cpi-offers.com Open in urlscan Pro
3.122.11.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://toptopmedia.g2afse.com/click?offer_id=2757967&pid=147&sub1=2369adce-2bb6-11eb-b804-114ffd00013e_649_14262210_cpi&sub2=1...
Effective URL:
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=915&cid={clickid}&sid={pid}&udid=&name=&info=EdgeS...
Submission: On November 21 via manual (November 21st 2020, 10:16:51 am UTC) from IN

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 23 domains to perform 24 HTTP transactions. The main IP is 3.122.11.19, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com.
TLS certificate: Issued by Amazon on December 23rd 2019. Valid for: a year.

This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	213.227.156.234 213.227.156.234	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	52.39.78.83 52.39.78.83	16509 (AMAZON-02) (AMAZON-02)
1	35.186.220.166 35.186.220.166	15169 (GOOGLE) (GOOGLE)
9 12	3.122.11.19 3.122.11.19	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:303... 2606:4700:3031::681b:826f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	2606:4700:303... 2606:4700:3033::ac43:d024	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	212.32.252.71 212.32.252.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	52.210.231.195 52.210.231.195	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19f::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	213.227.135.229 213.227.135.229	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 3	213.227.134.220 213.227.134.220	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.227.134.196 213.227.134.196	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	198.134.116.30 198.134.116.30	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	212.32.252.139 212.32.252.139	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	94.130.140.84 94.130.140.84	24940 (HETZNER-AS) (HETZNER-AS)
1	148.251.22.162 148.251.22.162	24940 (HETZNER-AS) (HETZNER-AS)
1 1	54.246.209.148 54.246.209.148	16509 (AMAZON-02) (AMAZON-02)
2 2	213.227.132.161 213.227.132.161	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	107.178.254.148 107.178.254.148	15169 (GOOGLE) (GOOGLE)
1 1	213.227.134.236 213.227.134.236	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.156.21 213.227.156.21	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.134.200 213.227.134.200	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2606:4700:e2:... 2606:4700:e2::ac40:8725	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.57.211.4 52.57.211.4	16509 (AMAZON-02) (AMAZON-02)
24	9

2 213.227.156.234 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

toptopmedia.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media412.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.39.78.83 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-78-83.us-west-2.compute.amazonaws.com

omnidatasolution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.220.166 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 166.220.186.35.bc.googleusercontent.com

clk.trk144.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.122.11.19 (Frankfurt am Main, Germany) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-11-19.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
totalcpi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::681b:826f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

trk.appittech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::ac43:d024 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

track.gowithads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.252.71 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

adsmobis.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.231.195 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-231-195.eu-west-1.compute.amazonaws.com

app.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19f::2a1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

apps.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.135.229 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

boostads.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.134.220 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

zenoclick.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
valuadle.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.134.196 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

amazus.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.134.116.30 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)

mob.palmparadise.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.252.139 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

apptastic.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.140.84 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

trk.surfer.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.22.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.162.22.251.148.clients.your-server.de

trk.revpartner.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.209.148 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-209-148.eu-west-1.compute.amazonaws.com

click.appsamurai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.132.161 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

mobiem.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.254.178.107.bc.googleusercontent.com

control.kochava.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.134.236 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

digitalfuture.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.156.21 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

limpid.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.134.200 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

adsplus.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8725 (United States)

ASN13335 (CLOUDFLARENET, US)

recovercovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.211.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-211-4.eu-central-1.compute.amazonaws.com

tracking.lenzmx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	g2afse.com 16 redirects toptopmedia.g2afse.com appricotads.g2afse.com Failed zorkamarket.g2afse.com Failed adsmobis.g2afse.com boostads.g2afse.com zenoclick.g2afse.com amazus.g2afse.com apptastic.g2afse.com Failed valuadle.g2afse.com mobiem.g2afse.com mobee.g2afse.com Failed digitalfuture.g2afse.com limpid.g2afse.com adsplus.g2afse.com	4 KB
9	cpi-offers.com 6 redirects cpi-offers.com	3 KB
4	gowithads.com 4 redirects track.gowithads.com	2 KB
3	totalcpi.com 3 redirects totalcpi.com	905 B
1	lenzmx.com tracking.lenzmx.com	98 B
1	recovercovid.com recovercovid.com
1	kochava.com control.kochava.com
1	appsamurai.com 1 redirects click.appsamurai.com	183 B
1	go2affise.com 1 redirects media412.go2affise.com	336 B
1	revpartner.tech trk.revpartner.tech
1	surfer.media 1 redirects trk.surfer.media	449 B
1	palmparadise.info mob.palmparadise.info
1	apple.com apps.apple.com
1	appsflyer.com 1 redirects app.appsflyer.com	429 B
1	appittech.com 1 redirects trk.appittech.com	684 B
1	trk144.com clk.trk144.com	521 B
1	omnidatasolution.com 1 redirects omnidatasolution.com	299 B
0	blueparrot.media Failed xml.blueparrot.media Failed
0	tare.pro Failed tare.pro Failed
0	poqueras.com Failed poqueras.com Failed
0	themedia.site Failed track.themedia.site Failed
0	paddlewaver.com Failed track.paddlewaver.com Failed
0	orburu.com Failed orburu.com Failed
24	23

	Domain	Requested by
9	cpi-offers.com	6 redirects cpi-offers.com
4	track.gowithads.com	4 redirects
3	totalcpi.com	3 redirects
2	adsplus.g2afse.com	2 redirects
2	limpid.g2afse.com	2 redirects
2	mobiem.g2afse.com	2 redirects
2	zenoclick.g2afse.com	2 redirects
2	boostads.g2afse.com	2 redirects
1	tracking.lenzmx.com	cpi-offers.com
1	recovercovid.com	cpi-offers.com
1	digitalfuture.g2afse.com	1 redirects
1	control.kochava.com	cpi-offers.com
1	click.appsamurai.com	1 redirects
1	media412.go2affise.com	1 redirects
1	trk.revpartner.tech	cpi-offers.com
1	trk.surfer.media	1 redirects
1	valuadle.g2afse.com	1 redirects
1	apptastic.g2afse.com	cpi-offers.com
1	mob.palmparadise.info	cpi-offers.com
1	amazus.g2afse.com	1 redirects
1	apps.apple.com	cpi-offers.com
1	app.appsflyer.com	1 redirects
1	adsmobis.g2afse.com	1 redirects
1	trk.appittech.com	1 redirects
1	clk.trk144.com
1	omnidatasolution.com	1 redirects
1	toptopmedia.g2afse.com	1 redirects
0	xml.blueparrot.media Failed	cpi-offers.com
0	tare.pro Failed	cpi-offers.com
0	poqueras.com Failed	cpi-offers.com
0	track.themedia.site Failed	cpi-offers.com
0	mobee.g2afse.com Failed	cpi-offers.com
0	track.paddlewaver.com Failed	cpi-offers.com
0	orburu.com Failed	cpi-offers.com
0	zorkamarket.g2afse.com Failed	cpi-offers.com
0	appricotads.g2afse.com Failed	cpi-offers.com
24	36

This site contains no links.

