URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Submission: On January 15 via manual from DE

Summary

This website contacted 18 IPs in 6 countries across 39 domains to perform 45 HTTP transactions. The main IP is 3.124.136.225, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cpi-offers.com.
This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 14 3.124.136.225 16509 (AMAZON-02)
4 4 213.227.135.229 60781 (LEASEWEB-...)
9 13 213.227.135.231 60781 (LEASEWEB-...)
3 3 213.227.156.234 60781 (LEASEWEB-...)
2 2 107.178.241.150 15169 (GOOGLE)
2 2 52.49.52.35 16509 (AMAZON-02)
2 7 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 4 212.7.209.71 60781 (LEASEWEB-...)
2 2 34.95.74.198 15169 (GOOGLE)
2 2 65.9.58.77 16509 (AMAZON-02)
2 2 173.212.201.66 51167 (CONTABO)
1 1 172.67.158.57 13335 (CLOUDFLAR...)
1 1 104.21.69.236 13335 (CLOUDFLAR...)
1 1 172.64.164.30 13335 (CLOUDFLAR...)
1 1 172.64.99.24 13335 (CLOUDFLAR...)
2 52.203.234.71 14618 (AMAZON-AES)
1 2606:4700:303... 13335 (CLOUDFLAR...)
7 7 213.227.135.235 60781 (LEASEWEB-...)
1 1 3.226.13.42 14618 (AMAZON-AES)
1 52.71.147.113 14618 (AMAZON-AES)
2 5.9.5.202 24940 (HETZNER-AS)
4 6 213.227.134.236 60781 (LEASEWEB-...)
2 3 5.9.6.203 24940 (HETZNER-AS)
5 174.137.133.18 27257 (WEBAIR-IN...)
1 1 213.227.135.207 60781 (LEASEWEB-...)
1 1 34.120.248.84 15169 (GOOGLE)
1 35.241.13.125 15169 (GOOGLE)
2 2 213.227.134.220 60781 (LEASEWEB-...)
2 2 213.227.156.233 60781 (LEASEWEB-...)
1 1 44.238.181.62 16509 (AMAZON-02)
1 1 172.67.143.188 13335 (CLOUDFLAR...)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 104.27.178.200 13335 (CLOUDFLAR...)
1 1 213.227.134.194 60781 (LEASEWEB-...)
1 1 213.227.134.198 60781 (LEASEWEB-...)
1 2 35.190.35.33 15169 (GOOGLE)
2 2 212.7.209.69 60781 (LEASEWEB-...)
2 2 104.21.32.17 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 172.64.204.22 13335 (CLOUDFLAR...)
1 1 185.151.204.11 61273 (ADJUST-NL)
1 1 213.227.134.204 60781 (LEASEWEB-...)
1 1 213.227.156.19 60781 (LEASEWEB-...)
1 1 3.231.97.236 14618 (AMAZON-AES)
1 52.54.163.223 14618 (AMAZON-AES)
1 1 213.227.156.13 60781 (LEASEWEB-...)
45 18
Apex Domain
Subdomains
Transfer
28 g2afse.com
zorkamarket.g2afse.com
valuadle.g2afse.com
mookomedia.g2afse.com
brainadv.g2afse.com
ttmma.g2afse.com
zenoclick.g2afse.com
toptopmedia.g2afse.com
olamob.g2afse.com
digitalfuture.g2afse.com
nexamob.g2afse.com
apptastic.g2afse.com
bondika.g2afse.com
appnappmo.g2afse.com
appalgo.g2afse.com
appnapp.g2afse.com
mobee.g2afse.com
5 KB
14 cpi-offers.com
cpi-offers.com
6 KB
9 jetads.io
track.jetads.io
956 B
7 apple.com
apps.apple.com
itunes.apple.com
3 KB
5 go2affise.com
spradit.go2affise.com
gowith.go2affise.com
times25.go2affise.com Failed
lambadapp.go2affise.com
812 B
5 blueparrot.media
xml.blueparrot.media
226 B
4 trckswrm.com
aptrt.trckswrm.com
gowtmd.trckswrm.com
apnp.trckswrm.com
456 B
3 themedia.site
track.themedia.site
361 B
2 nedo.xyz
trk104.nedo.xyz
2 thespook.xyz
thespook.xyz
827 B
2 zappiering.com
zappiering.com
857 B
2 clickmara.com
click.clickmara.com
261 B
2 9696.me
t.9696.me
118 B
2 greatforwarding.com
t1.greatforwarding.com
2 mapuravity.com
278fklc.mapuravity.com
446 B
2 tare.pro
tare.pro
2 ila3.co
ila3.co
866 B
2 tlnk.io
twitter.tlnk.io
1 KB
2 strandnm.xyz
bv.strandnm.xyz
797 B
2 iconpeak2trk.com
click.iconpeak2trk.com
327 B
2 appsflyer.com
app.appsflyer.com
859 B
2 aver-leer.com
aver-leer.com
979 B
1 adjust.com
app.adjust.com
707 B
1 feed-apps.com
srv6.feed-apps.com
682 B
1 letsleeper.com
letsleeper.com
728 B
1 omnidatasolution.com
omnidatasolution.com
271 B
1 kanmobi.net
click.kanmobi.net
41 B
1 mnmnck.com
click.mnmnck.com
231 B
1 allontrk.com
c.allontrk.com
244 B
1 gotrackier.com
pandamobi.gotrackier.com
865 B
1 enjoycpi.com
go2.enjoycpi.com
189 B
1 poqueras.com
poqueras.com
587 B
1 bercioles.com
bercioles.com
636 B
1 funimete.com
funimete.com
851 B
1 lucazepa.com
lucazepa.com
712 B
0 rtad.io Failed
clicks.rtad.io Failed
0 worldofwarships.eu Failed
promo.worldofwarships.eu Failed
0 g4s6.com Failed
track.g4s6.com Failed
0 media-412.com Failed
track.media-412.com Failed
45 39
Domain Requested by
14 cpi-offers.com 12 redirects cpi-offers.com
9 track.jetads.io 5 redirects cpi-offers.com
5 xml.blueparrot.media cpi-offers.com
5 apps.apple.com cpi-offers.com
4 brainadv.g2afse.com 2 redirects cpi-offers.com
3 zorkamarket.g2afse.com 3 redirects
3 track.themedia.site 3 redirects
2 mobee.g2afse.com 2 redirects
2 lambadapp.go2affise.com 2 redirects
2 trk104.nedo.xyz cpi-offers.com
2 thespook.xyz 2 redirects
2 zappiering.com 2 redirects
2 appnapp.g2afse.com 2 redirects
2 gowith.go2affise.com 2 redirects cpi-offers.com
2 click.clickmara.com 1 redirects cpi-offers.com
2 apptastic.g2afse.com 1 redirects cpi-offers.com
2 digitalfuture.g2afse.com 2 redirects
2 toptopmedia.g2afse.com 2 redirects
2 ttmma.g2afse.com 2 redirects
2 t.9696.me 1 redirects cpi-offers.com
2 aptrt.trckswrm.com cpi-offers.com
2 t1.greatforwarding.com cpi-offers.com
2 278fklc.mapuravity.com 2 redirects
2 mookomedia.g2afse.com 2 redirects
2 tare.pro cpi-offers.com
2 ila3.co 2 redirects
2 itunes.apple.com 2 redirects
2 twitter.tlnk.io 2 redirects
2 bv.strandnm.xyz 2 redirects
2 click.iconpeak2trk.com 2 redirects
2 app.appsflyer.com 2 redirects
2 aver-leer.com 2 redirects
1 app.adjust.com 1 redirects
1 appalgo.g2afse.com 1 redirects
1 appnappmo.g2afse.com 1 redirects
1 bondika.g2afse.com 1 redirects
1 srv6.feed-apps.com cpi-offers.com
1 letsleeper.com 1 redirects
1 nexamob.g2afse.com 1 redirects
1 olamob.g2afse.com 1 redirects
1 omnidatasolution.com 1 redirects
1 apnp.trckswrm.com cpi-offers.com
1 zenoclick.g2afse.com 1 redirects
1 click.kanmobi.net cpi-offers.com
1 click.mnmnck.com 1 redirects
1 spradit.go2affise.com 1 redirects
1 gowtmd.trckswrm.com 1 redirects
1 c.allontrk.com 1 redirects
1 pandamobi.gotrackier.com cpi-offers.com
1 go2.enjoycpi.com 1 redirects
1 poqueras.com 1 redirects
1 bercioles.com 1 redirects
1 funimete.com 1 redirects
1 lucazepa.com 1 redirects
1 valuadle.g2afse.com 1 redirects
0 times25.go2affise.com Failed cpi-offers.com
0 clicks.rtad.io Failed cpi-offers.com
0 promo.worldofwarships.eu Failed cpi-offers.com
0 track.g4s6.com Failed cpi-offers.com
0 track.media-412.com Failed cpi-offers.com
45 60

