cpi-offers.com Open in urlscan Pro
3.124.212.198 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://whatsapp-freev04.xyz/ins/index.php?v=1608324117487
Effective URL:
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&nam...
Submission: On December 18 via manual (December 18th 2020, 10:43:59 pm UTC) from BR

Summary HTTP 67 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 7 countries across 25 domains to perform 67 HTTP transactions. The main IP is 3.124.212.198, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com.
TLS certificate: Issued by Amazon on November 25th 2020. Valid for: a year.

This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::ac43:98bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3037::681b:8fb4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2.16.186.107 2.16.186.107	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
1 2	185.66.200.220 185.66.200.220	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	185.66.201.34 185.66.201.34	201702 (SKHOSTING-EU) (SKHOSTING-EU)
3 3	213.227.156.21 213.227.156.21	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	212.32.252.65 212.32.252.65	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	212.32.250.3 212.32.250.3	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	212.32.249.110 212.32.249.110	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
13 14	3.124.212.198 3.124.212.198	16509 (AMAZON-02) (AMAZON-02)
1	52.206.9.228 52.206.9.228	14618 (AMAZON-AES) (AMAZON-AES)
2 2	213.227.135.213 213.227.135.213	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5 5	213.227.135.227 213.227.135.227	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5 5	52.202.164.231 52.202.164.231	14618 (AMAZON-AES) (AMAZON-AES)
5	35.171.134.132 35.171.134.132	14618 (AMAZON-AES) (AMAZON-AES)
3 6	213.227.134.196 213.227.134.196	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
8 8	213.227.134.236 213.227.134.236	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	65.9.68.26 65.9.68.26	16509 (AMAZON-02) (AMAZON-02)
7	2a02:26f0:6c0... 2a02:26f0:6c00:186::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700:20:... 2606:4700:20::681a:c03	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	213.227.134.198 213.227.134.198	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.134.234 213.227.134.234	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 3	213.227.135.231 213.227.135.231	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	212.7.209.69 212.7.209.69	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	212.7.209.75 212.7.209.75	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	13.228.124.226 13.228.124.226	16509 (AMAZON-02) (AMAZON-02)
2 2	213.227.135.229 213.227.135.229	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.227.134.204 213.227.134.204	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	2606:4700:303... 2606:4700:3033::ac43:d024	13335 (CLOUDFLAR...) (CLOUDFLARENET)
67	13

1 2606:4700:3037::ac43:98bd (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

whatsapp-freev04.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::681b:8fb4 (United States)

ASN13335 (CLOUDFLARENET, US)

ldwhatsapp-free01.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2.16.186.107 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-107.deploy.static.akamaitechnologies.com

cdn-bimi.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:81e5:face:b00c:0:4420 (Ireland)

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.200.220 (Slovakia) 1 redirects

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu

uprimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
goraps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.34 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: at-public.skhosting.eu

namel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.156.21 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

maxtopmedia.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
boostads.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.252.65 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

trk.applaunching.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.250.3 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

yoterup.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.32.249.110 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rainmaker.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 3.124.212.198 (Frankfurt am Main, Germany) 13 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-212-198.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
totalcpi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.9.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-9-228.compute-1.amazonaws.com

trk.games-to-run123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.135.213 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ttmma.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.227.135.227 (Netherlands) 5 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

times25.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.202.164.231 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-164-231.compute-1.amazonaws.com

69hfb5v.appsdeku.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.171.134.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-134-132.compute-1.amazonaws.com

t1.greatforwarding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.227.134.196 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

click2comm.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.227.134.236 (Netherlands) 8 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

brainadv.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apptrust.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cellonltd.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.68.26 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)

roinvesting.onelink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:6c00:186::2a1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

apps.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:c03 (United States)

ASN13335 (CLOUDFLARENET, US)

adcrate98.gotrackier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.134.198 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

digitalfuture.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.134.234 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

leaddaway.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.135.231 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

adcrate-solutions.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aandb.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.7.209.69 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

click.iconpeak2trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.7.209.75 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

thingortwo.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.228.124.226 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-124-226.ap-southeast-1.compute.amazonaws.com

track.paddlewaver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.135.229 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

go2.enjoycpi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.134.204 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

monetizeplus.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:d024 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

track.gowithads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	akamaized.net cdn-bimi.akamaized.net	544 KB
25	g2afse.com 25 redirects maxtopmedia.g2afse.com yoterup.g2afse.com rainmaker.g2afse.com mookomedia.g2afse.com Failed ttmma.g2afse.com brainadv.g2afse.com apptrust.g2afse.com aandb.g2afse.com Failed pandamobi.g2afse.com Failed digitalfuture.g2afse.com leaddaway.g2afse.com thingortwo.g2afse.com cellonltd.g2afse.com apply.g2afse.com Failed boostads.g2afse.com monetizeplus.g2afse.com zorkamarket.g2afse.com Failed	5 KB
13	go2affise.com 10 redirects times25.go2affise.com click2comm.go2affise.com adcrate-solutions.go2affise.com clovenmedia.go2affise.com Failed	2 KB
12	cpi-offers.com 11 redirects cpi-offers.com	4 KB
7	apple.com apps.apple.com
5	greatforwarding.com t1.greatforwarding.com
5	appsdeku.com 5 redirects 69hfb5v.appsdeku.com	1 KB
4	gotrackier.com adcrate98.gotrackier.com	2 KB
2	enjoycpi.com 2 redirects go2.enjoycpi.com	377 B
2	totalcpi.com 2 redirects totalcpi.com	762 B
2	iconpeak2trk.com 2 redirects click.iconpeak2trk.com	327 B
2	onelink.me 2 redirects roinvesting.onelink.me	832 B
2	ldwhatsapp-free01.xyz ldwhatsapp-free01.xyz	9 KB
1	gowithads.com 1 redirects track.gowithads.com	900 B
1	paddlewaver.com track.paddlewaver.com	244 B
1	games-to-run123.com trk.games-to-run123.com
1	applaunching.com 1 redirects trk.applaunching.com	272 B
1	namel.net namel.net	585 B
1	goraps.com 1 redirects goraps.com	860 B
1	uprimp.com uprimp.com	625 B
1	instagram.com www.instagram.com	34 KB
1	whatsapp-freev04.xyz 1 redirects whatsapp-freev04.xyz	624 B
0	tare.pro Failed tare.pro Failed
0	leadzu.com Failed r.leadzu.com Failed
0	lucazepa.com Failed lucazepa.com Failed
67	25

	Domain	Requested by
27	cdn-bimi.akamaized.net	ldwhatsapp-free01.xyz
12	cpi-offers.com	11 redirects namel.net
7	apps.apple.com	cpi-offers.com
6	click2comm.go2affise.com	3 redirects cpi-offers.com
5	t1.greatforwarding.com	cpi-offers.com
5	69hfb5v.appsdeku.com	5 redirects
5	times25.go2affise.com	5 redirects
4	cellonltd.g2afse.com	4 redirects
4	adcrate98.gotrackier.com	cpi-offers.com
3	digitalfuture.g2afse.com	3 redirects
2	go2.enjoycpi.com	2 redirects
2	totalcpi.com	2 redirects
2	boostads.g2afse.com	2 redirects
2	thingortwo.g2afse.com	2 redirects
2	click.iconpeak2trk.com	2 redirects
2	adcrate-solutions.go2affise.com	2 redirects
2	leaddaway.g2afse.com	2 redirects
2	roinvesting.onelink.me	2 redirects
2	apptrust.g2afse.com	2 redirects
2	brainadv.g2afse.com	2 redirects
2	ttmma.g2afse.com	2 redirects
2	rainmaker.g2afse.com	2 redirects
2	ldwhatsapp-free01.xyz	ldwhatsapp-free01.xyz
1	track.gowithads.com	1 redirects
1	monetizeplus.g2afse.com	1 redirects
1	track.paddlewaver.com	cpi-offers.com
1	aandb.g2afse.com	cpi-offers.com
1	trk.games-to-run123.com	cpi-offers.com
1	yoterup.g2afse.com	1 redirects
1	trk.applaunching.com	1 redirects
1	maxtopmedia.g2afse.com	1 redirects
1	namel.net	ldwhatsapp-free01.xyz
1	goraps.com	1 redirects
1	uprimp.com	ldwhatsapp-free01.xyz
1	www.instagram.com	ldwhatsapp-free01.xyz
1	whatsapp-freev04.xyz	1 redirects
0	tare.pro Failed	cpi-offers.com
0	zorkamarket.g2afse.com Failed	cpi-offers.com
0	r.leadzu.com Failed	cpi-offers.com
0	clovenmedia.go2affise.com Failed	cpi-offers.com
0	lucazepa.com Failed	cpi-offers.com
0	apply.g2afse.com Failed	cpi-offers.com
0	pandamobi.g2afse.com Failed	cpi-offers.com
0	mookomedia.g2afse.com Failed	cpi-offers.com
67	44

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-29` - `2021-11-28`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2020-11-27` - `2021-02-24`	3 months	crt.sh
uprimp.com R3	`2020-12-15` - `2021-03-15`	3 months	crt.sh
namel.net Let's Encrypt Authority X3	`2020-11-01` - `2021-01-30`	3 months	crt.sh
cpi-offers.com Amazon	`2020-11-25` - `2021-12-24`	a year	crt.sh
trk.games-to-run123.com Amazon	`2020-11-06` - `2021-12-05`	a year	crt.sh
*.dynforward.com R3	`2020-12-11` - `2021-03-11`	3 months	crt.sh
*.go2affise.com Go Daddy Secure Certificate Authority - G2	`2020-10-09` - `2021-11-10`	a year	crt.sh
itunes.apple.com DigiCert SHA2 Extended Validation Server CA-3	`2020-08-13` - `2021-08-14`	a year	crt.sh
track.paddlewaver.com Amazon	`2020-05-27` - `2021-06-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0
Frame ID: 73B78F57B23DDA3D07AB63E09EBF7022
Requests: 67 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://whatsapp-freev04.xyz/ins/index.php?v=1608324117487 HTTP 302
https://ldwhatsapp-free01.xyz/ins/en.html Page URL
https://goraps.com/fullpage.php?section=General&pub=961842&ga=g HTTP 302
https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XpZCpipZpdZirCiGkkjdC... Page URL
https://maxtopmedia.g2afse.com/click?pid=752&offer_id=59587&sub1=affC1608331419aff4801dbbb64007a256a682&sub... HTTP 302
https://trk.applaunching.com/click?pid=1242&offer_id=17490&sub1=5fdd309b42d2ff0001062b07&sub2=752_2484931... HTTP 302
https://yoterup.g2afse.com/click?pid=233&offer_id=17598&sub1=5fdd309bf7400000010b5f4c&sub2=1242_752_248... HTTP 302
https://rainmaker.g2afse.com/click?pid=498&offer_id=107789&sub1=5fdd309bbff4fb000194df14&sub2=233_1242_75... HTTP 302
https://rainmaker.g2afse.com/click?pid=195&offer_id=98397 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d01... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

67
Requests

81 %
HTTPS

20 %
IPv6

25
Domains

44
Subdomains

13
IPs

7
Countries

592 kB
Transfer

1084 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://whatsapp-freev04.xyz/ins/index.php?v=1608324117487 HTTP 302
https://ldwhatsapp-free01.xyz/ins/en.html Page URL
https://goraps.com/fullpage.php?section=General&pub=961842&ga=g HTTP 302
https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XpZCpipZpdZirCiGkkjdCpCrjANrAdNrGANrjGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_47608&adApiR=loaded_string_3058201643ba5bd4d546f6946743cf1d30060_2418336_1608331418.497_88883&refferer=1859084976_aHR0cHM6Ly9sZHdoYXRzYXBwLWZyZWUwMS54eXovaW5zL2VuLmh0bWw=&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923 Page URL
https://maxtopmedia.g2afse.com/click?pid=752&offer_id=59587&sub1=affC1608331419aff4801dbbb64007a256a682&sub2=24849315 HTTP 302
https://trk.applaunching.com/click?pid=1242&offer_id=17490&sub1=5fdd309b42d2ff0001062b07&sub2=752_24849315&sub6= HTTP 302
https://yoterup.g2afse.com/click?pid=233&offer_id=17598&sub1=5fdd309bf7400000010b5f4c&sub2=1242_752_24849315&sub3=&device_id=_ HTTP 302
https://rainmaker.g2afse.com/click?pid=498&offer_id=107789&sub1=5fdd309bbff4fb000194df14&sub2=233_1242_752_24849315 HTTP 302
https://rainmaker.g2afse.com/click?pid=195&offer_id=98397 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://whatsapp-freev04.xyz/ins/index.php?v=1608324117487 HTTP 302
https://ldwhatsapp-free01.xyz/ins/en.html