Subject Issuer	Validity	Valid
cpi-offers.com Amazon	`2019-12-23` - `2021-01-23`	a year	crt.sh
itunes.apple.com DigiCert SHA2 Extended Validation Server CA-3	`2020-08-13` - `2021-08-14`	a year	crt.sh
mob.palmparadise.info Sectigo RSA Domain Validation Secure Server CA	`2020-01-02` - `2021-01-30`	a year	crt.sh
trk.revpartner.tech Let's Encrypt Authority X3	`2020-10-07` - `2021-01-05`	3 months	crt.sh
*.control.kochava.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-14` - `2022-05-14`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-07` - `2021-08-07`	a year	crt.sh
*.mobvista.com Amazon	`2020-01-13` - `2021-02-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=915&cid={clickid}&sid={pid}&udid=&name=&info=EdgeSL&blockTime=0
Frame ID: 5582B56CC9C98C66F3543B50832D317E
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://toptopmedia.g2afse.com/click?offer_id=2757967&pid=147&sub1=2369adce-2bb6-11eb-b804-114ffd00013e_649... HTTP 302
https://omnidatasolution.com/ntn/click/9b1ca446-46c5-572e-85cd-db6dc85ed282?ourCreative=AfwfX&dsp=affisee... HTTP 302
http://clk.trk144.com/click?a=86885108&o=86951457&sub_id=cb127f7f-0b52-48d0-b1ec-122025d5fe37cxy_9... Page URL
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=915&cid={clickid}&sid={pid}&ud... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

Page Statistics

24
Requests

38 %
HTTPS

17 %
IPv6

23
Domains

36
Subdomains

9
IPs

5
Countries

2 kB
Transfer

4 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://toptopmedia.g2afse.com/click?offer_id=2757967&pid=147&sub1=2369adce-2bb6-11eb-b804-114ffd00013e_649_14262210_cpi&sub2=198f6f9c&sub3=Alarm+Clock+_BTP_iOS_749124884&sub4=&sub5=168.244.5.54&sub6=Mozilla%2F5.0+%28iPhone%3B+CPU+iPhone+OS+14_0_1+like+Mac+OS+X%29+AppleWebKit%2F605.1.15+%28KHTML%2C+like+Gecko%29+Mobile%2F15E148&sub7=en-US HTTP 302
https://omnidatasolution.com/ntn/click/9b1ca446-46c5-572e-85cd-db6dc85ed282?ourCreative=AfwfX&dsp=affiseedge226&f_click=5fb8e903b31f940001e73f60&exchange=147&domain=Alarm%20Clock%20_BTP_iOS_749124884&idfa= HTTP 302
http://clk.trk144.com/click?a=86885108&o=86951457&sub_id=cb127f7f-0b52-48d0-b1ec-122025d5fe37cxy_9b1ca446-46c5-572e-85cd-db6dc85ed282_1473638126&sub_id4=Alarm%20Clock%20_BTP_iOS_749124884&sub_id3=null&gaid=null&sub_id2=1473638126 Page URL
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=915&cid={clickid}&sid={pid}&udid=&name=&info=EdgeSL&blockTime=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://toptopmedia.g2afse.com/click?offer_id=2757967&pid=147&sub1=2369adce-2bb6-11eb-b804-114ffd00013e_649_14262210_cpi&sub2=198f6f9c&sub3=Alarm+Clock+_BTP_iOS_749124884&sub4=&sub5=168.244.5.54&sub6=Mozilla%2F5.0+%28iPhone%3B+CPU+iPhone+OS+14_0_1+like+Mac+OS+X%29+AppleWebKit%2F605.1.15+%28KHTML%2C+like+Gecko%29+Mobile%2F15E148&sub7=en-US HTTP 302
https://omnidatasolution.com/ntn/click/9b1ca446-46c5-572e-85cd-db6dc85ed282?ourCreative=AfwfX&dsp=affiseedge226&f_click=5fb8e903b31f940001e73f60&exchange=147&domain=Alarm%20Clock%20_BTP_iOS_749124884&idfa= HTTP 302
http://clk.trk144.com/click?a=86885108&o=86951457&sub_id=cb127f7f-0b52-48d0-b1ec-122025d5fe37cxy_9b1ca446-46c5-572e-85cd-db6dc85ed282_1473638126&sub_id4=Alarm%20Clock%20_BTP_iOS_749124884&sub_id3=null&gaid=null&sub_id2=1473638126

Request Chain 2

https://appricotads.g2afse.com/click?pid=251&offer_id=123467&sub1=NCT_iphone_pl_ofid8844185_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat2_sub4_sub5&sub2=723040915_915&sub6=id524153305 HTTP 0
http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&sub1=&sub2=723040915_915&sub3=&sub4=

Request Chain 3

https://track.themedia.site/click?pid=5&offer_id=32233&sub1=NCT_iphone_pl_ofid8766339_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat3_sub4_sub5&sub2=723040915_915&sub7=id524153305&sub8=id524153305 HTTP 0
http://zorkamarket.g2afse.com/sl?id=5f20049cd1fc3bbe7f2be6e6&pid=1215

Request Chain 4

https://trk.appittech.com/click?pid=302&offer_id=1244519&offer_id=825757&sub1=NCT_iphone_pl_ofid8924607_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat4_sub4_sub5&sub2=723040915_915&sub3=id524153305 HTTP 302
https://totalcpi.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=821&cid=5e00e7f244b0f80001ad1994&sid=7&udid=&name=&info=BoostAds2&blockTime=0 HTTP 302
https://cpi-offers.com/aflinkref?prefix=https%3A//app.appsflyer.com/id1014949597%3F&af_prt=phondertech&pid=affiliatemob2_int&c=CPA&af_click_lookback=7d&clickid=NCT_iphone_pl_ofid6496743_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat1_sub4_sub5&af_installpostback=false&redis=12

Request Chain 5

https://track.gowithads.com/click?pid=141&offer_id=2004455&sub1=NCT_iphone_pl_ofid8978242_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat5_sub4_sub5&sub2=723040915_915&sub4=id524153305 HTTP 302
https://adsmobis.g2afse.com/click?pid=179&offer_id=157180&sub1=5fb8e909c3c845000185af09&sub2=141_723040915_915&sub3=id524153305&sub8= HTTP 302
https://app.appsflyer.com/id359478823?pid=adsmobis_int&af_click_lookback=7d&clickid=5fb8e90971ed020001b694fc&af_installpostback=false&af_cost_model=CPA&af_siteid=iosCPA_179_141_723040915_915&af_sub1=19971&af_sub2=iosCPA_179_141_723040915_915&af_sub3=5fb8e90971ed020001b694fc&c=AshleyMadisoniOS_CPA HTTP 302
https://apps.apple.com/US/app/id359478823?mt=8

