sub233_sub3appadppre_nat27_sub4_sub5&pub_sub_id=228230616&pub_sub_sub_id=33&app=id15044...	0 75 B	2ms 2ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=536901&pub_id=55&pub_click_id=NCT_iphone_de_ofid12654166_pid616_sub1_sub233_sub3appadppre_nat27_sub4_sub5&pub_sub_id=228230616&pub_sub_sub_id=33&app=id1504499700 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:33 GMT content-length 0 Redirect headers date Mon, 11 Oct 2021 20:56:33 GMT content-encoding gzip server nginx/1.14.1 location https://apts.trckswrm.com/click?offer_id=536901&pub_id=55&pub_click_id=NCT_iphone_de_ofid12654166_pid616_sub1_sub233_sub3appadppre_nat27_sub4_sub5&pub_sub_id=228230616&pub_sub_sub_id=33&app=id1504499700 x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET H2	200	270202009bbc91917c37.js trk72.zperform.com/l/ Redirect Chain https://go.xtraperfnow.com/click?pid=321&offer_id=387617&sub1=NCT_iphone_de_ofid9462941_pidundefined_sub1,_sub2,_sub3,_nat20_sub4_sub5&sub2=228230undefined_,&sub5=id339532909 https://topictraff.com/l/270202009bbc91917c37?source=321_228230undefined_, https://trk72.zperform.com/l/270202009bbc91917c37.js?source=321_228230undefined_,	0 0	42ms 13ms	Stylesheet text/html	2606:4700:3030::ac43:d94e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk72.zperform.com/l/270202009bbc91917c37.js?source=321_228230undefined_, Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:d94e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Redirect headers date Mon, 11 Oct 2021 20:56:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sO7FnaNqeo9qHW4fltCJhmgBFXJattbXdJXrZYZsDcheUPKC05bDzNIUYOpQnbKjd7fCJhQu%2BbPPgDk7IozjbORkyo%2FQ0rTB7lcndIDDby0ljNjDksN71VA2byvUc6oVcmsYYJknV7EdN9R3nQ%3D%3D"}],"group":"cf-nel","max_age":604800} location https://trk72.zperform.com/l/270202009bbc91917c37.js?source=321_228230undefined_, cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 69cafeeb2bf96955-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:01 GMT
GET		click apply.g2afse.com/	0 0

GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://advdgt.trckswrm.com/click?offer_id=94429&pub_id=7&pub_click_id=NCT_iphone_de_ofid12665960_pidundefined_sub1,_sub2,_sub3,_nat22_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id33... https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_228230undefined&creativeid=POP&category=01	0 0	314ms 96ms	Stylesheet application/json	3.210.173.107 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_228230undefined&creativeid=POP&category=01 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.210.173.107 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-210-173-107.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_228230undefined&creativeid=POP&category=01 date Mon, 11 Oct 2021 20:56:33 GMT content-length 0
GET H2	404	click trk.ad-serving-ads.com/ Redirect Chain https://nexamob.g2afse.com/click?pid=15&offer_id=185015&sub1=NCT_iphone_de_ofid12614457_pidundefined_sub1,_sub2,_sub3,_nat23_sub4_sub5&sub2=228230undefined_,&sub3=id339532909&sub5=id339532909 https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01	0 0	293ms 98ms	Stylesheet application/json	3.210.173.107 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.210.173.107 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-210-173-107.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Redirect headers location https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 date Mon, 11 Oct 2021 20:56:33 GMT server nginx access-control-allow-origin * content-length 0
GET		click apply.g2afse.com/	0 0