This site contains no links.

Subject Issuer Validity Valid
itunes.apple.com
DigiCert SHA2 Extended Validation Server CA-3
2020-08-13 -
2021-08-14
a year crt.sh
cpi-offers.com
Amazon
2020-11-25 -
2021-12-24
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-09 -
2021-07-09
a year crt.sh
*.dynforward.com
R3
2020-12-11 -
2021-03-11
3 months crt.sh
aptrt.trckswrm.com
Let's Encrypt Authority X3
2020-11-30 -
2021-02-28
3 months crt.sh
t.9696.me
Go Daddy Secure Certificate Authority - G2
2020-09-23 -
2021-10-25
a year crt.sh
*.g2afse.com
DigiCert ECC Secure Server CA
2020-08-26 -
2021-09-02
a year crt.sh
*.kanmobi.net
Let's Encrypt Authority X3
2020-11-30 -
2021-02-28
3 months crt.sh
apnp.trckswrm.com
Let's Encrypt Authority X3
2020-11-30 -
2021-02-28
3 months crt.sh
*.clickmara.com
R3
2020-12-20 -
2021-03-20
3 months crt.sh

This page contains 1 frames:

Primary Page: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Frame ID: D7E99D14D57D8F314734CEE227B8D60F
Requests: 45 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

45
Requests

44 %
HTTPS

9 %
IPv6

39
Domains

60
Subdomains

18
IPs

6
Countries

5 kB
Transfer

10 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://track.themedia.site/click?pid=5&offer_id=28366&sub1=NCT_iphone_fr_ofid8408814_pid552_sub1,_sub2,_sub3adsperfectionppre_nat1_sub4_sub5&sub2=106240552_,&sub7=id927006017&sub8=id927006017 HTTP 302
  • http://zorkamarket.g2afse.com/sl?id=5f20049cd1fc3bbe7f2be6e6&pid=1215 HTTP 302
  • http://track.jetads.io/sl?id=5f200a51d1fc3bbe7f2be6e7&pid=1215&sub2=1215_ HTTP 302
  • http://track.jetads.io/disabled.html
Request Chain 1
  • https://valuadle.g2afse.com/click?pid=11&offer_id=37876&sub1=NCT_iphone_fr_ofid9060156_pid552_sub1,_sub2,_sub3adsperfectionppre_nat2_sub4_sub5&sub2=106240552_,&sub3=id927006017 HTTP 302
  • https://aver-leer.com/14E?pubref=600118c1e029cf000186fa06&affpubid=11&sitename=id927006017&subid3= HTTP 302
  • https://app.appsflyer.com/id905953485?af_siteid=11&pid=valuadle_int&af_click_lookback=7d&clickid=1770448b7f44584of0eo9bb0832a4c8a&idfa=&af_installpostback=false&sitename=id927006017&pubref=600118c1e029cf000186fa06&lpid=0&tsp=3854&drc=MQ== HTTP 302
  • https://apps.apple.com/US/app/id905953485?mt=8
Request Chain 2
  • https://click.iconpeak2trk.com/click?pid=6&offer_id=7870&sub7=NCT_iphone_fr_ofid9625639_pid552_sub1,_sub2,_sub3adsperfectionppre_nat3_sub4_sub5&sub1=106240552&sub2=,&sub5=id927006017 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=691&cid=&sid=6&udid=&name=&info=iconpeakppre&blockTime=0 HTTP 302
  • https://bv.strandnm.xyz/?sddtid=hdk9a&sdpi=42&pdco=Xkskjd2&pdos=2381168&pducid=NCT_iphone_fr_ofid5959871_pid616_sub1_sub26_sub3iconpeakppre_nat8_sub4_sub5&pisc1=106240616&pssc2=6&ppdo=id1452992954&pdumid=8796FAFE-22CF-40AF-AC37-09F0CC511DB9 HTTP 302
  • https://twitter.tlnk.io/serve?action=click&site_id=64980&ref_id=5SSSa8GZ1eW4Q5ZHN5SSTQ54NDg0f6HwxNj6EwNjg50NjA52fHw1N2DUxNX6x8NDJ78fDIz5ODExN4jg%3DEEE&sub_placement=%7BCREATIVE_ID%7D&sub_site_name=10032_7252 HTTP 302
  • https://itunes.apple.com/app/twitter/id333903271?ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer=mat_click_id%3Da81b0a661022489592e2509a93313dc1-20210115-20954%26link_click_id%3D878481803814648899&mat_click_id=a81b0a661022489592e2509a93313dc1-20210115-20954 HTTP 301
  • https://apps.apple.com/app/twitter/id333903271?mat_click_id=a81b0a661022489592e2509a93313dc1-20210115-20954&ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer=mat_click_id%3Da81b0a661022489592e2509a93313dc1-20210115-20954%26link_click_id%3D878481803814648899
Request Chain 4
  • https://ila3.co/o/189563?p=17&aff_clickid=NCT_iphone_fr_ofid9172901_pid552_sub1,_sub2,_sub3adsperfectionppre_nat5_sub4_sub5&sub1=106240552&sub2=,&app_name=id927006017&bundle_id=id927006017 HTTP 302
  • https://app.appsflyer.com/id1262148500?af_sub_siteid=17_5088432581&af_prt=taptica&pid=z2adigital_int&c=Taptica:EU-en:iOS:Card-Streaming&af_c_id=36667639&af_cost_value=4&af_cost_model=CPI&af_cost_currency=USD&af_click_lookback=7d&clickid=2611eb56e96b5da50073d1a4_189563_229916&advertising_id= HTTP 302