Request Chain 6

https://boostads.g2afse.com/click?pid=287&offer_id=1081479&sub1=NCT_iphone_pl_ofid8709745_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat6_sub4_sub5&sub2=723040915_915&sub3=id524153305&sub5=id524153305 HTTP 302
https://totalcpi.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=821&cid=5e00e7f244b0f80001ad1994&sid=7&udid=&name=&info=BoostAds2&blockTime=0 HTTP 302
https://boostads.g2afse.com/click?pid=287&offer_id=1250399&sub1=NCT_iphone_pl_ofid8991329_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat1_sub4_sub5&sub2=723040616_7&sub3=id1477841973&sub5=id1477841973 HTTP 302
https://totalcpi.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=821&cid=5e00e7f244b0f80001ad1994&sid=7&udid=&name=&info=BoostAds2&blockTime=0 HTTP 302
https://track.gowithads.com/click?pid=141&offer_id=1751372&sub1=NCT_iphone_pl_ofid8131300_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat12_sub4_sub5&sub2=723040616_7&sub4=id842250179 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=599&cid=&sid=141_723040616_7&udid=&name=&info=GOWMsl&blockTime=0 HTTP 302
https://zenoclick.g2afse.com/click?pid=2&offer_id=22658&sub1=NCT_iphone_pl_ofid8982267_pid616_sub1_sub2141_723040616_7_sub3GOWMsl_nat15_sub4_sub5&sub2=723040616_141_723040616_7&sub6=id730623682 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=941&cid=clickid&sid=2&udid=&name=&info=ZenoClickSL&blockTime=0 HTTP 302
https://track.gowithads.com/click?pid=141&offer_id=1993104&sub1=NCT_iphone_pl_ofid8866686_pid616_sub1clickid_sub22_sub3ZenoClickSL_nat9_sub4_sub5&sub2=723040616_2&sub4=id1439785734 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=599&cid=&sid=141_723040616_2&udid=&name=&info=GOWMsl&blockTime=0 HTTP 302
https://track.gowithads.com/click?pid=141&offer_id=1751372&sub1=NCT_iphone_pl_ofid8131300_pid616_sub1_sub2141_723040616_2_sub3GOWMsl_nat12_sub4_sub5&sub2=723040616_141_723040616_2&sub4=id1347129450 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=599&cid=&sid=141_723040616_141_723040616_2&udid=&name=&info=GOWMsl&blockTime=0 HTTP 302
https://amazus.g2afse.com/click?pid=4&offer_id=1050&sub1=NCT_iphone_pl_ofid8041639_pid616_sub1_sub2141_723040616_141_723040616_2_sub3GOWMsl_nat8_sub4_sub5&sub2=723040616_141_723040616_141_723040616_2&sub3=8A561CF5-A3A2-411C-9C6C-5D676522A0EF&sub4=8A561CF5-A3A2-411C-9C6C-5D676522A0EF&sub5=id1317231325 HTTP 302
https://mob.palmparadise.info/redirect?feed=216775&auth=ebuQy0&url=https%3A%2F%2Fmobilenews.top&subid=NCT_iphone_pl_ofid8041639_pid616_sub1_sub2141_723040616_141_723040616_2_sub3GOWMsl_nat8_sub4_sub5_723040616_141_723040616_141_723040616_2&query=https%3A%2F%2Fmobilenews.top&pub_clickid=

Request Chain 7

https://track.media-412.com/click?pid=225&offer_id=1336338&sub1=723040915_915&sub2=NCT_iphone_pl_ofid8822112_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat7_sub4_sub5&sub5=id524153305 HTTP 302
https://appnapp.g2afse.com/click?pid=3&offer_id=2350970&sub1=5fb8e909e8c9980001bb06eb&sub2=225_723040915_915&sub3=&sub4=&sub5=id524153305&sub8=1072 HTTP 302
https://reorget.com/c/f611ad94-779a-3178-bee2-ed9176578527?pid=3&sub1=225_723040915_915&clickid=5fb8e909e8c9980001bb06eb HTTP 302
https://orburu.com/noid/hurried?wiry=yUTfM5ug980FMq10Mn96ng%3D%3D

Request Chain 9

https://digitalfuture.g2afse.com/click?pid=2&offer_id=525874&sub1=NCT_iphone_pl_ofid5077652_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat9_sub4_sub5&sub2=723040915_915&sub5=id524153305 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://track.paddlewaver.com/?campaign_id=4499217&publisher_id=1000044&clickid=NCT_iphone_pl_ofid8654248_pid616_sub1_sub22_sub3ElishaSL_nat4_sub4_sub5&channel=723040616_2&gaid=D14AE094-3C1F-47A5-9863-C849E29CD308&idfa=D14AE094-3C1F-47A5-9863-C849E29CD308&packagename=id284819997&appname=id284819997

Request Chain 10

https://apptastic.g2afse.com/click?pid=33&offer_id=2920613&sub1=NCT_iphone_pl_ofid8599408_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat10_sub4_sub5&sub2=723040915_915&sub4=id524153305 HTTP 302
https://valuadle.g2afse.com/click?pid=7&offer_id=14324&sub1=5fb8e909f3ecc70001dce11d&sub2=33&sub3=id524153305&sub4= HTTP 302
https://trk.surfer.media/track?pubid=5422&oid=10495143&sub1=5fb8e909f7ef570001fb6dda&sub2=33_&sub4=id524153305&sub5= HTTP 302
https://trk.revpartner.tech/flow/80a7a447-5a99-459e-899b-7e3de76db50d?device_id=&sub2=5422&sub11=t3-201121-5422-10495143-pHwIbTfL2ZgNEUb0

Request Chain 11

https://zenoclick.g2afse.com/click?pid=2&offer_id=14074&sub1=NCT_iphone_pl_ofid8841124_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat11_sub4_sub5&sub2=723040915_915&sub6=id524153305 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=941&cid=clickid&sid=2&udid=&name=&info=ZenoClickSL&blockTime=0 HTTP 302
https://media412.go2affise.com/click?pid=225&offer_id=891675&sub1=723040616_2&sub2=NCT_iphone_pl_ofid8880503_pid616_sub1clickid_sub22_sub3ZenoClickSL_nat3_sub4_sub5&sub5=id569077959 HTTP 302
https://click.appsamurai.com/api/callbacks/click?sub_campaign_id=KaXNp6XJFxHpl0rBtqkcyNJR95rAPRp9&ref_id=5fb8e909e8c9980001bcb70d&sub_id=225_723040616_2&device_id=&app_name=id569077959&sub_param_1=225&sub8=1064 HTTP 302
https://mobiem.g2afse.com/click?offer_id=186&pid=3&sub1=asor1h2u4p7-a9zIY_qLB4bDlyMtnhQG-AVskpHLeaMeqvQVDz5ZXA&sub2=MjI1XzcyMzA0MDYxNl8y&sub4=id569077959 HTTP 302
https://mobiem.g2afse.com/click?pid=4&offer_id=187&sub1=asor1h2u4p7-a9zIY_qLB4bDlyMtnhQG-AVskpHLeaMeqvQVDz5ZXA&sub2=MjI1XzcyMzA0MDYxNl8y&sub3=&sub4=id569077959 HTTP 302
https://control.kochava.com/v1/cpi/click?campaign_id=kogmal-pl-ios-nrf7c0eff4c98de21&network_id=5700&user_country=PL&site_id=4&site_category=asor1h2u4p7-a9zIY_qLB4bDlyMtnhQG-AVskpHLeaMeqvQVDz5ZXA&device_id=device_id&creative_size=id569077959&creative_id=&click_id=5fb8e90ad274d9000170d0c0&ad_platform=MjI1XzcyMzA0MDYxNl8y

Request Chain 12

https://lambadapp.go2affise.com/click?pid=46&offer_id=3549142&sub1=NCT_iphone_pl_ofid8019839_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat12_sub4_sub5&sub2=723040915_915&sub3=id524153305 HTTP 302
https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub2=46_723040915_915