Request Chain 31

https://goraps.com/fullpage.php?section=General&pub=961842&ga=g HTTP 302
https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XpZCpipZpdZirCiGkkjdCpCrjANrAdNrGANrjGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_47608&adApiR=loaded_string_3058201643ba5bd4d546f6946743cf1d30060_2418336_1608331418.497_88883&refferer=1859084976_aHR0cHM6Ly9sZHdoYXRzYXBwLWZyZWUwMS54eXovaW5zL2VuLmh0bWw=&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923

Request Chain 33

https://boostads.g2afse.com/click?pid=8&offer_id=1255834&sub1=NCT_iphone_ch_ofid9036716_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat2_sub4_sub5&sub2=353450628&sub3=id524153305 HTTP 302
https://totalcpi.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=821&cid=5e00e7f244b0f80001ad1994&sid=7&udid=&name=&info=BoostAds2&blockTime=0 HTTP 302
https://mookomedia.g2afse.com/click?pid=42&offer_id=160437&sub1=NCT_iphone_ch_ofid9165977_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat19_sub4_sub5&sub4=353450616_7&sub5=id1400134578

Request Chain 34

https://ttmma.g2afse.com/click?pid=21&offer_id=483741&sub1=NCT_iphone_ch_ofid9359009_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat3_sub4_sub5&sub2=353450628_195&sub5=id524153305 HTTP 302
https://ttmma.g2afse.com/click?pid=17&offer_id=311194&sub1=&sub2=21_353450628_195&sub3=&sub4=&sub5=id524153305 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=765&cid=5fdd309c0ec8fc000179e8e3&sid=17_21_353450628_195&udid=&name=&info=Target4SL&blockTime=0 HTTP 302
https://times25.go2affise.com/click?pid=607&offer_id=146024&sub1=NCT_iphone_ch_ofid9092967_pid616_sub15fdd309c0ec8fc000179e8e3_sub217_21_353450628_195_sub3Target4SL_nat22_sub4_sub5&sub2=353450616_17_21_353450628_195&sub5=id1347129450 HTTP 302
https://69hfb5v.appsdeku.com/69hfb5v?p=607_353450616_17_21_353450628_195&sid=5fdd309c1add7e00012fd309&android_a_id=&idfa=&app_id=id1347129450 HTTP 302
https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450616_17_21_353450628_195

Request Chain 35

https://click2comm.go2affise.com/click?pid=310&offer_id=2800871&sub1=NCT_iphone_ch_ofid9411259_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat4_sub4_sub5&sub2=353450628_195&sub6=id524153305 HTTP 302
https://click2comm.go2affise.com/www.google.com

Request Chain 36

https://brainadv.g2afse.com/click?pid=37&offer_id=380230&sub1=353450628_195&sub2=id524153305&sub3=NCT_iphone_ch_ofid9133187_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat5_sub4_sub5 HTTP 302
https://apptrust.g2afse.com/click?pid=216&offer_id=424844&sub1=5fdd309b4234b70001526811&sub2=37_353450628_195&sub3=&sub3=&sub4=id524153305 HTTP 302
https://roinvesting.onelink.me/WnHD?pid=apptrust_int&c=W-APPMASTER&af_prt=skywindgroup&clickid=5fdd309c02baf900018246dc HTTP 302
https://apps.apple.com/GB/app/id1529122271?mt=8

Request Chain 37

https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1337424&sub1=NCT_iphone_ch_ofid9321291_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat6_sub4_sub5&sub2=353450628_195&sub4=id524153305 HTTP 302
https://aandb.g2afse.com/click?pid=2&offer_id=525296&sub1=5fdd309b45190c000118aadb&sub2=80_353450628_195&sub3=&sub4=id524153305

Request Chain 40

https://digitalfuture.g2afse.com/click?pid=2&offer_id=820078&sub1=NCT_iphone_ch_ofid6782310_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat9_sub4_sub5&sub2=353450628_195&sub4=BF42E251-43D8-4F41-9102-7ECD2AB4D845&sub5=id524153305 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://leaddaway.g2afse.com/click?pid=339&offer_id=1679472&sub1=NCT_iphone_ch_ofid8527515_pid616_sub1_sub22_sub3ElishaSL_nat14_sub4_sub5&sub2=353450616_2&sub5=id330376830 HTTP 302
https://apps.apple.com/us/app/id589328270

Request Chain 41

https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1342625&sub1=NCT_iphone_ch_ofid9308016_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat10_sub4_sub5&sub2=353450628_195&sub3=BF42E251-43D8-4F41-9102-7ECD2AB4D845&sub4=id524153305 HTTP 302
https://aandb.g2afse.com/click?pid=2&offer_id=550836&sub1=5fdd309b45190c000163549c&sub2=80_353450628_195&sub3=BF42E251-43D8-4F41-9102-7ECD2AB4D845&sub4=id524153305 HTTP 302
https://apps.apple.com/au/app/vantage-fx-forex-trading/id1457929724

Request Chain 42

https://click.iconpeak2trk.com/click?pid=32&offer_id=5769&ext1=NCT_iphone_ch_ofid9037657_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat11_sub4_sub5&sub1=353450628&sub2=195&offer_id=825757&sub1=NCT_iphone_ch_ofid9037657_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat11_sub4_sub5&sub2=353450628_195&sub3=id524153305 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=691&cid=&sid=32&udid=&name=&info=iconpeakppre&blockTime=0 HTTP 302
https://thingortwo.g2afse.com/click?pid=50&offer_id=18132&sub1=NCT_iphone_ch_ofid8504259_pid616_sub1_sub232_sub3iconpeakppre_nat9_sub4_sub5&sub2=353450616&sub3=32&sub4=id1342468799 HTTP 302
https://apps.apple.com/US/app/id359478823?ls=1&mt=8

Request Chain 44

https://cellonltd.g2afse.com/click?pid=43&offer_id=726336&sub1=NCT_iphone_ch_ofid9156779_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat13_sub4_sub5&sub2=353450628_195&sub3=id524153305 HTTP 302
https://cellonltd.g2afse.com/sl?id=5e0d9e94c7aae01fb75eca64&pid=55&sub1=NCT_iphone_ch_ofid9156779_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat13_sub4_sub5&sub2=353450628_195&sub3=id524153305&sub4=&sub5= HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=841&cid=5fdd309c6f43af0001d65682&sid=55&udid=&name=&info=CellonSL&blockTime=0 HTTP 302
https://times25.go2affise.com/click?pid=607&offer_id=146024&sub1=NCT_iphone_ch_ofid9092967_pid616_sub15fdd309c6f43af0001d65682_sub255_sub3CellonSL_nat22_sub4_sub5&sub2=353450616_55&sub5=id341232718 HTTP 302
https://69hfb5v.appsdeku.com/69hfb5v?p=607_353450616_55&sid=5fdd309c26484300015e2c83&android_a_id=&idfa=&app_id=id341232718 HTTP 302
https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450616_55

Request Chain 45

https://leaddaway.g2afse.com/click?pid=339&offer_id=1679472&sub1=NCT_iphone_ch_ofid8527515_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat14_sub4_sub5&sub2=353450628_195&sub5=id524153305 HTTP 302
https://apps.apple.com/us/app/id589328270

Request Chain 46

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1105627&sub1=NCT_iphone_ch_ofid8767991_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat15_sub4_sub5&sub2=353450628_195&sub5=id524153305 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://apply.g2afse.com/click?pid=3&offer_id=9451&sub1=NCT_iphone_ch_ofid8407414_pid616_sub1_sub22_sub3ElishaSL_nat21_sub4_sub5&sub4=id1134511982&sub2=353450616_2

Request Chain 48

https://ila3.co/o/183810?p=17&aff_clickid=NCT_iphone_ch_ofid8881423_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat17_sub4_sub5&sub1=353450628&sub2=195&app_name=id524153305&bundle_id=id524153305 HTTP 302
https://appalgo.g2afse.com/click?pid=26&offer_id=76151&sub1=2141eb418279319aa0142375_183810_225231&sub2=17_5015767467&sub3=&sub4=&sub5=id524153305 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=26&udid=&name=&info=appalgorem&blockTime=0 HTTP 302
https://pandamobi.g2afse.com/click?pid=6&offer_id=545191&sub1=NCT_iphone_ch_ofid8017624_pid616_sub1_sub226_sub3appalgorem_nat8_sub4_sub5&sub2=353450616_26&sub5=id1452992954

Request Chain 49

https://boostads.g2afse.com/click?pid=287&offer_id=1280943&sub1=NCT_iphone_ch_ofid9302154_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat18_sub4_sub5&sub2=353450628_195&sub3=id524153305&sub4=BF42E251-43D8-4F41-9102-7ECD2AB4D845&sub5=id524153305 HTTP 302
https://totalcpi.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=821&cid=5e00e7f244b0f80001ad1994&sid=7&udid=&name=&info=BoostAds2&blockTime=0 HTTP 302
https://track.paddlewaver.com/?campaign_id=4523535&publisher_id=1000125&clickid=NCT_iphone_ch_ofid9314166_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat12_sub4_sub5&channel=353450616_7&offer_id=825757&sub1=NCT_iphone_ch_ofid9314166_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat12_sub4_sub5&sub2=353450616_7&sub3=id1489425493

Request Chain 51

https://go2.enjoycpi.com/click?pid=628&offer_id=9356473&sub1=5fdd309bf52b5800013d010d&sub2=195&sub3=rmkrrem_nat20&sub4=BF42E251-43D8-4F41-9102-7ECD2AB4D845&sub5=id524153305&sub6=353450 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://times25.go2affise.com/click?pid=607&offer_id=146024&sub1=NCT_iphone_ch_ofid9092967_pid616_sub1_sub2_sub3TbLabq_nat22_sub4_sub5&sub2=353450616_&sub5=id1423046460 HTTP 302
https://69hfb5v.appsdeku.com/69hfb5v?p=607_353450616_&sid=5fdd309c1add7e0001c5ceec&android_a_id=&idfa=&app_id=id1423046460 HTTP 302
https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450616_

Request Chain 52

https://digitalfuture.g2afse.com/click?pid=2&offer_id=958751&sub1=NCT_iphone_ch_ofid7713307_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat21_sub4_sub5&sub2=353450628_195&sub5=id524153305 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://adcrate98.gotrackier.com/click?campaign_id=15224&pub_id=40&p1=NCT_iphone_ch_ofid9210812_pid616_sub1_sub22_sub3ElishaSL_nat7_sub4_sub5&source=353450616_2&app_name=id417571834

Request Chain 53

https://times25.go2affise.com/click?pid=607&offer_id=146024&sub1=NCT_iphone_ch_ofid9092967_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat22_sub4_sub5&sub2=353450628_195&sub5=id524153305 HTTP 302
https://69hfb5v.appsdeku.com/69hfb5v?p=607_353450628_195&sid=5fdd309b1add7e000152317f&android_a_id=&idfa=&app_id=id524153305 HTTP 302
https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450628_195

Request Chain 55

https://boostads.g2afse.com/click?pid=8&offer_id=1255834&sub1=NCT_iphone_ch_ofid9036716_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat2_sub4_sub5&sub2=353450628&sub3=id524153305 HTTP 302
https://totalcpi.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=821&cid=5e00e7f244b0f80001ad1994&sid=7&udid=&name=&info=BoostAds2&blockTime=0 HTTP 302
https://clovenmedia.go2affise.com/click?pid=984&offer_id=777272&sub1=NCT_iphone_ch_ofid9301706_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat18_sub4_sub5&sub2=353450616&sub3=BoostAds2&sub4=7&sub5=01413FAF-21C6-4C60-A9A6-2943277E4EED&offer_id=825757&sub1=NCT_iphone_ch_ofid9301706_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat18_sub4_sub5&sub2=353450616_7&sub3=id1482766542&sub4=01413FAF-21C6-4C60-A9A6-2943277E4EED HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=777272 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 HTTP 302
https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167