  • https://apps.apple.com/US/app/id1262148500?mt=8
Request Chain 5
  • https://lucazepa.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D HTTP 302
  • https://funimete.com/0--frjbgyibjhsd?adTagId=2151b962-72f8-11e8-bb75-0e497388635c&cpm=0.001&fallbackUrl=https%3A%2F%2Fbercioles.com%2Fredirect%3Fid%3D9%26auth%3Db37818a439a0d437ea8c11b268bda50cdf38b984 HTTP 302
  • https://bercioles.com/redirect?id=9&auth=b37818a439a0d437ea8c11b268bda50cdf38b984&clickid=6b9cd0e9-56e9-11eb-98c0-12b3143c308f HTTP 302
  • https://poqueras.com/noid/slope?lame=2H9bknzlz6BNNCcn10k5gQ%3D%3D HTTP 302
  • http://tare.pro/go/216668/575137
Request Chain 7
  • https://bv.strandnm.xyz/?sddtid=hdk9a&sdpi=42&pdco=Xkskjd2&pdos=2381168&pducid=NCT_iphone_fr_ofid5959871_pid552_sub1,_sub2,_sub3adsperfectionppre_nat8_sub4_sub5&pisc1=106240552&pssc2=,&ppdo=id927006017&pdumid=CD30B0FA-4937-4B13-88FA-6A978AA516E1 HTTP 302
  • https://twitter.tlnk.io/serve?action=click&site_id=64980&ref_id=5SSSa6GZ1eW6Q5ZHN8SSTQ52NDg0f4HwxNj4EwNjg10NjA55fHw5N7TQwM37x8NDJ48fDIz8ODExN1jg%3DEEE&sub_placement=%7BCREATIVE_ID%7D&sub_site_name=10032_7252 HTTP 302
  • https://itunes.apple.com/app/twitter/id333903271?ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer=mat_click_id%3D23d4c46e815d4706a91eb33961a33087-20210115-20954%26link_click_id%3D878481803193872017&mat_click_id=23d4c46e815d4706a91eb33961a33087-20210115-20954 HTTP 301
  • https://apps.apple.com/app/twitter/id333903271?mat_click_id=23d4c46e815d4706a91eb33961a33087-20210115-20954&ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer=mat_click_id%3D23d4c46e815d4706a91eb33961a33087-20210115-20954%26link_click_id%3D878481803193872017
Request Chain 8
  • https://go2.enjoycpi.com/click?pid=552&offer_id=9661214&sub1=,&sub2=,&sub3=adsperfectionppre_nat9&sub4=CD30B0FA-4937-4B13-88FA-6A978AA516E1&sub5=id927006017&sub6=106240 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
  • https://pandamobi.gotrackier.com/click?campaign_id=1583&pub_id=35&p1=NCT_iphone_fr_ofid8944529_pid616_sub1_sub2_sub3TbLabq_nat19_sub4_sub5&source=106240616_&p3=id284035177
Request Chain 9
  • https://apptrust.g2afse.com/click?pid=57&offer_id=285712&sub1=NCT_iphone_fr_ofid7111922_pid552_sub1,_sub2,_sub3adsperfectionppre_nat10_sub4_sub5&sub2=106240552_,&sub4=id927006017 HTTP 302
  • https://adsperfection.g2afse.com/click?pid=377&offer_id=67691&ref_id=600118c1b074790001b352c4&sub1=57.106240552_,&sub2=&sub3=id927006017 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0 HTTP 302
  • https://click2comm.go2affise.com/click?pid=310&offer_id=2847496&sub1=NCT_iphone_fr_ofid9598746_pid616_sub1,_sub2,_sub3adsperfectionppre_nat16_sub4_sub5&sub2=106240616_,&sub6=id1360098321 HTTP 302
  • https://track.g4s6.com/tnser/18/12072?c=&sp=310
Request Chain 10
  • https://mookomedia.g2afse.com/click?pid=42&offer_id=170965&sub1=NCT_iphone_fr_ofid9591066_pid552_sub1,_sub2,_sub3adsperfectionppre_nat11_sub4_sub5&sub4=106240552_,&sub5=id927006017 HTTP 302
  • https://278fklc.mapuravity.com/278fklc?p=42_106240552_,&sid=600118c111bcfe0001201082&android_id=&android_a_id=&idfa=&app_id=id927006017&param1= HTTP 302
  • https://t1.greatforwarding.com/c55c7b6?p=002753_42_106240552_,
Request Chain 12
  • https://go2.enjoycpi.com/click?pid=552&offer_id=9686905&sub1=,&sub2=,&sub3=adsperfectionppre_nat13&sub4=CD30B0FA-4937-4B13-88FA-6A978AA516E1&sub5=id927006017&sub6=106240 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0 HTTP 302
  • https://track.media-412.com/click?pid=225&offer_id=38119&sub1=106240616_&sub2=NCT_iphone_fr_ofid8864932_pid616_sub1_sub2_sub3TbLabq_nat7_sub4_sub5&sub5=id290638154
Request Chain 13
  • https://click.kanmobi.net/tracking/click?clickid=NCT_iphone_fr_ofid7986914_pid552_sub1,_sub2,_sub3adsperfectionppre_nat14_sub4_sub5&trafficsource=1373697408&offerid=429380059611289311&sub_placement=id927006017&pub_subid=106240552_, HTTP 302