GET H2	200	healthCheck fd.allsaintsyrt.club/ Redirect Chain https://apts.trckswrm.com/click?offer_id=143436&pub_id=10&pub_click_id=NCT_iphone_de_ofid11079432_pidundefined_sub1,_sub2,_sub3,_nat25_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id33... https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=82_10&pducid=AjR7CfkAAAF8cSSOpwACMEwAAAAKAAAAAA&pddo=id339532909&pdumid=&pssc2=82_10 https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 https://fd.allsaintsyrt.club/healthCheck?pisc1=286	1 B 59 B	245ms 245ms	Stylesheet text/plain	35.244.209.32 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd.allsaintsyrt.club/healthCheck?pisc1=286 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.209.32 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 32.209.244.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash `6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:34 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 1 content-type text/plain; charset=utf-8 Redirect headers access-control-allow-origin * date Mon, 11 Oct 2021 20:56:34 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 0 location https://fd.allsaintsyrt.club/healthCheck?pisc1=286
GET H/1.1	200 OK	recommendation armr.trckswrm.com/ Redirect Chain https://biggerpicture.g2afse.com/click?pid=52&offer_id=272056&sub5=NCT_iphone_de_ofid12627517_pidundefined_sub1,_sub2,_sub3,_nat26_sub4_sub5&sub1=228230undefined_,&sub3=id339532909 https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154	211 B 288 B	13ms 2ms	Stylesheet text/html	168.119.211.149 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 168.119.211.149 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.149.211.119.168.clients.your-server.de Software / Resource Hash `9491b72047e6409220c6defeb748af74919fb550ea7e6ac864cc4f655b0e1794` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:33 GMT content-length 211 Redirect headers location https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 date Mon, 11 Oct 2021 20:56:33 GMT server nginx access-control-allow-origin * content-length 0
GET H2	200	healthCheck fd.allsaintsyrt.club/ Redirect Chain https://apts.trckswrm.com/click?offer_id=490371&pub_id=9&pub_click_id=NCT_iphone_de_ofid12488836_pidundefined_sub1,_sub2,_sub3,_nat27_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id339... https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=82_9&pducid=AuPUtskAAAF8cSSOqAAHe4MAAAAJAAAAAA&pddo=id339532909&pdumid=&pssc2=82_9 https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 https://fd.allsaintsyrt.club/healthCheck?pisc1=286	1 B 59 B	102ms 102ms	Stylesheet text/plain	35.244.209.32 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd.allsaintsyrt.club/healthCheck?pisc1=286 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.209.32 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 32.209.244.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash `6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:34 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 1 content-type text/plain; charset=utf-8 Redirect headers access-control-allow-origin * date Mon, 11 Oct 2021 20:56:34 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 0 location https://fd.allsaintsyrt.club/healthCheck?pisc1=286
GET H/1.1	200 OK	click apts.trckswrm.com/	0 75 B	21ms 3ms	Stylesheet text/plain	5.9.6.203 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://apts.trckswrm.com/click?offer_id=489309&pub_id=55&pub_click_id=NCT_iphone_de_ofid12488004_pidundefined_sub1,_sub2,_sub3,_nat28_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id339532909 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.203.6.9.5.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:33 GMT content-length 0
GET		recommendation brainadv.trckswrm.com/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=1653346&sub1=NCT_iphone_de_ofid12643397_pidundefined_sub1,_sub2,_sub3,_nat29_sub4_sub5&sub2=228230undefined_,&sub5=id339532909 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://brainadv.g2afse.com/click?pid=3&offer_id=496699&sub3=NCT_iphone_de_ofid11587523_pid616_sub1_sub22_sub3ElishaSL_nat39_sub4_sub5&sub1=228230616_2&sub2=id1413942319&sub4=3BB19E78-BB51-49BB-87B... https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&idfa=3BB19E78-BB51-49BB-87B5-2CDE4216182D&gaid=3BB19E78-BB51-49BB-87B5-2CDE4216182D&app=id1413942319	0 0

GET H2	200	healthCheck fd.allsaintsyrt.club/ Redirect Chain https://apts.trckswrm.com/click?offer_id=310085&pub_id=9&pub_click_id=NCT_iphone_de_ofid11686620_pidundefined_sub1,_sub2,_sub3,_nat30_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id339... https://fkan.oakmastering.site/?sddtid=hdk9a&sdpi=1600&pdco=nmbbDlpVE&pdos=2331187&pisc1=82_9&pducid=Av0DVV0AAAF8cSSOqAAEu0UAAAAJAAAAAA&pddo=id339532909&pdumid=&pssc2=82_9 https://fd.allsaintsyrt.club/?sddtid=FBKpC&sdpi=286&pdos=F681104&pisc1=1600&pssc2=0 https://fd.allsaintsyrt.club/healthCheck?pisc1=286	1 B 59 B	114ms 114ms	Stylesheet text/plain	35.244.209.32 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fd.allsaintsyrt.club/healthCheck?pisc1=286 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.209.32 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 32.209.244.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash `6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:34 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 1 content-type text/plain; charset=utf-8 Redirect headers access-control-allow-origin * date Mon, 11 Oct 2021 20:56:34 GMT via 1.1 google server nginx/1.17.9 alt-svc clear content-length 0 location https://fd.allsaintsyrt.club/healthCheck?pisc1=286
GET H2	200	click click.kanmobi.net/tracking/	38 B 171 B	47ms 19ms	Stylesheet text/html	35.241.13.125 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://click.kanmobi.net/tracking/click?clickid=NCT_iphone_de_ofid10954911_pidundefined_sub1,_sub2,_sub3,_nat31_sub4_sub5&trafficsource=1373697408&offerid=434223445108954882&sub_placement=id339532909&pub_subid=228230undefined_, Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.13.125 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 125.13.241.35.bc.googleusercontent.com Software / Express Resource Hash `52f9fdd3c4077c13e78ac5453347a79f5c2f18a5fec199a36052d19946d6e61c` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:56:33 GMT via 1.1 google alt-svc clear x-powered-by Express etag W/"26-1e24f617" content-length 38 content-type text/html; charset=utf-8
GET		click aptrt.trckswrm.com/	0 0