Request Chain 13

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1106110&sub1=NCT_iphone_pl_ofid8951535_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat13_sub4_sub5&sub2=723040915_915&sub5=id524153305 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://limpid.g2afse.com/click?pid=99&offer_id=1244592&sub1=NCT_iphone_pl_ofid8976309_pid616_sub1_sub22_sub3ElishaSL_nat4_sub4_sub5&sub2=723040616_2&sub5=id1453989822 HTTP 302
https://adsplus.g2afse.com/click?pid=616&offer_id=3690772&sub1=5fb8e90920aefc0001567d74&sub2=99_723040616_2 HTTP 302
https://recovercovid.com/

Request Chain 14

https://limpid.g2afse.com/click?pid=99&offer_id=1243115&sub1=NCT_iphone_pl_ofid8949058_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat14_sub4_sub5&sub2=723040915_915&sub5=id524153305 HTTP 302
https://adsplus.g2afse.com/click?pid=616&offer_id=3690902&sub1=5fb8e9091c94750001039588&sub2=99_723040915_915 HTTP 302
https://tracking.lenzmx.com/click?mb_pl=ios&mb_nt=cb15106&mb_campid=mo_13724145_5768&aff_sub=5fb8e9096ff733000185b6b9&mb_subid=616_99_723040915_915&mb_devid=&mb_site=&mb_gaid=

Request Chain 16

https://lucazepa.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
https://bercioles.com/redirect?id=17&auth=abe0e77e653da047d2457a45516d1c9ea12ae3b7&sid= HTTP 302
https://poqueras.com/noid/slope?lame=2H9bknzlz6BNNCcn10k5gQ%3D%3D

Request Chain 17

https://track.media-412.com/click?pid=225&offer_id=1336338&sub1=723040915_915&sub2=NCT_iphone_pl_ofid8822112_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat7_sub4_sub5&sub5=id524153305 HTTP 302
https://appnapp.g2afse.com/click?pid=3&offer_id=2350970&sub1=5fb8e90a76fd31000153f329&sub2=225_723040915_915&sub3=&sub4=&sub5=id524153305&sub8=1072 HTTP 302
https://reorget.com/c/f611ad94-779a-3178-bee2-ed9176578527?pid=3&sub1=225_723040915_915&clickid=5fb8e90a76fd31000153f329 HTTP 302
https://orburu.com/noid/hurried?wiry=yUTfM5ug980FMq10Mn96ng%3D%3D HTTP 0
http://tare.pro/go/216668/575137

Request Chain 18

https://apptastic.g2afse.com/click?pid=140&offer_id=2190522&sub1=NCT_iphone_pl_ofid8883715_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat8_sub4_sub5&sub2=723040915_915&sub4=id524153305 HTTP 0
http://apptastic.g2afse.com/sl?id=5ed0ee1c96f015dc9b166976&pid=192&sub1=PL&sub2=2190522&sub3=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&sub4=37.120.211.172&sub5=140

Request Chain 19

https://digitalfuture.g2afse.com/click?pid=2&offer_id=525874&sub1=NCT_iphone_pl_ofid5077652_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat9_sub4_sub5&sub2=723040915_915&sub5=id524153305 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://lambadapp.go2affise.com/click?pid=46&offer_id=3580355&sub1=NCT_iphone_pl_ofid8788652_pid616_sub1_sub22_sub3ElishaSL_nat1_sub4_sub5&sub2=723040616_2&sub3=id1452992954 HTTP 302
https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub2=46_723040616_2 HTTP 0
http://xml.blueparrot.media/redirect?feed=221274&auth=9tpPZk&url=https://www.netflix.com&subid=4_46_723040616_2

Request Chain 20

https://lambadapp.go2affise.com/click?pid=46&offer_id=3549142&sub1=NCT_iphone_pl_ofid8019839_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat12_sub4_sub5&sub2=723040915_915&sub3=id524153305 HTTP 302
https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub2=46_723040915_915 HTTP 0
http://xml.blueparrot.media/redirect?feed=221274&auth=9tpPZk&url=https://www.netflix.com&subid=4_46_723040915_915

Request Chain 21

https://track.themedia.site/click?pid=5&offer_id=28307&sub1=NCT_iphone_pl_ofid8390392_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat15_sub4_sub5&sub2=723040915_915&sub7=id524153305&sub8=id524153305 HTTP 0
http://zorkamarket.g2afse.com/sl?id=5f20049cd1fc3bbe7f2be6e6&pid=1215

Request Chain 22

https://lucazepa.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
https://bercioles.com/redirect?id=17&auth=abe0e77e653da047d2457a45516d1c9ea12ae3b7&sid= HTTP 302
https://poqueras.com/noid/slope?lame=2H9bknzlz6BNNCcn10k5gQ%3D%3D HTTP 0
http://tare.pro/go/216668/575137