  • https://click.iconpeak2trk.com/click?pid=307&offer_id=107&sub1=NV84ZmM4ZGVmZjYzOGY4YjI3YWZhYWRmZjdkNmEwNTc3Mg==&sub2=8e93c98aec563288c63566de0cdb83013c7aae5d&sub3=&sub5=id927006017&sub6=id927006017&ext1=1610684609000U3821 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=691&cid=&sid=307&udid=&name=&info=iconpeakppre&blockTime=0 HTTP 302
  • https://track.media-412.com/click?pid=225&offer_id=1447714&sub1=106240616_307&sub2=NCT_iphone_fr_ofid9708806_pid616_sub1_sub2307_sub3iconpeakppre_nat25_sub4_sub5&sub5=id1482926247
Request Chain 14
  • https://t.9696.me/click?pid=729&offer_id=116167&sub4=NCT_iphone_fr_ofid9501040_pid552_sub1,_sub2,_sub3adsperfectionppre_nat15_sub4_sub5&sub1=106240552&sub2=,&sub3=id927006017&sub7=id927006017 HTTP 302
  • https://t.9696.me/disabled.html
Request Chain 15
  • https://brainadv.g2afse.com/click?pid=37&offer_id=394194&sub1=106240552_,&sub2=id927006017&sub3=NCT_iphone_fr_ofid9711707_pid552_sub1,_sub2,_sub3adsperfectionppre_nat16_sub4_sub5 HTTP 302
  • https://brainadv.g2afse.com/disabled.html
Request Chain 16
  • https://c.allontrk.com/click?offer_id=53485&pub_id=38&pub_click_id=NCT_iphone_fr_ofid9657236_pid552_sub1,_sub2,_sub3adsperfectionppre_nat17_sub4_sub5&pub_sub_id=106240552&pub_sub_sub_id=,___8_1315335&dfa=CD30B0FA-4937-4B13-88FA-6A978AA516E1&gaid=CD30B0FA-4937-4B13-88FA-6A978AA516E1 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=899&cid=Aoqpv2QAAAF3BEizYAAA0O0AAAAmAAAAAA&sid=38&udid=&name=&info=IrisSL&blockTime=0 HTTP 302
  • https://gowtmd.trckswrm.com/click?offer_id=3574&pub_id=6&pub_id=6&pub_click_id=NCT_iphone_fr_ofid9690961_pid616_sub1Aoqpv2QAAAF3BEizYAAA0O0AAAAmAAAAAA_sub238_sub3IrisSL_nat3_sub4_sub5&pub_sub_id=106240616&pub_sub_sub_id=38&app=id393048976 HTTP 302
  • http://xml.blueparrot.media/redirect?feed=242010&auth=9tpPZk&url=google.com&pub_click_id=Au9EztIAAAF3BEi_1AAADfYAAAAGAAAAAA&subid=6_106240616
Request Chain 17
  • https://spradit.go2affise.com/click?pid=49&offer_id=697009&sub1=13413&sub2=106240552_,&sub3=id927006017&sub5=NCT_iphone_fr_ofid8585957_pid552_sub1,_sub2,_sub3adsperfectionppre_nat18_sub4_sub5&sub6=CD30B0FA-4937-4B13-88FA-6A978AA516E1 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=906&cid=&sid=13413_106240552_,&udid=&name=&info=SpraditSL&blockTime=0 HTTP 302
  • https://track.themedia.site/click?pid=5&offer_id=38873&sub1=NCT_iphone_fr_ofid9627135_pid616_sub1_sub213413_106240552_,_sub3SpraditSL_nat11_sub4_sub5&sub2=106240616_13413_106240552_,&sub7=id1454010667&sub8=id1454010667 HTTP 302
  • http://zorkamarket.g2afse.com/sl?id=5f20049cd1fc3bbe7f2be6e6&pid=1215 HTTP 302
  • http://track.jetads.io/sl?id=5f200a51d1fc3bbe7f2be6e7&pid=1215&sub2=1215_ HTTP 302
  • http://track.jetads.io/disabled.html
Request Chain 18
  • https://appricotads.g2afse.com/click?pid=251&offer_id=29613&ref_id=NCT_iphone_fr_ofid8843844_pid552_sub1,_sub2,_sub3adsperfectionppre_nat19_sub4_sub5&sub1=251_4850552&sub2=,&sub6=id927006017 HTTP 302
  • http://appricotads.g2afse.com/sl?id=5f36c7061a6e4b1879225163&pid=2&ref_id=&sub1=251_4850552&sub2=,&sub3=&sub4= HTTP 302
  • https://track.wg-aff.com/click?pid=2632&offer_id=24&ref_id=600118c4b3f01200019f3687&sub1=2_, HTTP 302
  • https://rdr.wargaming.net/jtgho0iv/?pub_id=2632&xid=600118c4f85ac20001e20601&xid_param1=2_,&xid_param_2= HTTP 301
  • https://promo.worldofwarships.eu/glows-27628/eu-fr/?pub_id=2632&xid=600118c4f85ac20001e20601&xid_param1=2_%2C&xid_param_2=&sid=SIDQr-tARfMX7btPpn39z4mUQe0LAM6pgsH2Bf4Ro5-7Tp3VP8mbARFMyLs0d1vQhSsnGnkB8A_73Cml6cwrFc0xcUQg-jyNyJrxVWo18fnDdrS0T2azWcQiAghmU3JiF6S5_9fLj2d-D5YlF8&enctid=c8jg1k83plpp&lpsn=WOWS+TMPLT1+CODE+BOOM+global&foris=1&utm_source=wlap&utm_medium=affiliate&utm_campaign=jtgho0iv&utm_content=2632
Request Chain 19