GET		click aptrt.trckswrm.com/	0 0

GET H2	200	click click.kanmobi.net/tracking/ Redirect Chain https://track.toptradingspot.com/click?pid=134&offer_id=45586&offer_id=5350&sub1=NCT_iphone_de_ofid12511519_pidundefined_sub1,_sub2,_sub3,_nat34_sub4_sub5&sub2=228230undefined_,&sub3=41F87CC9-D379-... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=931&cid=&sid=134&udid=&name=&info=WaardexSL&blockTime=0 https://media.appm.app/click?pid=206&offer_id=76519&sub1=NCT_iphone_de_ofid12653909_pid616_sub1_sub2134_sub3WaardexSL_nat8_sub4_sub5&sub2=228230616&sub3=id1483008483&sub4=134 https://media.appm.app/sl?id=5c13c0a659b8ac00406bd7d4&pid=6&sub1=NCT_iphone_de_ofid12653909_pid616_sub1_sub2134_sub3WaardexSL_nat8_sub4_sub5&sub2=206_228230616&sub3=id1483008483&sub5= https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=938&cid=6164a501494a0200019b6cc4&sid=6&udid=&name=&info=appmarketppre&blockTime=0 https://click.kanmobi.net/tracking/click?clickid=NCT_iphone_de_ofid10954911_pid616_sub16164a501494a0200019b6cc4_sub26_sub3appmarketppre_nat31_sub4_sub5&trafficsource=1373697408&offerid=434223445108...	38 B 97 B	30021ms 30020ms	Stylesheet text/html	35.241.13.125 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://click.kanmobi.net/tracking/click?clickid=NCT_iphone_de_ofid10954911_pid616_sub16164a501494a0200019b6cc4_sub26_sub3appmarketppre_nat31_sub4_sub5&trafficsource=1373697408&offerid=434223445108954882&sub_placement=id605569663&pub_subid=228230616_6 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.13.125 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 125.13.241.35.bc.googleusercontent.com Software / Express Resource Hash `52f9fdd3c4077c13e78ac5453347a79f5c2f18a5fec199a36052d19946d6e61c` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 20:57:03 GMT via 1.1 google alt-svc clear x-powered-by Express etag W/"26-1e24f617" content-length 38 content-type text/html; charset=utf-8 Redirect headers date Mon, 11 Oct 2021 20:56:33 GMT content-encoding gzip server nginx/1.14.1 location https://click.kanmobi.net/tracking/click?clickid=NCT_iphone_de_ofid10954911_pid616_sub16164a501494a0200019b6cc4_sub26_sub3appmarketppre_nat31_sub4_sub5&trafficsource=1373697408&offerid=434223445108954882&sub_placement=id605569663&pub_subid=228230616_6 x-powered-by Express vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin *
GET		click aptrt.trckswrm.com/ Redirect Chain https://track.toptradingspot.com/click?pid=134&offer_id=45991&offer_id=5350&sub1=NCT_iphone_de_ofid12564733_pidundefined_sub1,_sub2,_sub3,_nat35_sub4_sub5&sub2=228230undefined_,&sub4=id339532909&su... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=931&cid=&sid=134&udid=&name=&info=WaardexSL&blockTime=0 https://aptrt.trckswrm.com/click?offer_id=7316&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid10284885_pid616_sub1_sub2134_sub3WaardexSL_nat40_sub4_sub5&pub_sub_id=228230616&pub_sub_sub_id=134&...	0 0