24 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	click Show response clk.trk144.com/ Redirect Chain http://toptopmedia.g2afse.com/click?offer_id=2757967&pid=147&sub1=2369adce-2bb6-11eb-b804-114ffd00013e_649_14262210_cpi&sub2=198f6f9c&sub3=Alarm+Clock+_BTP_iOS_749124884&sub4=&sub5=168.244.5.54&sub... https://omnidatasolution.com/ntn/click/9b1ca446-46c5-572e-85cd-db6dc85ed282?ourCreative=AfwfX&dsp=affiseedge226&f_click=5fb8e903b31f940001e73f60&exchange=147&domain=Alarm%20Clock%20_BTP_iOS_7491248... http://clk.trk144.com/click?a=86885108&o=86951457&sub_id=cb127f7f-0b52-48d0-b1ec-122025d5fe37cxy_9b1ca446-46c5-572e-85cd-db6dc85ed282_1473638126&sub_id4=Alarm%20Clock%20_BTP_iOS_749124884&sub_id3=n...	335 B 521 B	206ms 172ms	Document text/html	35.186.220.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://clk.trk144.com/click?a=86885108&o=86951457&sub_id=cb127f7f-0b52-48d0-b1ec-122025d5fe37cxy_9b1ca446-46c5-572e-85cd-db6dc85ed282_1473638126&sub_id4=Alarm%20Clock%20_BTP_iOS_749124884&sub_id3=null&gaid=null&sub_id2=1473638126 Protocol HTTP/1.1 Server 35.186.220.166 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 166.220.186.35.bc.googleusercontent.com Software nginx / Resource Hash `784163954fa7cbc9f2694dd5cc5bafb3296a11f6d911217deda9c1621b9b9ef6` Request headers Host clk.trk144.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx Date Sat, 21 Nov 2020 10:16:36 GMT Content-Type text/html; charset=utf-8 Content-Length 335 X-Context CInr4ZcMEHEY9IW3KSChjLsp Via 1.1 google Redirect headers date Sat, 21 Nov 2020 10:16:35 GMT content-type text/html; charset=utf-8 content-length 550 location http://clk.trk144.com/click?a=86885108&o=86951457&sub_id=cb127f7f-0b52-48d0-b1ec-122025d5fe37cxy_9b1ca446-46c5-572e-85cd-db6dc85ed282_1473638126&sub_id4=Alarm%20Clock%20_BTP_iOS_749124884&sub_id3=null&gaid=null&sub_id2=1473638126 x-powered-by Express access-control-allow-origin * vary Accept, Accept-Encoding
GET H2	200	Primary Request fantastic.html Show response cpi-offers.com/	4 KB 1 KB	177ms 59ms	Document text/html	3.122.11.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=915&cid={clickid}&sid={pid}&udid=&name=&info=EdgeSL&blockTime=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.122.11.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-11-19.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `ab886f4290353440a153cbdc0e891641b829642c3feebb1b2cbf520453fadcdc` Request headers :method GET :authority cpi-offers.com :scheme https :path /fantastic.html?size=0&red=0&ids=&lastid=&apid=915&cid={clickid}&sid={pid}&udid=&name=&info=EdgeSL&blockTime=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer http://clk.trk144.com/click?a=86885108&o=86951457&sub_id=cb127f7f-0b52-48d0-b1ec-122025d5fe37cxy_9b1ca446-46c5-572e-85cd-db6dc85ed282_1473638126&sub_id4=Alarm%20Clock%20_BTP_iOS_749124884&sub_id3=null&gaid=null&sub_id2=1473638126 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://clk.trk144.com/click?a=86885108&o=86951457&sub_id=cb127f7f-0b52-48d0-b1ec-122025d5fe37cxy_9b1ca446-46c5-572e-85cd-db6dc85ed282_1473638126&sub_id4=Alarm%20Clock%20_BTP_iOS_749124884&sub_id3=null&gaid=null&sub_id2=1473638126 Response headers date Sat, 21 Nov 2020 10:16:41 GMT content-type text/html; charset=utf-8 server nginx/1.14.1 x-powered-by Express access-control-allow-origin * etag W/"f0b-HO0im1WaJl7Son7usWa94IQNo54" content-encoding gzip
GET H2	200	aflinkref cpi-offers.com/	2 B 169 B	59ms 55ms	Stylesheet text/plain	3.122.11.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/aflinkref?prefix=https%3A//app.appsflyer.com/id1014949597%3F&af_prt=phondertech&pid=affiliatemob2_int&c=CPA&af_click_lookback=7d&clickid=NCT_iphone_pl_ofid6496743_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat1_sub4_sub5&af_installpostback=false&redis=12 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=915&cid={clickid}&sid={pid}&udid=&name=&info=EdgeSL&blockTime=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.122.11.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-11-19.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin * date Sat, 21 Nov 2020 10:16:41 GMT server nginx/1.14.1 x-powered-by Express etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" content-length 2 content-type text/plain; charset=utf-8
GET		sl appricotads.g2afse.com/ Redirect Chain https://appricotads.g2afse.com/click?pid=251&offer_id=123467&sub1=NCT_iphone_pl_ofid8844185_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat2_sub4_sub5&sub2=723040915_915&sub6=id524153305 http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&sub1=&sub2=723040915_915&sub3=&sub4=	0 0

GET		sl zorkamarket.g2afse.com/ Redirect Chain https://track.themedia.site/click?pid=5&offer_id=32233&sub1=NCT_iphone_pl_ofid8766339_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat3_sub4_sub5&sub2=723040915_915&sub7=id524153305&sub8=id524153305 http://zorkamarket.g2afse.com/sl?id=5f20049cd1fc3bbe7f2be6e6&pid=1215	0 0