Request Chain 56

https://click2comm.go2affise.com/click?pid=310&offer_id=2800871&sub1=NCT_iphone_ch_ofid9411259_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat4_sub4_sub5&sub2=353450628_195&sub6=id524153305 HTTP 302
https://click2comm.go2affise.com/www.google.com

Request Chain 57

https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1337424&sub1=NCT_iphone_ch_ofid9321291_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat6_sub4_sub5&sub2=353450628_195&sub4=id524153305 HTTP 302
https://aandb.g2afse.com/click?pid=2&offer_id=525296&sub1=5fdd309df456bd0001bf833a&sub2=80_353450628_195&sub3=&sub4=id524153305 HTTP 0
http://aandb.g2afse.com/disabled.html

Request Chain 58

https://pandamobi.g2afse.com/click?pid=6&offer_id=545191&sub1=NCT_iphone_ch_ofid8017624_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat8_sub4_sub5&sub2=353450628_195&sub5=id524153305 HTTP 0
http://r.leadzu.com/red/?code=4M4C8XL2R1ZN&a=6.&pubid=6

Request Chain 59

https://cellonltd.g2afse.com/click?pid=43&offer_id=726336&sub1=NCT_iphone_ch_ofid9156779_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat13_sub4_sub5&sub2=353450628_195&sub3=id524153305 HTTP 302
https://cellonltd.g2afse.com/sl?id=5e0d9e94c7aae01fb75eca64&pid=55&sub1=NCT_iphone_ch_ofid9156779_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat13_sub4_sub5&sub2=353450628_195&sub3=id524153305&sub4=&sub5= HTTP 302
https://monetizeplus.g2afse.com/click?pid=999&offer_id=784141&sub1=5fdd309da2840f0001cd3c0a&sub2=&pubid=55&sub2=353450628_195&sub3=&sub4=&sub5=id524153305&sub={sum}&payout={sum} HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=793&cid=5fdd309d48a39b0001bd043c&sid=999&udid=&name=&info=monetizeppre&blockTime=0 HTTP 302
https://track.gowithads.com/click?pid=141&offer_id=1986175&sub1=NCT_iphone_ch_ofid8868312_pid616_sub15fdd309d48a39b0001bd043c_sub2999_sub3monetizeppre_nat21_sub4_sub5&sub2=353450616_999&sub4=id768469908 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=599&cid=&sid=141_353450616_999&udid=&name=&info=GOWMsl&blockTime=0 HTTP 302
https://boostads.g2afse.com/click?pid=287&offer_id=1286928&sub1=NCT_iphone_ch_ofid9358013_pid616_sub1_sub2141_353450616_999_sub3GOWMsl_nat20_sub4_sub5&sub2=353450616_141_353450616_999&sub3=id418075935&sub5=id418075935 HTTP 302
https://totalcpi.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=821&cid=5e00e7f244b0f80001ad1994&sid=7&udid=&name=&info=BoostAds2&blockTime=0 HTTP 302
https://click.iconpeak2trk.com/click?pid=32&offer_id=5769&ext1=NCT_iphone_ch_ofid9037657_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat11_sub4_sub5&sub1=353450616&sub2=7&offer_id=825757&sub1=NCT_iphone_ch_ofid9037657_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat11_sub4_sub5&sub2=353450616_7&sub3=id1229033293 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=691&cid=&sid=32&udid=&name=&info=iconpeakppre&blockTime=0 HTTP 302
https://click2comm.go2affise.com/click?pid=310&offer_id=2818523&sub1=NCT_iphone_ch_ofid9411296_pid616_sub1_sub232_sub3iconpeakppre_nat13_sub4_sub5&sub2=353450616_32&sub6=id842250179 HTTP 302
https://click2comm.go2affise.com/www.google.com

Request Chain 60

https://digitalfuture.g2afse.com/click?pid=2&offer_id=1105627&sub1=NCT_iphone_ch_ofid8767991_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat15_sub4_sub5&sub2=353450628_195&sub5=id524153305 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
https://thingortwo.g2afse.com/click?pid=50&offer_id=18132&sub1=NCT_iphone_ch_ofid8504259_pid616_sub1_sub22_sub3ElishaSL_nat9_sub4_sub5&sub2=353450616&sub3=2&sub4=id1487212912 HTTP 302
https://apps.apple.com/US/app/id359478823?ls=1&mt=8

Request Chain 61

https://ila3.co/o/183810?p=17&aff_clickid=NCT_iphone_ch_ofid8881423_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat17_sub4_sub5&sub1=353450628&sub2=195&app_name=id524153305&bundle_id=id524153305 HTTP 302
https://appalgo.g2afse.com/click?pid=26&offer_id=76151&sub1=1441eb41827b2d91b014d809_183810_225231&sub2=17_5015767467&sub3=&sub4=&sub5=id524153305 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=26&udid=&name=&info=appalgorem&blockTime=0 HTTP 302
https://track.themedia.site/click?pid=5&offer_id=28366&sub1=NCT_iphone_ch_ofid8409227_pid616_sub1_sub226_sub3appalgorem_nat21_sub4_sub5&sub2=353450616_26&sub7=id1184083151&sub8=id1184083151 HTTP 0
http://zorkamarket.g2afse.com/sl?id=5f20049cd1fc3bbe7f2be6e6&pid=1215

Request Chain 62

https://mookomedia.g2afse.com/click?pid=42&offer_id=160437&sub1=NCT_iphone_ch_ofid9165977_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat19_sub4_sub5&sub4=353450628_195&sub5=id524153305 HTTP 0
http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106

Request Chain 63

https://go2.enjoycpi.com/click?pid=628&offer_id=9356473&sub1=5fdd309bf52b5800013d010d&sub2=195&sub3=rmkrrem_nat20&sub4=BF42E251-43D8-4F41-9102-7ECD2AB4D845&sub5=id524153305&sub6=353450 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1316604&sub1=NCT_iphone_ch_ofid9133884_pid616_sub1_sub2_sub3TbLabq_nat5_sub4_sub5&sub2=353450616_&sub4=id1274972321 HTTP 302
https://brainadv.g2afse.com/click?pid=47&offer_id=380230&sub3=5fdd309f45190c0001b6debb&sub1=80_353450616_&sub4=&sub5=&sub2=id1274972321 HTTP 302
https://apptrust.g2afse.com/click?pid=216&offer_id=424844&sub1=5fdd309f98cbd40001835e3c&sub2=47_80_353450616_&sub3=&sub3=&sub4=id1274972321 HTTP 302
https://roinvesting.onelink.me/WnHD?pid=apptrust_int&c=W-APPMASTER&af_prt=skywindgroup&clickid=5fdd309f196e34000128730b HTTP 302
https://apps.apple.com/GB/app/id1529122271?mt=8

Request Chain 64

https://times25.go2affise.com/click?pid=607&offer_id=146024&sub1=NCT_iphone_ch_ofid9092967_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat22_sub4_sub5&sub2=353450628_195&sub5=id524153305 HTTP 302
https://69hfb5v.appsdeku.com/69hfb5v?p=607_353450628_195&sid=5fdd309f26484300012ec018&android_a_id=&idfa=&app_id=id524153305 HTTP 302
https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450628_195

Request Chain 65

https://lucazepa.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 0
http://tare.pro/go/216668/575137