GET H2	404	click trk.whisursand.com/ Redirect Chain https://ttmma.go2affise.com/click?pid=21&offer_id=518429&sub1=NCT_iphone_de_ofid12210194_pidundefined_sub1,_sub2,_sub3,_nat36_sub4_sub5&sub2=228230undefined_,&sub5=id339532909 https://ttmma.go2affise.com/click?pid=314&offer_id=521871&sub1=&sub2=21 https://trk.whisursand.com/click?affid=25&clickid=6164a501e5e81c000176c473&category=01&androidid=&iosidfa=	0 0	325ms 104ms	Stylesheet application/json	52.203.144.110 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.whisursand.com/click?affid=25&clickid=6164a501e5e81c000176c473&category=01&androidid=&iosidfa= Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.203.144.110 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-203-144-110.compute-1.amazonaws.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Redirect headers location https://trk.whisursand.com/click?affid=25&clickid=6164a501e5e81c000176c473&category=01&androidid=&iosidfa= date Mon, 11 Oct 2021 20:56:33 GMT server nginx access-control-allow-origin * content-length 0
GET		click c.allontrk.com/	0 0

GET		click go2.enjoycpi.com/	0 0

GET		click aptrt.trckswrm.com/	0 0

GET		click firearc.g2afse.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=225682&sub1=NCT_iphone_de_ofid12393823_pidundefined_sub1,_sub2,_sub3,_nat40_sub4_sub5&sub4=228230undefined_,&sub3=41F87CC9-D379-402A-A90D-0E6953A... https://allmarketing.g2afse.com/click?pid=779&offer_id=4632190&sub1=6164a501116f52000163fe12&sub2=42_228230undefined_,&sub3=41F87CC9-D379-402A-A90D-0E6953A77285_41F87CC9-D379-402A-A90D-0E6953A77285... https://firearc.g2afse.com/click?pid=409&offer_id=14021630&sub1=6164a5027bc06f0001383792&sub2=779	0 0

GET		disabled.html go2.enjoycpi.com/ Redirect Chain https://go2.enjoycpi.com/click?pid=undefined&offer_id=4141322&sub1=,&sub2=,&sub3=,_nat4&sub4=41F87CC9-D379-402A-A90D-0E6953A77285&sub5=id339532909&sub6=228230 http://go2.enjoycpi.com/disabled.html	0 0

GET		recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=159676&pub_id=646&pub_click_id=NCT_iphone_de_ofid12646052_pidundefined_sub1,_sub2,_sub3,_nat8_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&gaid=41F87C... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 0

GET		recommendation c.allontrk.com/ Redirect Chain https://c.allontrk.com/click?offer_id=158713&pub_id=646&pub_click_id=NCT_iphone_de_ofid12633790_pidundefined_sub1,_sub2,_sub3,_nat12_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id3395... http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725	0 0

GET		sl mookomedia.g2afse.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=205494&sub1=NCT_iphone_de_ofid11976009_pidundefined_sub1,_sub2,_sub3,_nat13_sub4_sub5&sub4=228230undefined_,&sub3=41F87CC9-D379-402A-A90D-0E6953A... http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: go2.enjoycpi.com
URL: https://go2.enjoycpi.com/click?pid=undefined&offer_id=4141322&sub1=,&sub2=,&sub3=,_nat4&sub4=41F87CC9-D379-402A-A90D-0E6953A77285&sub5=id339532909&sub6=228230

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=159676&pub_id=646&pub_click_id=NCT_iphone_de_ofid12646052_pidundefined_sub1,_sub2,_sub3,_nat8_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&gaid=41F87CC9-D379-402A-A90D-0E6953A77285&idfa=41F87CC9-D379-402A-A90D-0E6953A77285&app=id339532909

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=158713&pub_id=646&pub_click_id=NCT_iphone_de_ofid12633790_pidundefined_sub1,_sub2,_sub3,_nat12_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id339532909

Domain: mookomedia.g2afse.com
URL: https://mookomedia.g2afse.com/click?pid=42&offer_id=205494&sub1=NCT_iphone_de_ofid11976009_pidundefined_sub1,_sub2,_sub3,_nat13_sub4_sub5&sub4=228230undefined_,&sub3=41F87CC9-D379-402A-A90D-0E6953A77285&sub2=41F87CC9-D379-402A-A90D-0E6953A77285&sub5=id339532909