GET H2	200	aflinkref cpi-offers.com/ Redirect Chain https://trk.appittech.com/click?pid=302&offer_id=1244519&offer_id=825757&sub1=NCT_iphone_pl_ofid8924607_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat4_sub4_sub5&sub2=723040915_915&sub3=id524153305 https://totalcpi.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=821&cid=5e00e7f244b0f80001ad1994&sid=7&udid=&name=&info=BoostAds2&blockTime=0 https://cpi-offers.com/aflinkref?prefix=https%3A//app.appsflyer.com/id1014949597%3F&af_prt=phondertech&pid=affiliatemob2_int&c=CPA&af_click_lookback=7d&clickid=NCT_iphone_pl_ofid6496743_pid616_sub1...	2 B 169 B	56ms 56ms	Stylesheet text/plain	3.122.11.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/aflinkref?prefix=https%3A//app.appsflyer.com/id1014949597%3F&af_prt=phondertech&pid=affiliatemob2_int&c=CPA&af_click_lookback=7d&clickid=NCT_iphone_pl_ofid6496743_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat1_sub4_sub5&af_installpostback=false&redis=12 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=915&cid={clickid}&sid={pid}&udid=&name=&info=EdgeSL&blockTime=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.122.11.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-11-19.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin * date Sat, 21 Nov 2020 10:16:41 GMT server nginx/1.14.1 x-powered-by Express etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" content-length 2 content-type text/plain; charset=utf-8 Redirect headers date Sat, 21 Nov 2020 10:16:41 GMT server nginx/1.14.1 location https://cpi-offers.com/aflinkref?prefix=https%3A//app.appsflyer.com/id1014949597%3F&af_prt=phondertech&pid=affiliatemob2_int&c=CPA&af_click_lookback=7d&clickid=NCT_iphone_pl_ofid6496743_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat1_sub4_sub5&af_installpostback=false&redis=12 x-powered-by Express vary Accept content-type text/plain; charset=utf-8 access-control-allow-origin * content-length 312
GET H2	200	id359478823 apps.apple.com/US/app/ Redirect Chain https://track.gowithads.com/click?pid=141&offer_id=2004455&sub1=NCT_iphone_pl_ofid8978242_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat5_sub4_sub5&sub2=723040915_915&sub4=id524153305 https://adsmobis.g2afse.com/click?pid=179&offer_id=157180&sub1=5fb8e909c3c845000185af09&sub2=141_723040915_915&sub3=id524153305&sub8= https://app.appsflyer.com/id359478823?pid=adsmobis_int&af_click_lookback=7d&clickid=5fb8e90971ed020001b694fc&af_installpostback=false&af_cost_model=CPA&af_siteid=iosCPA_179_141_723040915_915&af_sub... https://apps.apple.com/US/app/id359478823?mt=8	0 0	79ms 8ms	Stylesheet text/html	2a02:26f0:6c00:19f::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/US/app/id359478823?mt=8 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=915&cid={clickid}&sid={pid}&udid=&name=&info=EdgeSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:19f::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin * Redirect headers Location https://apps.apple.com/US/app/id359478823?mt=8 Date Sat, 21 Nov 2020 10:16:41 GMT Server http-kit Connection keep-alive Content-Length 0 Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type application/octet-stream
GET H/1.1	400 Bad Request	redirect mob.palmparadise.info/ Redirect Chain https://boostads.g2afse.com/click?pid=287&offer_id=1081479&sub1=NCT_iphone_pl_ofid8709745_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat6_sub4_sub5&sub2=723040915_915&sub3=id524153305&sub5=id524153305 https://totalcpi.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=821&cid=5e00e7f244b0f80001ad1994&sid=7&udid=&name=&info=BoostAds2&blockTime=0 https://boostads.g2afse.com/click?pid=287&offer_id=1250399&sub1=NCT_iphone_pl_ofid8991329_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat1_sub4_sub5&sub2=723040616_7&sub3=id1477841973&s... https://totalcpi.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=821&cid=5e00e7f244b0f80001ad1994&sid=7&udid=&name=&info=BoostAds2&blockTime=0 https://track.gowithads.com/click?pid=141&offer_id=1751372&sub1=NCT_iphone_pl_ofid8131300_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat12_sub4_sub5&sub2=723040616_7&sub4=id842250179 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=599&cid=&sid=141_723040616_7&udid=&name=&info=GOWMsl&blockTime=0 https://zenoclick.g2afse.com/click?pid=2&offer_id=22658&sub1=NCT_iphone_pl_ofid8982267_pid616_sub1_sub2141_723040616_7_sub3GOWMsl_nat15_sub4_sub5&sub2=723040616_141_723040616_7&sub6=id730623682 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=941&cid=clickid&sid=2&udid=&name=&info=ZenoClickSL&blockTime=0 https://track.gowithads.com/click?pid=141&offer_id=1993104&sub1=NCT_iphone_pl_ofid8866686_pid616_sub1clickid_sub22_sub3ZenoClickSL_nat9_sub4_sub5&sub2=723040616_2&sub4=id1439785734 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=599&cid=&sid=141_723040616_2&udid=&name=&info=GOWMsl&blockTime=0 https://track.gowithads.com/click?pid=141&offer_id=1751372&sub1=NCT_iphone_pl_ofid8131300_pid616_sub1_sub2141_723040616_2_sub3GOWMsl_nat12_sub4_sub5&sub2=723040616_141_723040616_2&sub4=id1347129450 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=599&cid=&sid=141_723040616_141_723040616_2&udid=&name=&info=GOWMsl&blockTime=0 https://amazus.g2afse.com/click?pid=4&offer_id=1050&sub1=NCT_iphone_pl_ofid8041639_pid616_sub1_sub2141_723040616_141_723040616_2_sub3GOWMsl_nat8_sub4_sub5&sub2=723040616_141_723040616_141_723040616... https://mob.palmparadise.info/redirect?feed=216775&auth=ebuQy0&url=https%3A%2F%2Fmobilenews.top&subid=NCT_iphone_pl_ofid8041639_pid616_sub1_sub2141_723040616_141_723040616_2_sub3GOWMsl_nat8_sub4_su...	0 0	379ms 121ms	Stylesheet text/plain	198.134.116.30 WEBAIR-INTERNET
General Check archive.org Show headers Download Go to Full URL https://mob.palmparadise.info/redirect?feed=216775&auth=ebuQy0&url=https%3A%2F%2Fmobilenews.top&subid=NCT_iphone_pl_ofid8041639_pid616_sub1_sub2141_723040616_141_723040616_2_sub3GOWMsl_nat8_sub4_sub5_723040616_141_723040616_141_723040616_2&query=https%3A%2F%2Fmobilenews.top&pub_clickid= Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=915&cid={clickid}&sid={pid}&udid=&name=&info=EdgeSL&blockTime=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.134.116.30 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US), Reverse DNS Software nginx / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Nov 2020 10:16:42 GMT Cache-Control no-store Server nginx Connection keep-alive Age 0 Content-Length 27 Redirect headers location https://mob.palmparadise.info/redirect?feed=216775&auth=ebuQy0&url=https%3A%2F%2Fmobilenews.top&subid=NCT_iphone_pl_ofid8041639_pid616_sub1_sub2141_723040616_141_723040616_2_sub3GOWMsl_nat8_sub4_sub5_723040616_141_723040616_141_723040616_2&query=https%3A%2F%2Fmobilenews.top&pub_clickid= date Sat, 21 Nov 2020 10:16:42 GMT server nginx content-length 330 content-type text/html; charset=utf-8
GET		hurried orburu.com/noid/ Redirect Chain https://track.media-412.com/click?pid=225&offer_id=1336338&sub1=723040915_915&sub2=NCT_iphone_pl_ofid8822112_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat7_sub4_sub5&sub5=id524153305 https://appnapp.g2afse.com/click?pid=3&offer_id=2350970&sub1=5fb8e909e8c9980001bb06eb&sub2=225_723040915_915&sub3=&sub4=&sub5=id524153305&sub8=1072 https://reorget.com/c/f611ad94-779a-3178-bee2-ed9176578527?pid=3&sub1=225_723040915_915&clickid=5fb8e909e8c9980001bb06eb https://orburu.com/noid/hurried?wiry=yUTfM5ug980FMq10Mn96ng%3D%3D	0 0

GET		click apptastic.g2afse.com/	0 0

GET		/ track.paddlewaver.com/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=525874&sub1=NCT_iphone_pl_ofid5077652_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat9_sub4_sub5&sub2=723040915_915&sub5=id524153305 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://track.paddlewaver.com/?campaign_id=4499217&publisher_id=1000044&clickid=NCT_iphone_pl_ofid8654248_pid616_sub1_sub22_sub3ElishaSL_nat4_sub4_sub5&channel=723040616_2&gaid=D14AE094-3C1F-47A5-9...	0 0