  • https://click.mnmnck.com/tracking/clicks?clickid=NCT_iphone_fr_ofid9675541_pid552_sub1,_sub2,_sub3adsperfectionppre_nat20_sub4_sub5&trafficsource=1373697408&offerid=432275643885207816&sub_placement=id927006017&pub_subid=106240552&idfa=CD30B0FA-4937-4B13-88FA-6A978AA516E1&gaid=CD30B0FA-4937-4B13-88FA-6A978AA516E1_, HTTP 302
  • https://ttmma.g2afse.com/click?pid=242&offer_id=475753&sub2=NV8xMzczNjk3NDA4_EDBEC173C5E83DCBDD60D550EC14C4E0&sub4=CD30B0FA-4937-4B13-88FA-6A978AA516E1&sub5=id927006017&sub1=003_20210115042329O5863 HTTP 302
  • https://ttmma.g2afse.com/click?pid=17&offer_id=311194&sub1=&sub2=242_NV8xMzczNjk3NDA4_EDBEC173C5E83DCBDD60D550EC14C4E0&sub3=&sub4=CD30B0FA-4937-4B13-88FA-6A978AA516E1&sub5=id927006017&sub6=242&sub7=475753 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=765&cid=600118c18374b10001b8055c&sid=17_242_NV8xMzczNjk3NDA4_EDBEC173C5E83DCBDD60D550EC14C4E0&udid=&name=&info=Target4SL&blockTime=0 HTTP 302
  • https://click.kanmobi.net/tracking/click?clickid=NCT_iphone_fr_ofid9118842_pid616_sub1600118c18374b10001b8055c_sub217_242_NV8xMzczNjk3NDA4_EDBEC173C5E83DCBDD60D550EC14C4E0_sub3Target4SL_nat10_sub4_sub5&trafficsource=1373692397&offerid=431309929346771470&pub_subid=106240616_17_242_NV8xMzczNjk3NDA4_EDBEC173C5E83DCBDD60D550EC14C4E0&sub_placement=id358801284
Request Chain 20
  • https://zenoclick.g2afse.com/click?pid=2&offer_id=41505&sub1=NCT_iphone_fr_ofid9597268_pid552_sub1,_sub2,_sub3adsperfectionppre_nat21_sub4_sub5&sub2=106240552_,&sub6=id927006017 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=941&cid=clickid&sid=2&udid=&name=&info=ZenoClickSL&blockTime=0 HTTP 302
  • https://apnp.trckswrm.com/click?offer_id=8812&pub_id=7&pub_id=7&pub_click_id=NCT_iphone_fr_ofid9684020_pid616_sub1clickid_sub22_sub3ZenoClickSL_nat35_sub4_sub5&pub_sub_id=106240616&pub_sub_sub_id=2&app=id1083982226
Request Chain 21
  • https://toptopmedia.g2afse.com/click?pid=214&offer_id=3093175&sub1=NCT_iphone_fr_ofid9499469_pid552_sub1,_sub2,_sub3adsperfectionppre_nat22_sub4_sub5&sub2=106240552_,&sub3=id927006017 HTTP 302
  • https://omnidatasolution.com/ntn/click/b2c093c4-e792-5864-9772-b22f35f418e4?dsp=affisejetads&f_click=600118c1bb1a3a0001956320&exchange=214&domain=id927006017&idfa= HTTP 302
  • https://track.jetads.io/click?pid=1227&offer_id=2552710&sub1=75e3d79e-03f8-44e0-8d8b-695917133713yTI_b2c093c4-e792-5864-9772-b22f35f418e4_1539546788&sub2=1539546788&sub4=null&sub7=id927006017 HTTP 302
  • http://track.jetads.io/sl?id=5f200a51d1fc3bbe7f2be6e7&pid=1215&sub2=1227_1539546788 HTTP 302
  • http://track.jetads.io/disabled.html
Request Chain 22
  • https://olamob.g2afse.com/click?pid=7&offer_id=18964&sub1=NCT_iphone_fr_ofid9661344_pid552_sub1,_sub2,_sub3adsperfectionppre_nat23_sub4_sub5&sub2=106240552_,&sub4=id927006017 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=7&udid=&name=&info=OlaMobSL&blockTime=0 HTTP 302
  • https://brainadv.g2afse.com/click?pid=3&offer_id=394194&sub3=NCT_iphone_fr_ofid9711472_pid616_sub1_sub27_sub3OlaMobSL_nat16_sub4_sub5&sub1=106240616_7&sub2=id1184083151 HTTP 302
  • https://brainadv.g2afse.com/disabled.html
Request Chain 24
  • https://cellonltd.g2afse.com/click?pid=43&offer_id=825552&sub1=NCT_iphone_fr_ofid9673561_pid552_sub1,_sub2,_sub3adsperfectionppre_nat25_sub4_sub5&sub2=106240552_,&sub3=id927006017 HTTP 302
  • https://cellonltd.g2afse.com/click?pid=55&offer_id=808294&sub1=NCT_iphone_fr_ofid9673561_pid552_sub1,_sub2,_sub3adsperfectionppre_nat25_sub4_sub5&sub2=106240552_,&sub3=id927006017&sub4=&sub5=&sub6= HTTP 302
  • https://cellonltd.go2affise.com/sl?id=600113cff7c443aec153f24f&pid=55&sub1=NCT_iphone_fr_ofid9673561_pid552_sub1,_sub2,_sub3adsperfectionppre_nat25_sub4_sub5&sub2=106240552_,&sub3=id927006017&sub4=&sub5=&sub6= HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=841&cid=600118c4a2840f0001a3d9b1&sid=55&udid=&name=&info=CellonSL&blockTime=0 HTTP 302
  • https://clicks.rtad.io/tracking/click?clickid=NCT_iphone_fr_ofid9677035_pid616_sub1600118c4a2840f0001a3d9b1_sub255_sub3CellonSL_nat20_sub4_sub5&trafficsource=1373692397&offerid=432275643885207816&pub_subid=106240616_55&idfa=55A18F10-B22B-4CED-B068-8843C24B9732&gaid=55A18F10-B22B-4CED-B068-8843C24B9732&sub_placement=id1453411110