67 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	en.html Show response ldwhatsapp-free01.xyz/ins/ Redirect Chain https://whatsapp-freev04.xyz/ins/index.php?v=1608324117487 https://ldwhatsapp-free01.xyz/ins/en.html	39 KB 9 KB	93ms 60ms	Document text/html	2606:4700:3037::681b:8fb4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldwhatsapp-free01.xyz/ins/en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681b:8fb4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4b08f6b114260b2505e549c7c1850cee72c60f38e9244b585133e954f8c0677b` Request headers :method GET :authority ldwhatsapp-free01.xyz :scheme https :path /ins/en.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 22:43:38 GMT content-type text/html set-cookie __cfduid=d5310c9b168f91b4d223dbc8ae70fc2791608331418; expires=Sun, 17-Jan-21 22:43:38 GMT; path=/; domain=.ldwhatsapp-free01.xyz; HttpOnly; SameSite=Lax; Secure last-modified Thu, 17 Dec 2020 10:47:05 GMT vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 07199ef2320000324876bf0000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LxGHXDFctcq3H48aniazBZ4JquExAtk%2BZ6rwWaD1eURzqe%2FedpqzL4It8VSiHRrzmy9OHxZyafaX2GduRP3hRs9Sw8KYC402KDEvtOrsYcT8RjyPKp%2FT%2Fr%2F2d%2Bp5dg5JcjY%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 603c676389843248-FRA content-encoding br Redirect headers date Fri, 18 Dec 2020 22:43:38 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d90ce79e5d8b34344d7f568d6588ebeb01608331418; expires=Sun, 17-Jan-21 22:43:38 GMT; path=/; domain=.whatsapp-freev04.xyz; HttpOnly; SameSite=Lax; Secure location https://ldwhatsapp-free01.xyz/ins/en.html cf-cache-status DYNAMIC cf-request-id 07199ef1d600004a6e37156000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BQwmp6ubOQ4cz%2BG10qNiQZ5Y0Kty9Udi%2B12ZhpmiGdTr5WZajiR9iopd3nJVKq8WkOqCyc4pZrpgm481y5vUN8HLSUQye3sieUZto%2FaWPvL46V16SD4Avsa2ri70oIhCXA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 603c6762ec944a6e-FRA
GET H/1.1	200 OK	css2.css cdn-bimi.akamaized.net/landings/203323/1605193496/css/	434 B 813 B	121ms 30ms	Stylesheet text/css	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/css/css2.css?1605193496 Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Last-Modified Fri, 13 Nov 2020 16:00:27 GMT Server AmazonS3 x-amz-request-id 20BF5131B5FE41D3 ETag "e578b7e54ae7a9048306a2cdf8b7f505" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 434 x-amz-id-2 rf/WIbO6APbOwbkAMftVkg9pvYYLKgJJiMi0Ex/1XgmLnZBzAlrdd6CuRinBOKhH3A3//SmV130=
GET H/1.1	200 OK	bootstrap.min.css cdn-bimi.akamaized.net/landings/203323/1605193496/css/	152 KB 23 KB	143ms 53ms	Stylesheet text/css	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/css/bootstrap.min.css?1605193496 Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Content-Encoding gzip Last-Modified Fri, 13 Nov 2020 16:00:27 GMT Server AmazonS3 x-amz-request-id 6FD2000C12C02F4D ETag "c87bc8619c021b8f78b44d56edef86de" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 23239 x-amz-id-2 4Etwlbd9MrzzxKDuljn3pmgGB8F/n2Dxj1Wf9nq8pXpiFk3v8naWAkFyvTRDVQWN9zbW+i3vtNw=
GET H/1.1	200 OK	all.css cdn-bimi.akamaized.net/landings/203323/1605193496/css/	54 KB 12 KB	127ms 36ms	Stylesheet text/css	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/css/all.css?1605193496 Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Content-Encoding gzip Last-Modified Fri, 13 Nov 2020 16:00:27 GMT Server AmazonS3 x-amz-request-id 202DE2FCCC2FF433 ETag "e5146e86bad443747f528ba9eb223852" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 12079 x-amz-id-2 IvBQVkrXZSnUrMUbnSEJ0hAMYIWJjlj+/g+/U6klZf88w68gzmLwuWZQh2/jSUyYvEVw8XxetJU=
GET H/1.1	200 OK	wed9uzeob5.css cdn-bimi.akamaized.net/landings/203323/1605193496/css/	5 KB 2 KB	122ms 31ms	Stylesheet text/css	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/css/wed9uzeob5.css?1605193496 Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Content-Encoding gzip Last-Modified Fri, 13 Nov 2020 16:00:28 GMT Server AmazonS3 x-amz-request-id 9D389564541F5822 ETag "6830d34ae148ea4c80c14cc0c86c9c4c" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 1466 x-amz-id-2 SuwmzuQ3K+T884TPgUbl0fQdTEXbo7cWKdY0BVPCsoUixVlAw9js+vN1QldDcv3k7Gic6RqaIDQ=
GET H/1.1	200 OK	f04v9d8952.css cdn-bimi.akamaized.net/landings/203323/1605193496/css/	2 KB 1 KB	126ms 33ms	Stylesheet text/css	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/css/f04v9d8952.css?1605193496 Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Content-Encoding gzip Last-Modified Fri, 13 Nov 2020 16:00:27 GMT Server AmazonS3 x-amz-request-id 4AE181D9718F2E97 ETag "1bb19b17169dcafd0d11b41eb151ec52" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 701 x-amz-id-2 MgOUhknm0Mnpy2/MVDLZ6MVmbo17EMSj+gnsmrW6PK45p8VwKrjzWe270ThIAVhbB7bAPjyFHl0=
GET H/1.1	200 OK	chat.css cdn-bimi.akamaized.net/landings/203323/1605193496/css/	8 KB 2 KB	127ms 33ms	Stylesheet text/css	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/css/chat.css?1605193496 Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Content-Encoding gzip Last-Modified Fri, 13 Nov 2020 16:00:27 GMT Server AmazonS3 x-amz-request-id AY2X3XENCQ6TAWDW ETag "42b8237c37aab39f06fac53816971540" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 1944 x-amz-id-2 0McUgNajnxVRYVWAzfQcsIA57s6t/bghtBoedpbZBP583cwExXV7oXBpY/AOQCMyFuDZEXQXhNo=
GET H/1.1	200 OK	zj618f6ab5.css cdn-bimi.akamaized.net/landings/203323/1605193496/css/	3 KB 1 KB	150ms 32ms	Stylesheet text/css	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/css/zj618f6ab5.css?1605193496 Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Content-Encoding gzip Last-Modified Fri, 13 Nov 2020 16:00:28 GMT Server AmazonS3 x-amz-request-id 8E4971155A05DD87 ETag "71444c2f408d7a76494d97e0ce2f6721" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 766 x-amz-id-2 cUzmmsDKzqlxSMKUPvYneR95C7w75CKA5GY09Ep4Im17ptHlIYnqKf4lsZTlNniqH3Dvqz6K5zw=
GET H/1.1	200 OK	3w4650yn2l.css cdn-bimi.akamaized.net/landings/203323/1605193496/css/	1 KB 788 B	153ms 32ms	Stylesheet text/css	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/css/3w4650yn2l.css?1605193496 Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Content-Encoding gzip Last-Modified Fri, 13 Nov 2020 16:00:27 GMT Server AmazonS3 x-amz-request-id A9BE68D46672A0C3 ETag "3471b1c397b0e3c7e0260710d5a8f381" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 362 x-amz-id-2 l22dOQ8KlfrtmpjLye9SJcHaLAKBmCKW6j3ZUEquHwhUV2REJibyS9CBYLAuCoV+XK3miKY2Iu4=
GET H/1.1	200 OK	jquery.min.js cdn-bimi.akamaized.net/landings/203323/1605193496/js/	85 KB 30 KB	170ms 45ms	Script text/javascript	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/js/jquery.min.js?1605193496 Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Content-Encoding gzip Last-Modified Fri, 13 Nov 2020 16:00:28 GMT Server AmazonS3 x-amz-request-id 2B33F595D6C7D67D ETag "a09e13ee94d51c524b7e2a728c7d4039" Vary Accept-Encoding Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Content-Length 30351 x-amz-id-2 P94SiGldkzPQu8EXSykvt7ouAp0LpGE3mAqK+a0olwCCsZkrM1f9cbe91AXfAsXnyb/Wi1CEHvk=
GET H/1.1	200 OK	bootstrap.bundle.min.js cdn-bimi.akamaized.net/landings/203323/1605193496/js/	77 KB 22 KB	173ms 48ms	Script text/javascript	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/js/bootstrap.bundle.min.js?1605193496 Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Content-Encoding gzip Last-Modified Fri, 13 Nov 2020 16:00:28 GMT Server AmazonS3 x-amz-request-id 0236E229F73A32A3 ETag "a454220fc07088bf1fdd19313b6bfd50" Vary Accept-Encoding Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Content-Length 22291 x-amz-id-2 dRoqLic+zOeADjBtx2bdHKVFK3mNySZfx6ImgieAf9E04rUwL+b2uqxXMUQ17WxJFrx6uzdirRk=
GET H/1.1	200 OK	ik525f57w4.js cdn-bimi.akamaized.net/landings/203323/1605193496/js/	19 KB 5 KB	160ms 34ms	Script text/javascript	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/js/ik525f57w4.js?1605193496 Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Content-Encoding gzip Last-Modified Fri, 13 Nov 2020 16:00:28 GMT Server AmazonS3 x-amz-request-id 5868B9CDFD5E7688 ETag "c826e7ddb9e2d659c9ee5bbe8b005aa0" Vary Accept-Encoding Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Content-Length 5175 x-amz-id-2 2Xn5/8g6MG0IhTm6eNh1vNgw4+3Ikd4KJ2NoFblJHxzZLaRTqKP2x4b1MjwJpAPkaeyRvMILD4A=
GET H/1.1	200 OK	messages.js cdn-bimi.akamaized.net/landings/203323/1605193496/js/	180 KB 30 KB	185ms 43ms	Script text/javascript	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/js/messages.js?1605193496 Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Content-Encoding gzip Last-Modified Fri, 13 Nov 2020 16:00:28 GMT Server AmazonS3 x-amz-request-id 50EDC4188C3FECEB ETag "e0382dccadd293fd17a442d20f49971e" Vary Accept-Encoding Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Content-Length 30701 x-amz-id-2 TzHM0GFA9CmN+v37Rzd+2Knhnhq5JzCvAbWThoJZDdn+nlNxPxJcs41nywKZn9NgeIO4nZV2DOs=
GET H/1.1	200 OK	trls.js cdn-bimi.akamaized.net/landings/203323/1605193496/js/	22 KB 11 KB	191ms 42ms	Script text/javascript	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/js/trls.js?1605193496 Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Content-Encoding gzip Last-Modified Fri, 13 Nov 2020 16:00:28 GMT Server AmazonS3 x-amz-request-id B1D1A6FFCD426E7C ETag "7e53efa5a6bba11bcb09893708f5f94d" Vary Accept-Encoding Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Content-Length 10540 x-amz-id-2 LJJ5JrLoRFih4DCTGUagrRP3nui53pRRiJ+yB7RuZrrAbQ9TULdWyGZQ45TYJ31h8XZAWaQ/ieo=
GET H2	200	history.php ldwhatsapp-free01.xyz/ins/	566 B 564 B	44ms 42ms	Script text/html	2606:4700:3037::681b:8fb4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldwhatsapp-free01.xyz/ins/history.php Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681b:8fb4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 22:43:38 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KNHEnXiyFmUDKTUsQ9Pr%2BFBUmCfzdsnUmnLVLNmi4e%2BNwcyZynkgkkzIb0J7T8v8ZpLl0hZpHBAKtiKAj7xZrhaW6khJUW%2BR0t6USFzn%2BB5TkLUQzUdndJffw15WG1sAwbM%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 603c67640a643248-FRA cf-request-id 07199ef289000032488e03c000000001
GET H2	200	68d99ba29cc8.png www.instagram.com/static/images/ico/favicon-192.png/	34 KB 34 KB	20ms 6ms	Image image/png	2a03:2880:f21c:81e5:face:b00c:0:4420 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.instagram.com/static/images/ico/favicon-192.png/68d99ba29cc8.png Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f21c:81e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 19:42:33 GMT x-fb-trip-id 1679558926 etag "68d99ba29cc8" vary Accept-Encoding content-type image/png access-control-allow-origin * edge-control max-age=1209600, no-transform cache-control public,max-age=31536000,immutable content-encoding br content-length 34719
GET H/1.1	200 OK	xodkb5yc0i.png cdn-bimi.akamaized.net/landings/203323/1605193496/images/	109 KB 109 KB	38ms 37ms	Image image/png	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/images/xodkb5yc0i.png Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Last-Modified Fri, 13 Nov 2020 16:00:27 GMT Server AmazonS3 x-amz-request-id 6E0207D653F854BE ETag "bfdd07ace5a695c2cdb31785120bfdfe" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 111632 x-amz-id-2 SvZJ8X3gWH0SZBERf1ACh8MZCAP0TmHlPBSbxIpoad/9HjVX7VK/VsUuUf3SRlkCxHsCeOrC0v0=
GET H/1.1	200 OK	ro6k5cxvw4.png cdn-bimi.akamaized.net/landings/203323/1605193496/images/	11 KB 11 KB	34ms 33ms	Image image/png	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/images/ro6k5cxvw4.png Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Last-Modified Fri, 13 Nov 2020 16:00:26 GMT Server AmazonS3 x-amz-request-id 39FA004B213F4779 ETag "42646054d74c52311ddac5b117bffa1f" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 11048 x-amz-id-2 2Ain6tmBeziBdFlmw7lJNGjCPQ/3+FBJGZ3VJArkFltlzL9nXhSxc0Tw1FIRIbptVrD4o3cl22U=
GET H/1.1	200 OK	3twz2fc8eb.png cdn-bimi.akamaized.net/landings/203323/1605193496/images/	615 B 995 B	30ms 30ms	Image image/png	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/images/3twz2fc8eb.png Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Last-Modified Fri, 13 Nov 2020 16:00:25 GMT Server AmazonS3 x-amz-request-id 1448713D74B73266 ETag "486830ae8c419d37c8a275e62ad18f4d" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 615 x-amz-id-2 InUTQ5SZPVzl31vaXUn1n89mRzpR9IbG5Jl+d82Mn8P78No57yJlVtUXz/ArBfq7S3Wd0HCJbtc=
GET H/1.1	200 OK	w68de5eecb.png cdn-bimi.akamaized.net/landings/203323/1605193496/images/	33 KB 33 KB	31ms 31ms	Image image/png	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/images/w68de5eecb.png Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Last-Modified Fri, 13 Nov 2020 16:00:27 GMT Server AmazonS3 x-amz-request-id 4E018DF0898016B0 ETag "a9de28a6d8f2ea709e6a60049efeef85" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 33743 x-amz-id-2 36WXtsSIKVBHxZDdsEXhL1EClpHBaSSVfLWABRhllzdm5Qxv1FpsU01A1B2+O3ksmIPX1ttZIk4=
GET H/1.1	200 OK	k5081qtnr2.png cdn-bimi.akamaized.net/landings/203323/1605193496/images/	22 KB 22 KB	35ms 35ms	Image image/png	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/images/k5081qtnr2.png Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Last-Modified Fri, 13 Nov 2020 16:00:25 GMT Server AmazonS3 x-amz-request-id 7WFN9S5S3X9J9HER ETag "3bf4ac2afd7544836eaf7fb4d7892460" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 22058 x-amz-id-2 mLZyuiLh53Lz0aq/cs7aKKi1AA9nkocKINwL1rBYL5C+G+p3iWxKXCBC4nJbfWj6fKB77lu1E4Q=
GET H/1.1	200 OK	tcuifv56o2.png cdn-bimi.akamaized.net/landings/203323/1605193496/images/	35 KB 36 KB	31ms 31ms	Image image/png	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/images/tcuifv56o2.png Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Last-Modified Fri, 13 Nov 2020 16:00:26 GMT Server AmazonS3 x-amz-request-id 5D52A7D8B3BAB387 ETag "ed917c274514e9c16c0220c28de3ece2" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 36203 x-amz-id-2 0Ej+MxrjUs/lOXbKdRp4GPA8P71RgWztzOezqnH4ExSUN8bXHTzZgCTWLG6c4uYikQDsit0IEFg=
GET H/1.1	200 OK	oc08i5d7u1.png cdn-bimi.akamaized.net/landings/203323/1605193496/images/	121 KB 121 KB	31ms 30ms	Image image/png	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/images/oc08i5d7u1.png Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Last-Modified Fri, 13 Nov 2020 16:00:25 GMT Server AmazonS3 x-amz-request-id 56C4A5E59A8FFA50 ETag "30058824bbab47942439aee2cb686f41" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 123685 x-amz-id-2 X+3tPq+/uJdWI7QD21T2asmXt7toigLx4/66WHAJ8UsuYp9jVw38z9X5s7e1fbyjaLJCBqcwTpY=
GET H/1.1	200 OK	vbr16.jpg cdn-bimi.akamaized.net/landings/203323/1605193496/images/	15 KB 15 KB	34ms 34ms	Image image/jpeg	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/images/vbr16.jpg Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Last-Modified Fri, 13 Nov 2020 16:00:26 GMT Server AmazonS3 x-amz-request-id 0E40C5E203C117E9 ETag "08b8eeef39d1fc20a7af5d0cae11fbb1" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 14986 x-amz-id-2 7iITefX/+bXnTS6UVceAPvueTf18Q/7QsHIThk8y2IGVk8hmPG2J8H4Zm/FzU9x8d4Gx1bQ4+AA=
GET H/1.1	200 OK	m1.jpg cdn-bimi.akamaized.net/landings/203323/1605193496/images/	8 KB 8 KB	34ms 34ms	Image image/jpeg	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/images/m1.jpg Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Last-Modified Fri, 13 Nov 2020 16:00:25 GMT Server AmazonS3 x-amz-request-id 3A00AFC536A39FEF ETag "c4c4d5b7ec16caf645a10a72bad94e6b" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 7854 x-amz-id-2 ktQdDaQBKtSAFtYSCPZV/Ra+D9NlykJtsDa5HY5y1MOGzZfDKDORbgASVJQWaMSO5DAJyKM2TTw=
GET H/1.1	200 OK	m2.jpg cdn-bimi.akamaized.net/landings/203323/1605193496/images/	10 KB 10 KB	31ms 31ms	Image image/jpeg	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/images/m2.jpg Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Last-Modified Fri, 13 Nov 2020 16:00:25 GMT Server AmazonS3 x-amz-request-id 234657FCCE21AB29 ETag "c780ee693f7c1e334602a03fa41684e1" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 10060 x-amz-id-2 nwm3Yojuz6cgtnSM7Nekxvg0Qzez55ZFdPcFWJUs4xg9YtzWs2fA/UAM6xQAULUsoql/HMLNKEw=
GET H/1.1	200 OK	m3.jpg cdn-bimi.akamaized.net/landings/203323/1605193496/images/	8 KB 8 KB	31ms 30ms	Image image/jpeg	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/images/m3.jpg Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Last-Modified Fri, 13 Nov 2020 16:00:25 GMT Server AmazonS3 x-amz-request-id D8A7196B13C9954F ETag "e2b1cd1f44833be3961cf1c81680adfd" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 8271 x-amz-id-2 p7/rK+MZaoM957WFK6FqG7jPX9NpG+qqFAaC0hVEhPuLXxv1I7jMDW0nm+rwGnKzpPqy5fJXiVc=
GET H/1.1	200 OK	w4.jpg cdn-bimi.akamaized.net/landings/203323/1605193496/images/	7 KB 7 KB	34ms 34ms	Image image/jpeg	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/images/w4.jpg Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Last-Modified Fri, 13 Nov 2020 16:00:26 GMT Server AmazonS3 x-amz-request-id 56C0243D52DE227F ETag "6f84038603b848b9fdb2a326012ea37d" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 7205 x-amz-id-2 EfXuqV9TkS9slss8imme6Tu209VsQtC0i76w/2ANh1BxJH7gq0G0qakdmIxSMhOnlU0tSYVAzXY=
GET H/1.1	200 OK	w6.jpg cdn-bimi.akamaized.net/landings/203323/1605193496/images/	8 KB 8 KB	30ms 30ms	Image image/jpeg	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/images/w6.jpg Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Last-Modified Fri, 13 Nov 2020 16:00:27 GMT Server AmazonS3 x-amz-request-id 4B65F5D54BE597E8 ETag "390a5f20675c29427a8757f24ec121ef" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 8158 x-amz-id-2 Kz58pmWcN6y0C8oHOmyDX7lGNeRmgHNve2gyxLygbvmmSXxzct/J/ENMnrsxenM1UmCDbzkMGV4=
GET H/1.1	200 OK	w7.jpg cdn-bimi.akamaized.net/landings/203323/1605193496/images/	10 KB 11 KB	34ms 34ms	Image image/jpeg	2.16.186.107 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/203323/1605193496/images/w7.jpg Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-186-107.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:38 GMT Last-Modified Fri, 13 Nov 2020 16:00:27 GMT Server AmazonS3 x-amz-request-id 08C5DFCDFBFD2D6A ETag "a3e0c2478f5fb310de80a19449248188" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 10716 x-amz-id-2 KOnh8sAf0sqfSW+6DW0IG34uX8GD24+ybEngNGYtX8KrYUzE/ZAVWMSRYwYPfsQ+sYQDtaT1fmo=
GET H2	200	bnr.php uprimp.com/	371 B 625 B	198ms 65ms	Script application/javascript	185.66.200.220 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL https://uprimp.com/bnr.php?section=adienb&pub=961842&format=300x50&ga=g Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS 185.66.200.220.skhosting.eu Software nginx / Resource Hash Request headers Referer https://ldwhatsapp-free01.xyz/ins/en.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 18 Dec 2020 22:43:38 GMT last-modified Fri, 18 Dec 2020 22:43:38 GMT server nginx content-type application/javascript cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-robots-tag noindex, nofollow, noarchive, nosnippet expires Fri, 18 Dec 2020 22:43:38 GMT
GET H2	200	/ namel.net/d0d63e31e7/070a954047/ Redirect Chain https://goraps.com/fullpage.php?section=General&pub=961842&ga=g https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XpZCpipZpdZirCiGkkjdCpCrjANrAdNrGANrjGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_47608&adApiR=loaded_string_3058201643ba5bd4d546f694...	426 B 585 B	233ms 87ms	Document text/html	185.66.201.34 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XpZCpipZpdZirCiGkkjdCpCrjANrAdNrGANrjGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_47608&adApiR=loaded_string_3058201643ba5bd4d546f6946743cf1d30060_2418336_1608331418.497_88883&refferer=1859084976_aHR0cHM6Ly9sZHdoYXRzYXBwLWZyZWUwMS54eXovaW5zL2VuLmh0bWw=&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923 Requested by Host: ldwhatsapp-free01.xyz URL: https://ldwhatsapp-free01.xyz/ins/en.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS at-public.skhosting.eu Software nginx / Resource Hash Request headers :method GET :authority namel.net :scheme https :path /d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XpZCpipZpdZirCiGkkjdCpCrjANrAdNrGANrjGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_47608&adApiR=loaded_string_3058201643ba5bd4d546f6946743cf1d30060_2418336_1608331418.497_88883&refferer=1859084976_aHR0cHM6Ly9sZHdoYXRzYXBwLWZyZWUwMS54eXovaW5zL2VuLmh0bWw=&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://ldwhatsapp-free01.xyz/ins/en.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://ldwhatsapp-free01.xyz/ins/en.html Response headers server nginx date Fri, 18 Dec 2020 22:43:39 GMT content-type text/html; charset=UTF-8 set-cookie total_impressions=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_ad2418336=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None expires Sun, 01 Jan 2014 00:00:00 GMT cache-control no-store, no-cache, must-revalidate post-check=0, pre-check=0 pragma no-cache x-robots-tag noindex,nofollow content-encoding br Redirect headers server nginx date Fri, 18 Dec 2020 22:43:39 GMT content-type text/html; charset=UTF-8 location https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XpZCpipZpdZirCiGkkjdCpCrjANrAdNrGANrjGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_47608&adApiR=loaded_string_3058201643ba5bd4d546f6946743cf1d30060_2418336_1608331418.497_88883&refferer=1859084976_aHR0cHM6Ly9sZHdoYXRzYXBwLWZyZWUwMS54eXovaW5zL2VuLmh0bWw=&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923 expires Fri, 18 Dec 2020 22:43:38 GMT last-modified Fri, 18 Dec 2020 22:43:38 GMT cache-control no-store, no-cache, must-revalidate post-check=0, pre-check=0 pragma no-cache x-robots-tag noindex, nofollow, noarchive, nosnippet set-cookie used_ad2418336=1; expires=Sat, 19-Dec-2020 05:00:00 GMT; Max-Age=22581; path=/; domain=goraps.com; secure; HttpOnly; SameSite=None total_impressions=1; expires=Sat, 19-Dec-2020 05:00:00 GMT; Max-Age=22581; path=/; domain=goraps.com; secure; HttpOnly; SameSite=None cpa_673873=popup_434246231_4; expires=Sun, 17-Jan-2021 22:43:39 GMT; Max-Age=2592000; path=/; domain=goraps.com; secure; SameSite=None
GET H2	200	Primary Request fantastic.html Show response cpi-offers.com/ Redirect Chain https://maxtopmedia.g2afse.com/click?pid=752&offer_id=59587&sub1=affC1608331419aff4801dbbb64007a256a682&sub2=24849315 https://trk.applaunching.com/click?pid=1242&offer_id=17490&sub1=5fdd309b42d2ff0001062b07&sub2=752_24849315&sub6= https://yoterup.g2afse.com/click?pid=233&offer_id=17598&sub1=5fdd309bf7400000010b5f4c&sub2=1242_752_24849315&sub3=&device_id=_ https://rainmaker.g2afse.com/click?pid=498&offer_id=107789&sub1=5fdd309bbff4fb000194df14&sub2=233_1242_752_24849315 https://rainmaker.g2afse.com/click?pid=195&offer_id=98397 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0	6 KB 1 KB	74ms 25ms	Document text/html	3.124.212.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Requested by Host: namel.net URL: https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XpZCpipZpdZirCiGkkjdCpCrjANrAdNrGANrjGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_47608&adApiR=loaded_string_3058201643ba5bd4d546f6946743cf1d30060_2418336_1608331418.497_88883&refferer=1859084976_aHR0cHM6Ly9sZHdoYXRzYXBwLWZyZWUwMS54eXovaW5zL2VuLmh0bWw=&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.124.212.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-212-198.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `893e690bbcc46c8885bea28b3a30df0f9b88ab010582c96f48a7cf5fe2d537d1` Request headers :method GET :authority cpi-offers.com :scheme https :path /fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://namel.net/d0d63e31e7/070a954047/?placementName=ROTATOR&type=n&cv=XpZCpipZpdZirCiGkkjdCpCrjANrAdNrGANrjGCrCkjCrxCrixCjiCrCrGCxCidrriAGiCCr_47608&adApiR=loaded_string_3058201643ba5bd4d546f6946743cf1d30060_2418336_1608331418.497_88883&refferer=1859084976_aHR0cHM6Ly9sZHdoYXRzYXBwLWZyZWUwMS54eXovaW5zL2VuLmh0bWw=&yxDom=Z29yYXBzLmNvbQ==_d8938421060b08e96eef6193049d6923 Response headers date Fri, 18 Dec 2020 22:43:39 GMT content-type text/html; charset=utf-8 server nginx/1.14.1 x-powered-by Express access-control-allow-origin * etag W/"1723-eCMjcs0Tz5NxoREWJWdQzKUZCNg" content-encoding gzip Redirect headers server nginx date Fri, 18 Dec 2020 22:43:39 GMT content-type text/html; charset=utf-8 content-length 209 location https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 set-cookie afclick=5fdd309bf52b5800013d010d; Expires=Sat, 18 Dec 2021 22:43:39 GMT; Secure; SameSite=None
GET H2	404	click trk.games-to-run123.com/	0 0	375ms 123ms	Stylesheet application/json	52.206.9.228 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trk.games-to-run123.com/click?affid=47&cmpid=7eeefd53ae321e5c&clickid=NCT_iphone_ch_ofid8509696_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat1_sub4_sub5&siteid=353450628_195 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.206.9.228 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-206-9-228.compute-1.amazonaws.com Software / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET		click mookomedia.g2afse.com/ Redirect Chain https://boostads.g2afse.com/click?pid=8&offer_id=1255834&sub1=NCT_iphone_ch_ofid9036716_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat2_sub4_sub5&sub2=353450628&sub3=id524153305 https://totalcpi.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=821&cid=5e00e7f244b0f80001ad1994&sid=7&udid=&name=&info=BoostAds2&blockTime=0 https://mookomedia.g2afse.com/click?pid=42&offer_id=160437&sub1=NCT_iphone_ch_ofid9165977_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat19_sub4_sub5&sub4=353450616_7&sub5=id1400134578	0 0