GET H2	200	80a7a447-5a99-459e-899b-7e3de76db50d trk.revpartner.tech/flow/ Redirect Chain https://apptastic.g2afse.com/click?pid=33&offer_id=2920613&sub1=NCT_iphone_pl_ofid8599408_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat10_sub4_sub5&sub2=723040915_915&sub4=id524153305 https://valuadle.g2afse.com/click?pid=7&offer_id=14324&sub1=5fb8e909f3ecc70001dce11d&sub2=33&sub3=id524153305&sub4= https://trk.surfer.media/track?pubid=5422&oid=10495143&sub1=5fb8e909f7ef570001fb6dda&sub2=33_&sub4=id524153305&sub5= https://trk.revpartner.tech/flow/80a7a447-5a99-459e-899b-7e3de76db50d?device_id=&sub2=5422&sub11=t3-201121-5422-10495143-pHwIbTfL2ZgNEUb0	0 0	164ms 58ms	Stylesheet text/html	148.251.22.162 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://trk.revpartner.tech/flow/80a7a447-5a99-459e-899b-7e3de76db50d?device_id=&sub2=5422&sub11=t3-201121-5422-10495143-pHwIbTfL2ZgNEUb0 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=915&cid={clickid}&sid={pid}&udid=&name=&info=EdgeSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 148.251.22.162 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.162.22.251.148.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin * access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-credentials true Redirect headers date Sat, 21 Nov 2020 10:16:41 GMT referrer-policy no-referrer server nginx/1.19.2 location https://trk.revpartner.tech/flow/80a7a447-5a99-459e-899b-7e3de76db50d?device_id=&sub2=5422&sub11=t3-201121-5422-10495143-pHwIbTfL2ZgNEUb0 strict-transport-security max-age=15724800; includeSubDomains content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, pre-check=0, post-check=0 access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With content-length 168
GET H2	200	click control.kochava.com/v1/cpi/ Redirect Chain https://zenoclick.g2afse.com/click?pid=2&offer_id=14074&sub1=NCT_iphone_pl_ofid8841124_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat11_sub4_sub5&sub2=723040915_915&sub6=id524153305 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=941&cid=clickid&sid=2&udid=&name=&info=ZenoClickSL&blockTime=0 https://media412.go2affise.com/click?pid=225&offer_id=891675&sub1=723040616_2&sub2=NCT_iphone_pl_ofid8880503_pid616_sub1clickid_sub22_sub3ZenoClickSL_nat3_sub4_sub5&sub5=id569077959 https://click.appsamurai.com/api/callbacks/click?sub_campaign_id=KaXNp6XJFxHpl0rBtqkcyNJR95rAPRp9&ref_id=5fb8e909e8c9980001bcb70d&sub_id=225_723040616_2&device_id=&app_name=id569077959&sub_param_1=... https://mobiem.g2afse.com/click?offer_id=186&pid=3&sub1=asor1h2u4p7-a9zIY_qLB4bDlyMtnhQG-AVskpHLeaMeqvQVDz5ZXA&sub2=MjI1XzcyMzA0MDYxNl8y&sub4=id569077959 https://mobiem.g2afse.com/click?pid=4&offer_id=187&sub1=asor1h2u4p7-a9zIY_qLB4bDlyMtnhQG-AVskpHLeaMeqvQVDz5ZXA&sub2=MjI1XzcyMzA0MDYxNl8y&sub3=&sub4=id569077959 https://control.kochava.com/v1/cpi/click?campaign_id=kogmal-pl-ios-nrf7c0eff4c98de21&network_id=5700&user_country=PL&site_id=4&site_category=asor1h2u4p7-a9zIY_qLB4bDlyMtnhQG-AVskpHLeaMeqvQVDz5ZXA&d...	0 0	161ms 72ms	Stylesheet text/html	107.178.254.148 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://control.kochava.com/v1/cpi/click?campaign_id=kogmal-pl-ios-nrf7c0eff4c98de21&network_id=5700&user_country=PL&site_id=4&site_category=asor1h2u4p7-a9zIY_qLB4bDlyMtnhQG-AVskpHLeaMeqvQVDz5ZXA&device_id=device_id&creative_size=id569077959&creative_id=&click_id=5fb8e90ad274d9000170d0c0&ad_platform=MjI1XzcyMzA0MDYxNl8y Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=915&cid={clickid}&sid={pid}&udid=&name=&info=EdgeSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.254.148 , United States, ASN15169 (GOOGLE, US), Reverse DNS 148.254.178.107.bc.googleusercontent.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin * Redirect headers location https://control.kochava.com/v1/cpi/click?campaign_id=kogmal-pl-ios-nrf7c0eff4c98de21&network_id=5700&user_country=PL&site_id=4&site_category=asor1h2u4p7-a9zIY_qLB4bDlyMtnhQG-AVskpHLeaMeqvQVDz5ZXA&device_id=device_id&creative_size=id569077959&creative_id=&click_id=5fb8e90ad274d9000170d0c0&ad_platform=MjI1XzcyMzA0MDYxNl8y date Sat, 21 Nov 2020 10:16:42 GMT server nginx content-length 380 content-type text/html; charset=utf-8
GET		click mobee.g2afse.com/ Redirect Chain https://lambadapp.go2affise.com/click?pid=46&offer_id=3549142&sub1=NCT_iphone_pl_ofid8019839_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat12_sub4_sub5&sub2=723040915_915&sub3=id524153305 https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub2=46_723040915_915	0 0

GET H2	200	/ recovercovid.com/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=1106110&sub1=NCT_iphone_pl_ofid8951535_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat13_sub4_sub5&sub2=723040915_915&sub5=id524153305 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://limpid.g2afse.com/click?pid=99&offer_id=1244592&sub1=NCT_iphone_pl_ofid8976309_pid616_sub1_sub22_sub3ElishaSL_nat4_sub4_sub5&sub2=723040616_2&sub5=id1453989822 https://adsplus.g2afse.com/click?pid=616&offer_id=3690772&sub1=5fb8e90920aefc0001567d74&sub2=99_723040616_2 https://recovercovid.com/	0 0	46ms 21ms	Stylesheet text/html	2606:4700:e2::ac40:8725 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://recovercovid.com/ Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=915&cid={clickid}&sid={pid}&udid=&name=&info=EdgeSL&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8725 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Redirect headers location https://recovercovid.com/ date Sat, 21 Nov 2020 10:16:41 GMT server nginx content-length 48 content-type text/html; charset=utf-8
GET H2	200	click tracking.lenzmx.com/ Redirect Chain https://limpid.g2afse.com/click?pid=99&offer_id=1243115&sub1=NCT_iphone_pl_ofid8949058_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat14_sub4_sub5&sub2=723040915_915&sub5=id524153305 https://adsplus.g2afse.com/click?pid=616&offer_id=3690902&sub1=5fb8e9091c94750001039588&sub2=99_723040915_915 https://tracking.lenzmx.com/click?mb_pl=ios&mb_nt=cb15106&mb_campid=mo_13724145_5768&aff_sub=5fb8e9096ff733000185b6b9&mb_subid=616_99_723040915_915&mb_devid=&mb_site=&mb_gaid=	28 B 98 B	203ms 72ms	Stylesheet text/plain	52.57.211.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tracking.lenzmx.com/click?mb_pl=ios&mb_nt=cb15106&mb_campid=mo_13724145_5768&aff_sub=5fb8e9096ff733000185b6b9&mb_subid=616_99_723040915_915&mb_devid=&mb_site=&mb_gaid= Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=915&cid={clickid}&sid={pid}&udid=&name=&info=EdgeSL&blockTime=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.211.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-211-4.eu-central-1.compute.amazonaws.com Software nginx/1.14.0 / Resource Hash `c769d23bb419215f4739669bd2e427ea944b376bdde7ef2e14eeeff48ecd0e86` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 21 Nov 2020 10:16:41 GMT server nginx/1.14.0 Redirect headers location https://tracking.lenzmx.com/click?mb_pl=ios&mb_nt=cb15106&mb_campid=mo_13724145_5768&aff_sub=5fb8e9096ff733000185b6b9&mb_subid=616_99_723040915_915&mb_devid=&mb_site=&mb_gaid= date Sat, 21 Nov 2020 10:16:41 GMT server nginx content-length 226 content-type text/html; charset=utf-8
GET		click track.themedia.site/	0 0

GET		slope poqueras.com/noid/ Redirect Chain https://lucazepa.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D https://bercioles.com/redirect?id=17&auth=abe0e77e653da047d2457a45516d1c9ea12ae3b7&sid= https://poqueras.com/noid/slope?lame=2H9bknzlz6BNNCcn10k5gQ%3D%3D	0 0

GET		575137 tare.pro/go/216668/ Redirect Chain https://track.media-412.com/click?pid=225&offer_id=1336338&sub1=723040915_915&sub2=NCT_iphone_pl_ofid8822112_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat7_sub4_sub5&sub5=id524153305 https://appnapp.g2afse.com/click?pid=3&offer_id=2350970&sub1=5fb8e90a76fd31000153f329&sub2=225_723040915_915&sub3=&sub4=&sub5=id524153305&sub8=1072 https://reorget.com/c/f611ad94-779a-3178-bee2-ed9176578527?pid=3&sub1=225_723040915_915&clickid=5fb8e90a76fd31000153f329 https://orburu.com/noid/hurried?wiry=yUTfM5ug980FMq10Mn96ng%3D%3D http://tare.pro/go/216668/575137	0 0

GET		sl apptastic.g2afse.com/ Redirect Chain https://apptastic.g2afse.com/click?pid=140&offer_id=2190522&sub1=NCT_iphone_pl_ofid8883715_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat8_sub4_sub5&sub2=723040915_915&sub4=id524153305 http://apptastic.g2afse.com/sl?id=5ed0ee1c96f015dc9b166976&pid=192&sub1=PL&sub2=2190522&sub3=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+C...	0 0