Request Chain 26
  • https://digitalfuture.g2afse.com/click?pid=2&offer_id=1217626&sub1=NCT_iphone_fr_ofid9531287_pid552_sub1,_sub2,_sub3adsperfectionppre_nat27_sub4_sub5&sub2=106240552_,&sub5=id927006017 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
  • https://nexamob.g2afse.com/click?pid=15&offer_id=23824&sub1=NCT_iphone_fr_ofid9237725_pid616_sub1_sub22_sub3ElishaSL_nat32_sub4_sub5&sub2=106240616_2&sub3=id1342468799&sub5=id1342468799 HTTP 302
  • http://letsleeper.com/stue/cream?flat=IpWz7C0sV9J4MXD5x25Jbw%3D%3D&pid=104&clk=NCT_iphone_fr_ofid9237725_pid616_sub1_sub22_sub3ElishaSL_nat32_sub4_sub5&sid=15&sid2=106240616_2 HTTP 302
  • http://tare.pro/go/216668/575137
Request Chain 28
  • https://apptastic.g2afse.com/click?pid=46&offer_id=3813758&sub1=NCT_iphone_fr_ofid9590848_pid552_sub1,_sub2,_sub3adsperfectionppre_nat29_sub4_sub5&sub2=106240552_,&sub4=id927006017 HTTP 302
  • http://apptastic.g2afse.com/sl?id=5ed0ee1c96f015dc9b166976&pid=192&sub1=FR&sub2=3813758&sub3=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&sub4=82.102.18.114&sub5=46
Request Chain 30
  • https://bondika.g2afse.com/click?pid=2&offer_id=46136&sub1=106240552&sub2=,&sub3=NCT_iphone_fr_ofid8423154_pid552_sub1,_sub2,_sub3adsperfectionppre_nat31_sub4_sub5&sub4=CD30B0FA-4937-4B13-88FA-6A978AA516E1&sub5=id927006017 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=611&cid=&sid=2&udid=&name=&info=BondikaSL&blockTime=0 HTTP 302
  • https://track.themedia.site/click?pid=5&offer_id=28887&sub1=NCT_iphone_fr_ofid9496029_pid616_sub1_sub22_sub3BondikaSL_nat34_sub4_sub5&sub2=106240616_2&sub7=id927006017&sub8=id927006017 HTTP 302
  • http://zorkamarket.g2afse.com/sl?id=5f20049cd1fc3bbe7f2be6e6&pid=1215 HTTP 302
  • http://track.jetads.io/sl?id=5f200a51d1fc3bbe7f2be6e7&pid=1215&sub2=1215_ HTTP 302
  • http://track.jetads.io/disabled.html
Request Chain 31
  • https://appnappmo.g2afse.com/click?pid=2&offer_id=72439&sub1=NCT_iphone_fr_ofid8029869_pid552_sub1,_sub2,_sub3adsperfectionppre_nat32_sub4_sub5&sub2=106240552_,&sub5=id927006017 HTTP 302
  • https://appalgo.g2afse.com/click?pid=14&offer_id=50695&sub1=600118c4db138f00014233c3&sub2=2_106240552_,&sub3=&sub4=&sub5=id927006017 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=14&udid=&name=&info=appalgorem&blockTime=0 HTTP 302
  • https://click.clickmara.com/tracking/click?clickid=NCT_iphone_fr_ofid9308497_pid616_sub1_sub214_sub3appalgorem_nat22_sub4_sub5&trafficsource=1373671014&offerid=431560412108010800&pub_subid=106240616_14&sub_placement=id842250179 HTTP 302
  • https://ila3.co/o/188408?p=150&aff_clickid=1610684612000R7051&sub1=NV82ZTZjYTM5YTZkMTY3YmQzZDk4ZTZlNWE5MGQzMWVkNA==_aef093e2a58b36cde0d7dc2b7791a6aea0e22a20&idfa=&app_name=id842250179 HTTP 302
  • https://click.iconpeak2trk.com/click?pid=385&offer_id=8213&ext1=2841eb56e96d581570d3c252_188408_228125&sub1=150_5006002808&sub3=&sub5=id842250179&sub6= HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=691&cid=&sid=385&udid=&name=&info=iconpeakppre&blockTime=0 HTTP 302
  • https://digitalfuture.g2afse.com/click?pid=2&offer_id=1238491&sub1=NCT_iphone_fr_ofid9648766_pid616_sub1_sub2385_sub3iconpeakppre_nat1_sub4_sub5&sub2=106240616_385&sub5=id593715088 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0 HTTP 302
  • https://toptopmedia.g2afse.com/click?pid=214&offer_id=3127678&sub1=NCT_iphone_fr_ofid9693175_pid616_sub1_sub22_sub3ElishaSL_nat19_sub4_sub5&sub2=106240616_2&sub3=id766443283 HTTP 302
  • https://gowith.go2affise.com/click?pid=199&offer_id=2032324&sub1=600118c4b31f940001476cfc&sub2=214&sub3=&sub4=id766443283&ip=&device_ua=&sub5= HTTP 302
  • http://xml.blueparrot.media/redirect?feed=242010&auth=9tpPZk&url=google.com&pub_click_id=&subid=199_214
Request Chain 32