Domain: click.mnmnck.com
URL: https://click.mnmnck.com/tracking/clicks?clickid=NCT_iphone_de_ofid12046504_pidundefined_sub1,_sub2,_sub3,_nat14_sub4_sub5&trafficsource=1373697408&offerid=436517088910293213&sub_placement=id339532909&pub_subid=228230undefined_,

Domain: imagineads.g2afse.com
URL: https://imagineads.g2afse.com/click?pid=11&offer_id=2287

Domain: apply.g2afse.com
URL: https://apply.g2afse.com/click?pid=3&offer_id=14467&sub1=NCT_iphone_de_ofid12667047_pidundefined_sub1,_sub2,_sub3,_nat21_sub4_sub5&sub4=id339532909&sub2=228230undefined_,

Domain: apply.g2afse.com
URL: https://apply.g2afse.com/click?pid=3&offer_id=13992&sub1=NCT_iphone_de_ofid12661373_pidundefined_sub1,_sub2,_sub3,_nat24_sub4_sub5&sub4=id339532909&sub2=228230undefined_,

Domain: brainadv.trckswrm.com
URL: https://brainadv.trckswrm.com/recommendation?rec_link_id=5&pub_id=25&pub_click_id=&pub_sub_id=3&idfa=3BB19E78-BB51-49BB-87B5-2CDE4216182D&gaid=3BB19E78-BB51-49BB-87B5-2CDE4216182D&app=id1413942319

Domain: aptrt.trckswrm.com
URL: https://aptrt.trckswrm.com/click?offer_id=27750&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid11784149_pidundefined_sub1,_sub2,_sub3,_nat32_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id339532909

Domain: aptrt.trckswrm.com
URL: https://aptrt.trckswrm.com/click?offer_id=1654&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid12261152_pidundefined_sub1,_sub2,_sub3,_nat33_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id339532909

Domain: aptrt.trckswrm.com
URL: https://aptrt.trckswrm.com/click?offer_id=7316&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid10284885_pid616_sub1_sub2134_sub3WaardexSL_nat40_sub4_sub5&pub_sub_id=228230616&pub_sub_sub_id=134&idfa=43BBBC11-B6BD-4EFB-91A8-BE00A0361984&gaid=43BBBC11-B6BD-4EFB-91A8-BE00A0361984&app=id1503028915

Domain: c.allontrk.com
URL: https://c.allontrk.com/click?offer_id=124978&pub_id=646&pub_click_id=NCT_iphone_de_ofid12188100_pidundefined_sub1,_sub2,_sub3,_nat37_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&app=id339532909

Domain: go2.enjoycpi.com
URL: https://go2.enjoycpi.com/click?pid=undefined&offer_id=9854143&sub1=,&sub2=,&sub3=,_nat38&sub4=41F87CC9-D379-402A-A90D-0E6953A77285&sub5=id339532909&sub6=228230

Domain: aptrt.trckswrm.com
URL: https://aptrt.trckswrm.com/click?offer_id=19406&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_de_ofid12255346_pidundefined_sub1,_sub2,_sub3,_nat39_sub4_sub5&pub_sub_id=228230undefined&pub_sub_sub_id=,&idfa=41F87CC9-D379-402A-A90D-0E6953A77285&gaid=41F87CC9-D379-402A-A90D-0E6953A77285&app=id339532909

Domain: firearc.g2afse.com
URL: https://firearc.g2afse.com/click?pid=409&offer_id=14021630&sub1=6164a5027bc06f0001383792&sub2=779

Domain: go2.enjoycpi.com
URL: http://go2.enjoycpi.com/disabled.html

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: c.allontrk.com
URL: http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725

Domain: mookomedia.g2afse.com
URL: http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ttmma.go2affise.com/	1970-01-20 06:38:41	Name: afclick Value: 6164a501e5e81c000176c473
ttmma.go2affise.com/	1970-01-20 06:38:41	Name: afoffers Value: {"521871":1633985793}
mookomedia.g2afse.com/	1970-01-20 06:38:41	Name: afclick Value: 6164a501116f52000163fe12
mookomedia.g2afse.com/	1970-01-20 06:38:41	Name: afoffers Value: {"225682":1633985794}
allmarketing.g2afse.com/	1970-01-20 06:38:41	Name: afclick Value: 6164a5027bc06f0001383792
allmarketing.g2afse.com/	1970-01-20 06:38:41	Name: afoffers Value: {"4632190":1633985794}
.gowithads.com/	1970-01-19 21:53:07	Name: __cf_bm Value: LVXyyDEbLAXxuszSLrIs7IifOJ4i5IW_WUebTjlkBxs-1633985794-0-AQtrA/yQ5HuYbKPX9mlUSte4TTtvDl+JVlOWqeYO0REKW9lEgf2K3Dcubgzv7EB8F/sFlnkTBxL0lqCMSK5oWDk=
media.appm.app/	1970-01-20 06:38:41	Name: afclick Value: 6164a502b013ce0001c42b7a
biggerpicture.g2afse.com/	1970-01-20 06:38:41	Name: afoffers Value: {"188":1633985794}
biggerpicture.g2afse.com/	1970-01-20 06:38:41	Name: afclick Value: 6164a50275ea8500017a641d