GET H/1.1	404 Not Found	c55c7b6 t1.greatforwarding.com/ Redirect Chain https://ttmma.g2afse.com/click?pid=21&offer_id=483741&sub1=NCT_iphone_ch_ofid9359009_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat3_sub4_sub5&sub2=353450628_195&sub5=id524153305 https://ttmma.g2afse.com/click?pid=17&offer_id=311194&sub1=&sub2=21_353450628_195&sub3=&sub4=&sub5=id524153305 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=765&cid=5fdd309c0ec8fc000179e8e3&sid=17_21_353450628_195&udid=&name=&info=Target4SL&blockTime=0 https://times25.go2affise.com/click?pid=607&offer_id=146024&sub1=NCT_iphone_ch_ofid9092967_pid616_sub15fdd309c0ec8fc000179e8e3_sub217_21_353450628_195_sub3Target4SL_nat22_sub4_sub5&sub2=353450616_1... https://69hfb5v.appsdeku.com/69hfb5v?p=607_353450616_17_21_353450628_195&sid=5fdd309c1add7e00012fd309&android_a_id=&idfa=&app_id=id1347129450 https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450616_17_21_353450628_195	0 0	484ms 129ms	Stylesheet application/json	35.171.134.132 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450616_17_21_353450628_195 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 35.171.134.132 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-171-134-132.compute-1.amazonaws.com Software nginx / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 18 Dec 2020 22:43:41 GMT Server nginx Content-Type application/json Cache-Control private, no-cache, no-store, must-revalidate Connection keep-alive Content-Length 17 Expires -1 Redirect headers location https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450616_17_21_353450628_195 Date Fri, 18 Dec 2020 22:43:40 GMT Server nginx Connection keep-alive Content-Length 4 Content-Type application/json
GET H2	404	www.google.com click2comm.go2affise.com/ Redirect Chain https://click2comm.go2affise.com/click?pid=310&offer_id=2800871&sub1=NCT_iphone_ch_ofid9411259_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat4_sub4_sub5&sub2=353450628_195&sub6=id52415... https://click2comm.go2affise.com/www.google.com	0 0	30ms 30ms	Stylesheet text/html	213.227.134.196 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://click2comm.go2affise.com/www.google.com Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.134.196 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Redirect headers location /www.google.com date Fri, 18 Dec 2020 22:43:39 GMT server nginx content-length 38 content-type text/html; charset=utf-8
GET H2	200	id1529122271 apps.apple.com/GB/app/ Redirect Chain https://brainadv.g2afse.com/click?pid=37&offer_id=380230&sub1=353450628_195&sub2=id524153305&sub3=NCT_iphone_ch_ofid9133187_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat5_sub4_sub5 https://apptrust.g2afse.com/click?pid=216&offer_id=424844&sub1=5fdd309b4234b70001526811&sub2=37_353450628_195&sub3=&sub3=&sub4=id524153305 https://roinvesting.onelink.me/WnHD?pid=apptrust_int&c=W-APPMASTER&af_prt=skywindgroup&clickid=5fdd309c02baf900018246dc https://apps.apple.com/GB/app/id1529122271?mt=8	0 0	562ms 562ms	Stylesheet text/html	2a02:26f0:6c00:186::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/GB/app/id1529122271?mt=8 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:186::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin * Redirect headers date Fri, 18 Dec 2020 22:43:40 GMT via 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront) server http-kit x-amz-cf-pop FRA56-C1 strict-transport-security max-age=31536000; includeSubDomains x-cache Miss from cloudfront content-type application/octet-stream location https://apps.apple.com/GB/app/id1529122271?mt=8 content-length 0 x-amz-cf-id lECeELa5U--e9UaopH0NJ3sK83cFknhvm8enlfaCHpdNqM0ysBA81w==
GET		click aandb.g2afse.com/ Redirect Chain https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1337424&sub1=NCT_iphone_ch_ofid9321291_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat6_sub4_sub5&sub2=353450628_195&sub4=i... https://aandb.g2afse.com/click?pid=2&offer_id=525296&sub1=5fdd309b45190c000118aadb&sub2=80_353450628_195&sub3=&sub4=id524153305	0 0