  • https://appnapp.g2afse.com/click?pid=33&offer_id=2486777&sub1=NCT_iphone_fr_ofid9520792_pid552_sub1,_sub2,_sub3adsperfectionppre_nat33_sub4_sub5&sub2=106240552_,&sub5=id927006017 HTTP 302
  • https://zappiering.com/noid/hurried?wiry=yUTfM5ug980FMq10Mn96ng%3D%3D&pid=20&clk= HTTP 302
  • https://thespook.xyz/l/21367515bcdfaf81e2d9?source=ww HTTP 302
  • https://trk104.nedo.xyz/l/21367515bcdfaf81e2d9.js?source=ww
Request Chain 33
  • https://monetizeplus.g2afse.com/click?pid=819&offer_id=833310&sub1=NCT_iphone_fr_ofid9520397_pid552_sub1,_sub2,_sub3adsperfectionppre_nat34_sub4_sub5&sub2=106240552_,&sub5=id927006017 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=793&cid=&sid=819&udid=&name=&info=monetizeppre&blockTime=0 HTTP 302
  • https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1387622&sub1=NCT_iphone_fr_ofid9678797_pid616_sub1_sub2819_sub3monetizeppre_nat22_sub4_sub5&sub2=106240616_819&sub4=id290638154 HTTP 302
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=881&cid=&sid=80&udid=&name=&info=AdcrateAffiseSL&blockTime=0 HTTP 302
  • https://times25.go2affise.com/click?pid=607&offer_id=147123&sub1=NCT_iphone_fr_ofid9224105_pid616_sub1_sub280_sub3AdcrateAffiseSL_nat15_sub4_sub5&sub2=106240616_80&sub5=id285755462
Request Chain 34
  • https://gowith.go2affise.com/click?pid=141&offer_id=1755130&sub1=NCT_iphone_fr_ofid9677583_pid552_sub1,_sub2,_sub3adsperfectionppre_nat35_sub4_sub5&sub2=106240552_,&sub4=id927006017 HTTP 302
  • http://xml.blueparrot.media/redirect?feed=242010&auth=9tpPZk&url=google.com&pub_click_id=&subid=141_106240552_,
Request Chain 37
  • https://aver-leer.com/nm?pubref=NCT_iphone_fr_ofid8289399_pid552_sub1,_sub2,_sub3adsperfectionppre_nat38_sub4_sub5&pubref=NCT_iphone_fr_ofid8289399_pid552_sub1,_sub2,_sub3adsperfectionppre_nat38_sub4_sub5&affpubid=106240552&subid4=, HTTP 302
  • https://app.adjust.com/vzrhw86?adgroup=106240552&creative=%2C&event_callback_g2gfaz=https%3A%2F%2Faver-leer.com%2Fevent%2Fsecondary_event%3Fydrid%3D1770448b7f64584ob32of82b54297c74&event_callback_85anak=https%3A%2F%2Faver-leer.com%2Fevent%2Fserver_purchase%3Fydrid%3D1770448b7f64584ob32of82b54297c74&pubref=NCT_iphone_fr_ofid8289399_pid552_sub1%2C_sub2%2C_sub3adsperfectionppre_nat38_sub4_sub5&lpid=0&tsp=2866&drc=MQ== HTTP 302
  • https://apps.apple.com/app/id1501720596?mt=8
Request Chain 38
  • https://appnapp.g2afse.com/click?pid=33&offer_id=2492536&sub1=NCT_iphone_fr_ofid9589697_pid552_sub1,_sub2,_sub3adsperfectionppre_nat39_sub4_sub5&sub2=106240552_,&sub5=id927006017 HTTP 302
  • https://zappiering.com/noid/hurried?wiry=yUTfM5ug980FMq10Mn96ng%3D%3D&pid=20&clk= HTTP 302
  • https://thespook.xyz/l/21367515bcdfaf81e2d9?source=ww HTTP 302
  • https://trk104.nedo.xyz/l/21367515bcdfaf81e2d9.js?source=ww
Request Chain 39
  • https://lambadapp.go2affise.com/click?pid=46&offer_id=3624375&sub1=NCT_iphone_fr_ofid9428483_pid552_sub1,_sub2,_sub3adsperfectionppre_nat40_sub4_sub5&sub2=106240552_,&sub3=id927006017 HTTP 302
  • https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub2=46_106240552_, HTTP 302
  • http://xml.blueparrot.media/redirect?feed=221274&auth=9tpPZk&url=http://www.google.com&subid=4_46_106240552_,
Request Chain 40
  • https://mookomedia.g2afse.com/click?pid=42&offer_id=170965&sub1=NCT_iphone_fr_ofid9591066_pid552_sub1,_sub2,_sub3adsperfectionppre_nat11_sub4_sub5&sub4=106240552_,&sub5=id927006017 HTTP 302
  • https://278fklc.mapuravity.com/278fklc?p=42_106240552_,&sid=600118c511bcfe0001f91388&android_id=&android_a_id=&idfa=&app_id=id927006017&param1= HTTP 302
  • https://t1.greatforwarding.com/c55c7b6?p=002753_42_106240552_,
Request Chain 43
  • https://lambadapp.go2affise.com/click?pid=46&offer_id=3624375&sub1=NCT_iphone_fr_ofid9428483_pid552_sub1,_sub2,_sub3adsperfectionppre_nat40_sub4_sub5&sub2=106240552_,&sub3=id927006017 HTTP 302
  • https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub2=46_106240552_, HTTP 302
  • http://xml.blueparrot.media/redirect?feed=221274&auth=9tpPZk&url=http://www.google.com&subid=4_46_106240552_,