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=7_228230undefined&creativeid=POP&category=01 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.ad-serving-ads.com/click?affid=49&publisherid=&creativeid=POP&category=01 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trk.whisursand.com/click?affid=25&clickid=6164a501e5e81c000176c473&category=01&androidid=&iosidfa= Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cpi-offers.com/fantastic.html Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://go2.enjoycpi.com/disabled.html'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://c.allontrk.com/recommendation?rec_link_id=22&pub_id=725'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cpi-offers.com/fantastic.html Message: Mixed Content: The page at 'https://cpi-offers.com/fantastic.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsperfection.go2affise.com
advdgt.trckswrm.com
appad.g2afse.com
apply.g2afse.com
appscogent.g2afse.com
aptrt.trckswrm.com
apts.trckswrm.com
armr.trckswrm.com
biggerpicture.g2afse.com
brainadv.trckswrm.com
c.allontrk.com
click.appmultiple.net
click.kanmobi.net
click.mnmnck.com
cpi-offers.com
direct2.knmasdfsdgs.com
fd.allsaintsyrt.club
firearc.g2afse.com
fkan.oakmastering.site
go.xtraperfnow.com
go2.enjoycpi.com
imagineads.g2afse.com
lucazepa.com
media.appm.app
mookomedia.g2afse.com
nexamob.g2afse.com
topictraff.com
track.gowithads.com
track.toptradingspot.com
trk.ad-serving-ads.com
trk.whisursand.com
trk72.zperform.com
ttmma.go2affise.com
www.google.com
apply.g2afse.com
aptrt.trckswrm.com
brainadv.trckswrm.com
c.allontrk.com
click.mnmnck.com
firearc.g2afse.com
go2.enjoycpi.com
imagineads.g2afse.com
mookomedia.g2afse.com
168.119.211.149
172.67.144.227
185.33.87.146
213.227.134.196
213.227.134.236
213.227.135.209
213.227.135.235
213.227.156.13
213.227.156.19
213.227.156.233
2606:4700:3030::ac43:d94e
2606:4700:3033::6815:323a
2606:4700:3036::6815:1aea
2606:4700:3036::ac43:a5e2
2a00:1450:4001:80f::2004
3.210.173.107
35.157.81.48
35.241.13.125
35.244.148.94
35.244.190.228
35.244.209.32
5.9.6.203
52.203.144.110
4b425c7edbcf2106b533cdd1b8fd7f5255edc630db914a90107ea94b3c52a135
516e05f03f60c82de48ddc4d50994d4368e8a086444153d3d7776d7957299323
52f9fdd3c4077c13e78ac5453347a79f5c2f18a5fec199a36052d19946d6e61c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7151611d0328380c5ae09981dd21a165d16151f853597f3048935bcb650095d9
9491b72047e6409220c6defeb748af74919fb550ea7e6ac864cc4f655b0e1794
b929aaa79cfbf6ca58f41dde805eeb6c34f63bd1a9dd360299e72409f8d77ddb
c8a166e2b5db9055862ed4f6e1e32bad4bb67b39385bdc3c4c5a0bffd2fed32e
c8ca9461372573dbb65b417f50e39b89b3411e41df6c70dcab2665e1e873500e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cpi-offers.com Open in urlscan Pro 35.157.81.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

45 Requests

56 %HTTPS

22 %IPv6

22 Domains

34 Subdomains

12 IPs

3 Countries

5 kBTransfer

11 kBSize

10 Cookies

0 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

cpi-offers.com Open in urlscan Pro
35.157.81.48 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

56 %
HTTPS

22 %
IPv6

22
Domains

34
Subdomains

12
IPs

3
Countries

5 kB
Transfer

11 kB
Size

10
Cookies

45 HTTP transactions
0 data transactions