GET H2	200	click adcrate98.gotrackier.com/	0 471 B	48ms 23ms	Stylesheet text/plain	2606:4700:20::681a:c03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adcrate98.gotrackier.com/click?campaign_id=15224&pub_id=40&p1=NCT_iphone_ch_ofid9210812_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat7_sub4_sub5&source=353450628_195&app_name=id524153305 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 22:43:39 GMT via 1.1 google cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PyM7BKcEExXrgm6iexzROtwYeaU9toga8bMWIL9c3UlfRTStiVVIZHqoHy%2BZAmdC%2Besl9NkPBBOArMEy6ptO7VSipFXS%2F3Z1HXg8URBeGahhGKA%2Fi368%2FeCCOEN5jzmafI7O%2FnM%3D"}],"group":"cf-nel","max_age":604800} cf-request-id 07199ef90000000629458b7000000001 cf-ray 603c676e6bcd0629-FRA content-length 0 x-rt 0
GET		click pandamobi.g2afse.com/	0 0

GET H2	200	id589328270 apps.apple.com/us/app/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=820078&sub1=NCT_iphone_ch_ofid6782310_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat9_sub4_sub5&sub2=353450628_195&sub4=BF42E251-4... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://leaddaway.g2afse.com/click?pid=339&offer_id=1679472&sub1=NCT_iphone_ch_ofid8527515_pid616_sub1_sub22_sub3ElishaSL_nat14_sub4_sub5&sub2=353450616_2&sub5=id330376830 https://apps.apple.com/us/app/id589328270	0 0	545ms 544ms	Stylesheet text/html	2a02:26f0:6c00:186::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/us/app/id589328270 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:186::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin * Redirect headers location https://apps.apple.com/us/app/id589328270 date Fri, 18 Dec 2020 22:43:40 GMT server nginx content-length 64 content-type text/html; charset=utf-8
GET H2	200	id1457929724 apps.apple.com/au/app/vantage-fx-forex-trading/ Redirect Chain https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1342625&sub1=NCT_iphone_ch_ofid9308016_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat10_sub4_sub5&sub2=353450628_195&sub3=... https://aandb.g2afse.com/click?pid=2&offer_id=550836&sub1=5fdd309b45190c000163549c&sub2=80_353450628_195&sub3=BF42E251-43D8-4F41-9102-7ECD2AB4D845&sub4=id524153305 https://apps.apple.com/au/app/vantage-fx-forex-trading/id1457929724	0 0	610ms 610ms	Stylesheet text/html	2a02:26f0:6c00:186::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/au/app/vantage-fx-forex-trading/id1457929724 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:186::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin * Redirect headers location https://apps.apple.com/au/app/vantage-fx-forex-trading/id1457929724 date Fri, 18 Dec 2020 22:43:40 GMT server nginx content-length 90 content-type text/html; charset=utf-8
GET H2	200	id359478823 apps.apple.com/US/app/ Redirect Chain https://click.iconpeak2trk.com/click?pid=32&offer_id=5769&ext1=NCT_iphone_ch_ofid9037657_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat11_sub4_sub5&sub1=353450628&sub2=195&offer_id=825... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=691&cid=&sid=32&udid=&name=&info=iconpeakppre&blockTime=0 https://thingortwo.g2afse.com/click?pid=50&offer_id=18132&sub1=NCT_iphone_ch_ofid8504259_pid616_sub1_sub232_sub3iconpeakppre_nat9_sub4_sub5&sub2=353450616&sub3=32&sub4=id1342468799 https://apps.apple.com/US/app/id359478823?ls=1&mt=8	0 0	668ms 667ms	Stylesheet text/html	2a02:26f0:6c00:186::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/US/app/id359478823?ls=1&mt=8 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:186::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin * Redirect headers location https://apps.apple.com/US/app/id359478823?ls=1&mt=8 date Fri, 18 Dec 2020 22:43:40 GMT referer referrer-policy no-referrer server nginx content-length 78 content-type text/html; charset=utf-8
GET H2	200	click adcrate98.gotrackier.com/	0 469 B	48ms 24ms	Stylesheet text/plain	2606:4700:20::681a:c03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adcrate98.gotrackier.com/click?campaign_id=21590&pub_id=40&p1=NCT_iphone_ch_ofid9288419_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat12_sub4_sub5&source=353450628_195&app_name=id524153305 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 22:43:39 GMT via 1.1 google cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=57J9HoyTJ%2FSX%2FDjCs7Uvi45oQ0hX5owWwjtOIOyBKGaeatM8dyzJUEOXhMUfd73U5BCU08fzR1KfRYXWuePUPXpHYrYosKnlkw%2Fl2rlsMnbGvJXgfF08RjWq3PQWhAQZqtNtrtM%3D"}],"group":"cf-nel","max_age":604800} cf-request-id 07199ef9000000062972aeb000000001 cf-ray 603c676e6bd00629-FRA content-length 0 x-rt 0
GET H/1.1	404 Not Found	c55c7b6 t1.greatforwarding.com/ Redirect Chain https://cellonltd.g2afse.com/click?pid=43&offer_id=726336&sub1=NCT_iphone_ch_ofid9156779_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat13_sub4_sub5&sub2=353450628_195&sub3=id524153305 https://cellonltd.g2afse.com/sl?id=5e0d9e94c7aae01fb75eca64&pid=55&sub1=NCT_iphone_ch_ofid9156779_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat13_sub4_sub5&sub2=353450628_195&sub3=id5... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=841&cid=5fdd309c6f43af0001d65682&sid=55&udid=&name=&info=CellonSL&blockTime=0 https://times25.go2affise.com/click?pid=607&offer_id=146024&sub1=NCT_iphone_ch_ofid9092967_pid616_sub15fdd309c6f43af0001d65682_sub255_sub3CellonSL_nat22_sub4_sub5&sub2=353450616_55&sub5=id341232718 https://69hfb5v.appsdeku.com/69hfb5v?p=607_353450616_55&sid=5fdd309c26484300015e2c83&android_a_id=&idfa=&app_id=id341232718 https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450616_55	0 0	486ms 123ms	Stylesheet application/json	35.171.134.132 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450616_55 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 35.171.134.132 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-171-134-132.compute-1.amazonaws.com Software nginx / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 18 Dec 2020 22:43:41 GMT Server nginx Content-Type application/json Cache-Control private, no-cache, no-store, must-revalidate Connection keep-alive Content-Length 17 Expires -1 Redirect headers location https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450616_55 Date Fri, 18 Dec 2020 22:43:40 GMT Server nginx Connection keep-alive Content-Length 4 Content-Type application/json
GET H2	200	id589328270 apps.apple.com/us/app/ Redirect Chain https://leaddaway.g2afse.com/click?pid=339&offer_id=1679472&sub1=NCT_iphone_ch_ofid8527515_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat14_sub4_sub5&sub2=353450628_195&sub5=id524153305 https://apps.apple.com/us/app/id589328270	0 0	3188ms 3143ms	Stylesheet text/html	2a02:26f0:6c00:186::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/us/app/id589328270 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:186::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin * Redirect headers location https://apps.apple.com/us/app/id589328270 date Fri, 18 Dec 2020 22:43:39 GMT server nginx content-length 64 content-type text/html; charset=utf-8
GET		click apply.g2afse.com/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=1105627&sub1=NCT_iphone_ch_ofid8767991_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat15_sub4_sub5&sub2=353450628_195&sub5=id524153305 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://apply.g2afse.com/click?pid=3&offer_id=9451&sub1=NCT_iphone_ch_ofid8407414_pid616_sub1_sub22_sub3ElishaSL_nat21_sub4_sub5&sub4=id1134511982&sub2=353450616_2	0 0