GET		redirect xml.blueparrot.media/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=525874&sub1=NCT_iphone_pl_ofid5077652_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat9_sub4_sub5&sub2=723040915_915&sub5=id524153305 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://lambadapp.go2affise.com/click?pid=46&offer_id=3580355&sub1=NCT_iphone_pl_ofid8788652_pid616_sub1_sub22_sub3ElishaSL_nat1_sub4_sub5&sub2=723040616_2&sub3=id1452992954 https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub2=46_723040616_2 http://xml.blueparrot.media/redirect?feed=221274&auth=9tpPZk&url=https://www.netflix.com&subid=4_46_723040616_2	0 0

GET		redirect xml.blueparrot.media/ Redirect Chain https://lambadapp.go2affise.com/click?pid=46&offer_id=3549142&sub1=NCT_iphone_pl_ofid8019839_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat12_sub4_sub5&sub2=723040915_915&sub3=id524153305 https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub2=46_723040915_915 http://xml.blueparrot.media/redirect?feed=221274&auth=9tpPZk&url=https://www.netflix.com&subid=4_46_723040915_915	0 0

GET		sl zorkamarket.g2afse.com/ Redirect Chain https://track.themedia.site/click?pid=5&offer_id=28307&sub1=NCT_iphone_pl_ofid8390392_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat15_sub4_sub5&sub2=723040915_915&sub7=id524153305&sub8=id524153305 http://zorkamarket.g2afse.com/sl?id=5f20049cd1fc3bbe7f2be6e6&pid=1215	0 0

GET		575137 tare.pro/go/216668/ Redirect Chain https://lucazepa.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D https://bercioles.com/redirect?id=17&auth=abe0e77e653da047d2457a45516d1c9ea12ae3b7&sid= https://poqueras.com/noid/slope?lame=2H9bknzlz6BNNCcn10k5gQ%3D%3D http://tare.pro/go/216668/575137	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: appricotads.g2afse.com
URL: http://appricotads.g2afse.com/sl?id=5f36c7821a6e4b1879225165&pid=2&sub1=&sub2=723040915_915&sub3=&sub4=

Domain: zorkamarket.g2afse.com
URL: http://zorkamarket.g2afse.com/sl?id=5f20049cd1fc3bbe7f2be6e6&pid=1215

Domain: orburu.com
URL: https://orburu.com/noid/hurried?wiry=yUTfM5ug980FMq10Mn96ng%3D%3D

Domain: apptastic.g2afse.com
URL: https://apptastic.g2afse.com/click?pid=140&offer_id=2190522&sub1=NCT_iphone_pl_ofid8883715_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat8_sub4_sub5&sub2=723040915_915&sub4=id524153305

Domain: track.paddlewaver.com
URL: https://track.paddlewaver.com/?campaign_id=4499217&publisher_id=1000044&clickid=NCT_iphone_pl_ofid8654248_pid616_sub1_sub22_sub3ElishaSL_nat4_sub4_sub5&channel=723040616_2&gaid=D14AE094-3C1F-47A5-9863-C849E29CD308&idfa=D14AE094-3C1F-47A5-9863-C849E29CD308&packagename=id284819997&appname=id284819997

Domain: mobee.g2afse.com
URL: https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub2=46_723040915_915

Domain: track.themedia.site
URL: https://track.themedia.site/click?pid=5&offer_id=28307&sub1=NCT_iphone_pl_ofid8390392_pid915_sub1{clickid}_sub2915_sub3EdgeSL_nat15_sub4_sub5&sub2=723040915_915&sub7=id524153305&sub8=id524153305

Domain: poqueras.com
URL: https://poqueras.com/noid/slope?lame=2H9bknzlz6BNNCcn10k5gQ%3D%3D

Domain: tare.pro
URL: http://tare.pro/go/216668/575137

Domain: apptastic.g2afse.com
URL: http://apptastic.g2afse.com/sl?id=5ed0ee1c96f015dc9b166976&pid=192&sub1=PL&sub2=2190522&sub3=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&sub4=37.120.211.172&sub5=140

Domain: xml.blueparrot.media
URL: http://xml.blueparrot.media/redirect?feed=221274&auth=9tpPZk&url=https://www.netflix.com&subid=4_46_723040616_2

Domain: xml.blueparrot.media
URL: http://xml.blueparrot.media/redirect?feed=221274&auth=9tpPZk&url=https://www.netflix.com&subid=4_46_723040915_915

Domain: zorkamarket.g2afse.com
URL: http://zorkamarket.g2afse.com/sl?id=5f20049cd1fc3bbe7f2be6e6&pid=1215

Domain: tare.pro
URL: http://tare.pro/go/216668/575137

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsmobis.g2afse.com
adsplus.g2afse.com
amazus.g2afse.com
app.appsflyer.com
appricotads.g2afse.com
apps.apple.com
apptastic.g2afse.com
boostads.g2afse.com
click.appsamurai.com
clk.trk144.com
control.kochava.com
cpi-offers.com
digitalfuture.g2afse.com
limpid.g2afse.com
media412.go2affise.com
mob.palmparadise.info
mobee.g2afse.com
mobiem.g2afse.com
omnidatasolution.com
orburu.com
poqueras.com
recovercovid.com
tare.pro
toptopmedia.g2afse.com
totalcpi.com
track.gowithads.com
track.paddlewaver.com
track.themedia.site
tracking.lenzmx.com
trk.appittech.com
trk.revpartner.tech
trk.surfer.media
valuadle.g2afse.com
xml.blueparrot.media
zenoclick.g2afse.com
zorkamarket.g2afse.com
appricotads.g2afse.com
apptastic.g2afse.com
mobee.g2afse.com
orburu.com
poqueras.com
tare.pro
track.paddlewaver.com
track.themedia.site
xml.blueparrot.media
zorkamarket.g2afse.com
107.178.254.148
148.251.22.162
198.134.116.30
212.32.252.139
212.32.252.71
213.227.132.161
213.227.134.196
213.227.134.200
213.227.134.220
213.227.134.236
213.227.135.229
213.227.156.21
213.227.156.234
2606:4700:3031::681b:826f
2606:4700:3033::ac43:d024
2606:4700:e2::ac40:8725
2a02:26f0:6c00:19f::2a1
3.122.11.19
35.186.220.166
52.210.231.195
52.39.78.83
52.57.211.4
54.246.209.148
94.130.140.84
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
784163954fa7cbc9f2694dd5cc5bafb3296a11f6d911217deda9c1621b9b9ef6
ab886f4290353440a153cbdc0e891641b829642c3feebb1b2cbf520453fadcdc
c769d23bb419215f4739669bd2e427ea944b376bdde7ef2e14eeeff48ecd0e86
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cpi-offers.com Open in urlscan Pro 3.122.11.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

38 %HTTPS

17 %IPv6

23 Domains

36 Subdomains

9 IPs

5 Countries

2 kBTransfer

4 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Indicators

cpi-offers.com Open in urlscan Pro
3.122.11.19 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

38 %
HTTPS

17 %
IPv6

23
Domains

36
Subdomains

9
IPs

5
Countries

2 kB
Transfer

4 kB
Size

0
Cookies

24 HTTP transactions
0 data transactions