GET H2	200	click adcrate98.gotrackier.com/	0 790 B	44ms 20ms	Stylesheet text/plain	2606:4700:20::681a:c03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adcrate98.gotrackier.com/click?campaign_id=23825&pub_id=40&p1=NCT_iphone_ch_ofid9403543_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat16_sub4_sub5&source=353450628_195&app_name=id524153305 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 22:43:39 GMT via 1.1 google cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QJJcIXWludbxQ4wWyW0Vb5kIADfWKOYIQ%2FUZEpK0GLWjvXmYpnl478%2B5xtqxS%2BUrmyzxdP0nW%2ByecNpDjrA6IQThw8xag4%2BdHwjYkBEzklM%2Bm0lL7AB35iQaaGKC%2B7uaXrHbKAQ%3D"}],"group":"cf-nel","max_age":604800} cf-request-id 07199ef90100000629682f3000000001 cf-ray 603c676e6bd10629-FRA content-length 0 x-rt 0
GET		click pandamobi.g2afse.com/ Redirect Chain https://ila3.co/o/183810?p=17&aff_clickid=NCT_iphone_ch_ofid8881423_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat17_sub4_sub5&sub1=353450628&sub2=195&app_name=id524153305&bundle_id=id... https://appalgo.g2afse.com/click?pid=26&offer_id=76151&sub1=2141eb418279319aa0142375_183810_225231&sub2=17_5015767467&sub3=&sub4=&sub5=id524153305 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=26&udid=&name=&info=appalgorem&blockTime=0 https://pandamobi.g2afse.com/click?pid=6&offer_id=545191&sub1=NCT_iphone_ch_ofid8017624_pid616_sub1_sub226_sub3appalgorem_nat8_sub4_sub5&sub2=353450616_26&sub5=id1452992954	0 0

GET H/1.1	200 OK	/ track.paddlewaver.com/ Redirect Chain https://boostads.g2afse.com/click?pid=287&offer_id=1280943&sub1=NCT_iphone_ch_ofid9302154_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat18_sub4_sub5&sub2=353450628_195&sub3=id524153305... https://totalcpi.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=821&cid=5e00e7f244b0f80001ad1994&sid=7&udid=&name=&info=BoostAds2&blockTime=0 https://track.paddlewaver.com/?campaign_id=4523535&publisher_id=1000125&clickid=NCT_iphone_ch_ofid9314166_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat12_sub4_sub5&channel=353450616_7...	15 B 244 B	694ms 170ms	Stylesheet text/html	13.228.124.226 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.paddlewaver.com/?campaign_id=4523535&publisher_id=1000125&clickid=NCT_iphone_ch_ofid9314166_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat12_sub4_sub5&channel=353450616_7&offer_id=825757&sub1=NCT_iphone_ch_ofid9314166_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat12_sub4_sub5&sub2=353450616_7&sub3=id1489425493 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.228.124.226 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-228-124-226.ap-southeast-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash `4f50293477d9a7d4274844a38926ac7febd7ddb49ec844be25ec2d1dcb16558d` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 18 Dec 2020 22:43:40 GMT Content-Encoding gzip Server nginx/1.16.1 Connection keep-alive Content-Length 35 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Redirect headers date Fri, 18 Dec 2020 22:43:39 GMT server nginx/1.14.1 location https://track.paddlewaver.com/?campaign_id=4523535&publisher_id=1000125&clickid=NCT_iphone_ch_ofid9314166_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat12_sub4_sub5&channel=353450616_7&offer_id=825757&sub1=NCT_iphone_ch_ofid9314166_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat12_sub4_sub5&sub2=353450616_7&sub3=id1489425493 x-powered-by Express vary Accept content-type text/plain; charset=utf-8 access-control-allow-origin * content-length 373
GET		click mookomedia.g2afse.com/	0 0

GET H/1.1	404 Not Found	c55c7b6 t1.greatforwarding.com/ Redirect Chain https://go2.enjoycpi.com/click?pid=628&offer_id=9356473&sub1=5fdd309bf52b5800013d010d&sub2=195&sub3=rmkrrem_nat20&sub4=BF42E251-43D8-4F41-9102-7ECD2AB4D845&sub5=id524153305&sub6=353450 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://times25.go2affise.com/click?pid=607&offer_id=146024&sub1=NCT_iphone_ch_ofid9092967_pid616_sub1_sub2_sub3TbLabq_nat22_sub4_sub5&sub2=353450616_&sub5=id1423046460 https://69hfb5v.appsdeku.com/69hfb5v?p=607_353450616_&sid=5fdd309c1add7e0001c5ceec&android_a_id=&idfa=&app_id=id1423046460 https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450616_	0 0	495ms 119ms	Stylesheet application/json	35.171.134.132 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450616_ Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 35.171.134.132 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-171-134-132.compute-1.amazonaws.com Software nginx / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 18 Dec 2020 22:43:40 GMT Server nginx Content-Type application/json Cache-Control private, no-cache, no-store, must-revalidate Connection keep-alive Content-Length 17 Expires -1 Redirect headers location https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450616_ Date Fri, 18 Dec 2020 22:43:40 GMT Server nginx Connection keep-alive Content-Length 4 Content-Type application/json
GET H2	200	click adcrate98.gotrackier.com/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=958751&sub1=NCT_iphone_ch_ofid7713307_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat21_sub4_sub5&sub2=353450628_195&sub5=id524153305 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://adcrate98.gotrackier.com/click?campaign_id=15224&pub_id=40&p1=NCT_iphone_ch_ofid9210812_pid616_sub1_sub22_sub3ElishaSL_nat7_sub4_sub5&source=353450616_2&app_name=id417571834	0 413 B	20ms 20ms	Stylesheet text/plain	2606:4700:20::681a:c03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adcrate98.gotrackier.com/click?campaign_id=15224&pub_id=40&p1=NCT_iphone_ch_ofid9210812_pid616_sub1_sub22_sub3ElishaSL_nat7_sub4_sub5&source=353450616_2&app_name=id417571834 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 22:43:40 GMT via 1.1 google cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2lYphlLU%2BTyAG1Wz5GsEO1PmbE404W4Akhi7vcEiwxr%2BqKIAlJXzJAcZaiY3OGv7sCa%2FVNqohXizpJPNg1ei0yVhKpTL0fm%2F4VCaQbFjx%2FhIq%2F6LSqUL%2BJXvosOcMfr2NCmBppI%3D"}],"group":"cf-nel","max_age":604800} cf-request-id 07199ef97300000629609b9000000001 cf-ray 603c676f1d800629-FRA content-length 0 x-rt 0 Redirect headers date Fri, 18 Dec 2020 22:43:40 GMT server nginx/1.14.1 location https://adcrate98.gotrackier.com/click?campaign_id=15224&pub_id=40&p1=NCT_iphone_ch_ofid9210812_pid616_sub1_sub22_sub3ElishaSL_nat7_sub4_sub5&source=353450616_2&app_name=id417571834 x-powered-by Express vary Accept content-type text/plain; charset=utf-8 access-control-allow-origin * content-length 203
GET H/1.1	404 Not Found	c55c7b6 t1.greatforwarding.com/ Redirect Chain https://times25.go2affise.com/click?pid=607&offer_id=146024&sub1=NCT_iphone_ch_ofid9092967_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat22_sub4_sub5&sub2=353450628_195&sub5=id524153305 https://69hfb5v.appsdeku.com/69hfb5v?p=607_353450628_195&sid=5fdd309b1add7e000152317f&android_a_id=&idfa=&app_id=id524153305 https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450628_195	0 0	478ms 123ms	Stylesheet application/json	35.171.134.132 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450628_195 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 35.171.134.132 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-171-134-132.compute-1.amazonaws.com Software nginx / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 18 Dec 2020 22:43:40 GMT Server nginx Content-Type application/json Cache-Control private, no-cache, no-store, must-revalidate Connection keep-alive Content-Length 17 Expires -1 Redirect headers location https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450628_195 Date Fri, 18 Dec 2020 22:43:40 GMT Server nginx Connection keep-alive Content-Length 4 Content-Type application/json
GET		married lucazepa.com/sage/	0 0

GET		click clovenmedia.go2affise.com/ Redirect Chain https://boostads.g2afse.com/click?pid=8&offer_id=1255834&sub1=NCT_iphone_ch_ofid9036716_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat2_sub4_sub5&sub2=353450628&sub3=id524153305 https://totalcpi.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=821&cid=5e00e7f244b0f80001ad1994&sid=7&udid=&name=&info=BoostAds2&blockTime=0 https://clovenmedia.go2affise.com/click?pid=984&offer_id=777272&sub1=NCT_iphone_ch_ofid9301706_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat18_sub4_sub5&sub2=353450616&sub3=BoostAds2&... https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=777272 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167 https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167	0 0

GET H2	404	www.google.com click2comm.go2affise.com/ Redirect Chain https://click2comm.go2affise.com/click?pid=310&offer_id=2800871&sub1=NCT_iphone_ch_ofid9411259_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat4_sub4_sub5&sub2=353450628_195&sub6=id52415... https://click2comm.go2affise.com/www.google.com	0 0	30ms 30ms	Stylesheet text/html	213.227.134.196 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://click2comm.go2affise.com/www.google.com Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.134.196 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Redirect headers location /www.google.com date Fri, 18 Dec 2020 22:43:41 GMT server nginx content-length 38 content-type text/html; charset=utf-8
GET		disabled.html aandb.g2afse.com/ Redirect Chain https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1337424&sub1=NCT_iphone_ch_ofid9321291_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat6_sub4_sub5&sub2=353450628_195&sub4=i... https://aandb.g2afse.com/click?pid=2&offer_id=525296&sub1=5fdd309df456bd0001bf833a&sub2=80_353450628_195&sub3=&sub4=id524153305 http://aandb.g2afse.com/disabled.html	0 0

GET		/ r.leadzu.com/red/ Redirect Chain https://pandamobi.g2afse.com/click?pid=6&offer_id=545191&sub1=NCT_iphone_ch_ofid8017624_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat8_sub4_sub5&sub2=353450628_195&sub5=id524153305 http://r.leadzu.com/red/?code=4M4C8XL2R1ZN&a=6.&pubid=6	0 0

GET H2	404	www.google.com click2comm.go2affise.com/ Redirect Chain https://cellonltd.g2afse.com/click?pid=43&offer_id=726336&sub1=NCT_iphone_ch_ofid9156779_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat13_sub4_sub5&sub2=353450628_195&sub3=id524153305 https://cellonltd.g2afse.com/sl?id=5e0d9e94c7aae01fb75eca64&pid=55&sub1=NCT_iphone_ch_ofid9156779_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat13_sub4_sub5&sub2=353450628_195&sub3=id5... https://monetizeplus.g2afse.com/click?pid=999&offer_id=784141&sub1=5fdd309da2840f0001cd3c0a&sub2=&pubid=55&sub2=353450628_195&sub3=&sub4=&sub5=id524153305&sub={sum}&payout={sum} https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=793&cid=5fdd309d48a39b0001bd043c&sid=999&udid=&name=&info=monetizeppre&blockTime=0 https://track.gowithads.com/click?pid=141&offer_id=1986175&sub1=NCT_iphone_ch_ofid8868312_pid616_sub15fdd309d48a39b0001bd043c_sub2999_sub3monetizeppre_nat21_sub4_sub5&sub2=353450616_999&sub4=id7684... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=599&cid=&sid=141_353450616_999&udid=&name=&info=GOWMsl&blockTime=0 https://boostads.g2afse.com/click?pid=287&offer_id=1286928&sub1=NCT_iphone_ch_ofid9358013_pid616_sub1_sub2141_353450616_999_sub3GOWMsl_nat20_sub4_sub5&sub2=353450616_141_353450616_999&sub3=id418075... https://totalcpi.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=821&cid=5e00e7f244b0f80001ad1994&sid=7&udid=&name=&info=BoostAds2&blockTime=0 https://click.iconpeak2trk.com/click?pid=32&offer_id=5769&ext1=NCT_iphone_ch_ofid9037657_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat11_sub4_sub5&sub1=353450616&sub2=7&offer_id=82575... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=691&cid=&sid=32&udid=&name=&info=iconpeakppre&blockTime=0 https://click2comm.go2affise.com/click?pid=310&offer_id=2818523&sub1=NCT_iphone_ch_ofid9411296_pid616_sub1_sub232_sub3iconpeakppre_nat13_sub4_sub5&sub2=353450616_32&sub6=id842250179 https://click2comm.go2affise.com/www.google.com	0 0	30ms 30ms	Stylesheet text/html	213.227.134.196 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://click2comm.go2affise.com/www.google.com Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.134.196 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Redirect headers location /www.google.com date Fri, 18 Dec 2020 22:43:41 GMT server nginx content-length 38 content-type text/html; charset=utf-8
GET H2	200	id359478823 apps.apple.com/US/app/ Redirect Chain https://digitalfuture.g2afse.com/click?pid=2&offer_id=1105627&sub1=NCT_iphone_ch_ofid8767991_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat15_sub4_sub5&sub2=353450628_195&sub5=id524153305 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 https://thingortwo.g2afse.com/click?pid=50&offer_id=18132&sub1=NCT_iphone_ch_ofid8504259_pid616_sub1_sub22_sub3ElishaSL_nat9_sub4_sub5&sub2=353450616&sub3=2&sub4=id1487212912 https://apps.apple.com/US/app/id359478823?ls=1&mt=8	0 0	6ms 6ms	Stylesheet text/html	2a02:26f0:6c00:186::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/US/app/id359478823?ls=1&mt=8 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:186::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin * Redirect headers location https://apps.apple.com/US/app/id359478823?ls=1&mt=8 date Fri, 18 Dec 2020 22:43:43 GMT referer referrer-policy no-referrer server nginx content-length 78 content-type text/html; charset=utf-8
GET		sl zorkamarket.g2afse.com/ Redirect Chain https://ila3.co/o/183810?p=17&aff_clickid=NCT_iphone_ch_ofid8881423_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat17_sub4_sub5&sub1=353450628&sub2=195&app_name=id524153305&bundle_id=id... https://appalgo.g2afse.com/click?pid=26&offer_id=76151&sub1=1441eb41827b2d91b014d809_183810_225231&sub2=17_5015767467&sub3=&sub4=&sub5=id524153305 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=26&udid=&name=&info=appalgorem&blockTime=0 https://track.themedia.site/click?pid=5&offer_id=28366&sub1=NCT_iphone_ch_ofid8409227_pid616_sub1_sub226_sub3appalgorem_nat21_sub4_sub5&sub2=353450616_26&sub7=id1184083151&sub8=id1184083151 http://zorkamarket.g2afse.com/sl?id=5f20049cd1fc3bbe7f2be6e6&pid=1215	0 0

GET		sl mookomedia.g2afse.com/ Redirect Chain https://mookomedia.g2afse.com/click?pid=42&offer_id=160437&sub1=NCT_iphone_ch_ofid9165977_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat19_sub4_sub5&sub4=353450628_195&sub5=id524153305 http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106	0 0

GET H2	200	id1529122271 apps.apple.com/GB/app/ Redirect Chain https://go2.enjoycpi.com/click?pid=628&offer_id=9356473&sub1=5fdd309bf52b5800013d010d&sub2=195&sub3=rmkrrem_nat20&sub4=BF42E251-43D8-4F41-9102-7ECD2AB4D845&sub5=id524153305&sub6=353450 https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1316604&sub1=NCT_iphone_ch_ofid9133884_pid616_sub1_sub2_sub3TbLabq_nat5_sub4_sub5&sub2=353450616_&sub4=id1274972321 https://brainadv.g2afse.com/click?pid=47&offer_id=380230&sub3=5fdd309f45190c0001b6debb&sub1=80_353450616_&sub4=&sub5=&sub2=id1274972321 https://apptrust.g2afse.com/click?pid=216&offer_id=424844&sub1=5fdd309f98cbd40001835e3c&sub2=47_80_353450616_&sub3=&sub3=&sub4=id1274972321 https://roinvesting.onelink.me/WnHD?pid=apptrust_int&c=W-APPMASTER&af_prt=skywindgroup&clickid=5fdd309f196e34000128730b https://apps.apple.com/GB/app/id1529122271?mt=8	0 0	6ms 6ms	Stylesheet text/html	2a02:26f0:6c00:186::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/GB/app/id1529122271?mt=8 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:186::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin * Redirect headers date Fri, 18 Dec 2020 22:43:43 GMT via 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront) server http-kit x-amz-cf-pop FRA56-C1 strict-transport-security max-age=31536000; includeSubDomains x-cache Miss from cloudfront content-type application/octet-stream location https://apps.apple.com/GB/app/id1529122271?mt=8 content-length 0 x-amz-cf-id _Dq1S2PWUzSOCm3EGIYyK1ueT0x4vJ1cyupRRTwXkY4nfaYWwL13Lg==
GET H/1.1	404 Not Found	c55c7b6 t1.greatforwarding.com/ Redirect Chain https://times25.go2affise.com/click?pid=607&offer_id=146024&sub1=NCT_iphone_ch_ofid9092967_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat22_sub4_sub5&sub2=353450628_195&sub5=id524153305 https://69hfb5v.appsdeku.com/69hfb5v?p=607_353450628_195&sid=5fdd309f26484300012ec018&android_a_id=&idfa=&app_id=id524153305 https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450628_195	0 0	124ms 124ms	Stylesheet application/json	35.171.134.132 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450628_195 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=628&cid=5fdd309bf52b5800013d010d&sid=195&udid=&name=&info=rmkrrem&blockTime=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 35.171.134.132 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-171-134-132.compute-1.amazonaws.com Software nginx / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 18 Dec 2020 22:43:43 GMT Server nginx Content-Type application/json Cache-Control private, no-cache, no-store, must-revalidate Connection keep-alive Content-Length 17 Expires -1 Redirect headers location https://t1.greatforwarding.com/c55c7b6?p=002281_607_353450628_195 Date Fri, 18 Dec 2020 22:43:43 GMT Server nginx Connection keep-alive Content-Length 4 Content-Type application/json
GET		575137 tare.pro/go/216668/ Redirect Chain https://lucazepa.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D http://tare.pro/go/216668/575137	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mookomedia.g2afse.com
URL: https://mookomedia.g2afse.com/click?pid=42&offer_id=160437&sub1=NCT_iphone_ch_ofid9165977_pid616_sub15e00e7f244b0f80001ad1994_sub27_sub3BoostAds2_nat19_sub4_sub5&sub4=353450616_7&sub5=id1400134578

Domain: aandb.g2afse.com
URL: https://aandb.g2afse.com/click?pid=2&offer_id=525296&sub1=5fdd309b45190c000118aadb&sub2=80_353450628_195&sub3=&sub4=id524153305

Domain: pandamobi.g2afse.com
URL: https://pandamobi.g2afse.com/click?pid=6&offer_id=545191&sub1=NCT_iphone_ch_ofid8017624_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat8_sub4_sub5&sub2=353450628_195&sub5=id524153305

Domain: apply.g2afse.com
URL: https://apply.g2afse.com/click?pid=3&offer_id=9451&sub1=NCT_iphone_ch_ofid8407414_pid616_sub1_sub22_sub3ElishaSL_nat21_sub4_sub5&sub4=id1134511982&sub2=353450616_2

Domain: pandamobi.g2afse.com
URL: https://pandamobi.g2afse.com/click?pid=6&offer_id=545191&sub1=NCT_iphone_ch_ofid8017624_pid616_sub1_sub226_sub3appalgorem_nat8_sub4_sub5&sub2=353450616_26&sub5=id1452992954

Domain: mookomedia.g2afse.com
URL: https://mookomedia.g2afse.com/click?pid=42&offer_id=160437&sub1=NCT_iphone_ch_ofid9165977_pid628_sub15fdd309bf52b5800013d010d_sub2195_sub3rmkrrem_nat19_sub4_sub5&sub4=353450628_195&sub5=id524153305

Domain: lucazepa.com
URL: https://lucazepa.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D

Domain: clovenmedia.go2affise.com
URL: https://clovenmedia.go2affise.com/click?pid=2&offer_id=715167&sub1=&sub2=319_&sub3=BoostAds2&sub8=715167

Domain: aandb.g2afse.com
URL: http://aandb.g2afse.com/disabled.html

Domain: r.leadzu.com
URL: http://r.leadzu.com/red/?code=4M4C8XL2R1ZN&a=6.&pubid=6

Domain: zorkamarket.g2afse.com
URL: http://zorkamarket.g2afse.com/sl?id=5f20049cd1fc3bbe7f2be6e6&pid=1215

Domain: mookomedia.g2afse.com
URL: http://mookomedia.g2afse.com/sl?id=5f89bb391a6e4b1879225295&pid=106

Domain: tare.pro
URL: http://tare.pro/go/216668/575137

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

69hfb5v.appsdeku.com
aandb.g2afse.com
adcrate-solutions.go2affise.com
adcrate98.gotrackier.com
apply.g2afse.com
apps.apple.com
apptrust.g2afse.com
boostads.g2afse.com
brainadv.g2afse.com
cdn-bimi.akamaized.net
cellonltd.g2afse.com
click.iconpeak2trk.com
click2comm.go2affise.com
clovenmedia.go2affise.com
cpi-offers.com
digitalfuture.g2afse.com
go2.enjoycpi.com
goraps.com
ldwhatsapp-free01.xyz
leaddaway.g2afse.com
lucazepa.com
maxtopmedia.g2afse.com
monetizeplus.g2afse.com
mookomedia.g2afse.com
namel.net
pandamobi.g2afse.com
r.leadzu.com
rainmaker.g2afse.com
roinvesting.onelink.me
t1.greatforwarding.com
tare.pro
thingortwo.g2afse.com
times25.go2affise.com
totalcpi.com
track.gowithads.com
track.paddlewaver.com
trk.applaunching.com
trk.games-to-run123.com
ttmma.g2afse.com
uprimp.com
whatsapp-freev04.xyz
www.instagram.com
yoterup.g2afse.com
zorkamarket.g2afse.com
aandb.g2afse.com
apply.g2afse.com
clovenmedia.go2affise.com
lucazepa.com
mookomedia.g2afse.com
pandamobi.g2afse.com
r.leadzu.com
tare.pro
zorkamarket.g2afse.com
13.228.124.226
185.66.200.220
185.66.201.34
2.16.186.107
212.32.249.110
212.32.250.3
212.32.252.65
212.7.209.69
212.7.209.75
213.227.134.196
213.227.134.198
213.227.134.204
213.227.134.234
213.227.134.236
213.227.135.213
213.227.135.227
213.227.135.229
213.227.135.231
213.227.156.21
2606:4700:20::681a:c03
2606:4700:3033::ac43:d024
2606:4700:3037::681b:8fb4
2606:4700:3037::ac43:98bd
2a02:26f0:6c00:186::2a1
2a03:2880:f21c:81e5:face:b00c:0:4420
3.124.212.198
35.171.134.132
52.202.164.231
52.206.9.228
65.9.68.26
4b08f6b114260b2505e549c7c1850cee72c60f38e9244b585133e954f8c0677b
4f50293477d9a7d4274844a38926ac7febd7ddb49ec844be25ec2d1dcb16558d
893e690bbcc46c8885bea28b3a30df0f9b88ab010582c96f48a7cf5fe2d537d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cpi-offers.com Open in urlscan Pro 3.124.212.198 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

81 %HTTPS

20 %IPv6

25 Domains

44 Subdomains

13 IPs

7 Countries

592 kBTransfer

1084 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cpi-offers.com Open in urlscan Pro
3.124.212.198 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

81 %
HTTPS

20 %
IPv6

25
Domains

44
Subdomains

13
IPs

7
Countries

592 kB
Transfer

1084 kB
Size

0
Cookies

67 HTTP transactions
0 data transactions