45 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request fantastic.html
cpi-offers.com/
10 KB
2 KB
Document
General
Full URL
http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Server
3.124.136.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-136-225.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.1 / Express
Resource Hash
9870d573399508f45b37a8e479ef243a82c48e54c8089c85b43b7e8dbb82ae34

Request headers

Host
cpi-offers.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 04:23:29 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx/1.14.1
X-Powered-By
Express
Access-Control-Allow-Origin
*
ETag
W/"26bb-XKkS47ApdqrLERg4lBRQ6og/Yvo"
Content-Encoding
gzip
disabled.html
track.jetads.io/
Redirect Chain
  • https://track.themedia.site/click?pid=5&offer_id=28366&sub1=NCT_iphone_fr_ofid8408814_pid552_sub1,_sub2,_sub3adsperfectionppre_nat1_sub4_sub5&sub2=106240552_,&sub7=id927006017&sub8=id927006017
  • http://zorkamarket.g2afse.com/sl?id=5f20049cd1fc3bbe7f2be6e6&pid=1215
  • http://track.jetads.io/sl?id=5f200a51d1fc3bbe7f2be6e7&pid=1215&sub2=1215_
  • http://track.jetads.io/disabled.html
0
0
Stylesheet
General
Full URL
http://track.jetads.io/disabled.html
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Server
213.227.135.231 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location
http://track.jetads.io/disabled.html
Date
Fri, 15 Jan 2021 04:23:29 GMT
Server
nginx
Connection
keep-alive
Content-Length
59
Content-Type
text/html; charset=utf-8
id905953485
apps.apple.com/US/app/
Redirect Chain
  • https://valuadle.g2afse.com/click?pid=11&offer_id=37876&sub1=NCT_iphone_fr_ofid9060156_pid552_sub1,_sub2,_sub3adsperfectionppre_nat2_sub4_sub5&sub2=106240552_,&sub3=id927006017
  • https://aver-leer.com/14E?pubref=600118c1e029cf000186fa06&affpubid=11&sitename=id927006017&subid3=
  • https://app.appsflyer.com/id905953485?af_siteid=11&pid=valuadle_int&af_click_lookback=7d&clickid=1770448b7f44584of0eo9bb0832a4c8a&idfa=&af_installpostback=false&sitename=id927006017&pubref=600118c1...
  • https://apps.apple.com/US/app/id905953485?mt=8
0
0
Stylesheet
General
Full URL
https://apps.apple.com/US/app/id905953485?mt=8
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:181::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*

Redirect headers

Location
https://apps.apple.com/US/app/id905953485?mt=8
Date
Fri, 15 Jan 2021 04:23:30 GMT
Server
http-kit
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/octet-stream
id333903271
apps.apple.com/app/twitter/
Redirect Chain
  • https://click.iconpeak2trk.com/click?pid=6&offer_id=7870&sub7=NCT_iphone_fr_ofid9625639_pid552_sub1,_sub2,_sub3adsperfectionppre_nat3_sub4_sub5&sub1=106240552&sub2=,&sub5=id927006017
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=691&cid=&sid=6&udid=&name=&info=iconpeakppre&blockTime=0
  • https://bv.strandnm.xyz/?sddtid=hdk9a&sdpi=42&pdco=Xkskjd2&pdos=2381168&pducid=NCT_iphone_fr_ofid5959871_pid616_sub1_sub26_sub3iconpeakppre_nat8_sub4_sub5&pisc1=106240616&pssc2=6&ppdo=id1452992954&...
  • https://twitter.tlnk.io/serve?action=click&site_id=64980&ref_id=5SSSa8GZ1eW4Q5ZHN5SSTQ54NDg0f6HwxNj6EwNjg50NjA52fHw1N2DUxNX6x8NDJ78fDIz5ODExN4jg%3DEEE&sub_placement=%7BCREATIVE_ID%7D&sub_site_name=...
  • https://itunes.apple.com/app/twitter/id333903271?ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer=mat_click_id%3Da81b0a661022489592e2509a93313dc1-20210115-2...
  • https://apps.apple.com/app/twitter/id333903271?mat_click_id=a81b0a661022489592e2509a93313dc1-20210115-20954&ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer...
0
0
Stylesheet
General
Full URL
https://apps.apple.com/app/twitter/id333903271?mat_click_id=a81b0a661022489592e2509a93313dc1-20210115-20954&ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer=mat_click_id%3Da81b0a661022489592e2509a93313dc1-20210115-20954%26link_click_id%3D878481803814648899
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:181::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*

Redirect headers

x-apple-application-site
MR22
x-apple-jingle-correlation-key
7KQZPXC6N6B77IYVRKMOED4LZU
strict-transport-security
max-age=31536000
x-b3-traceid
faa197dc5e6f83ffa3158a98e20f8bcd
x-apple-lokamai-no-cache
true
x-cache
TCP_MISS from a2-16-187-13.deploy.akamaitechnologies.com (AkamaiGHost/10.2.2.1-31386017) (-)
x-apple-request-uuid
faa197dc-5e6f-83ff-a315-8a98e20f8bcd
b3
faa197dc5e6f83ffa3158a98e20f8bcd-d70647f19544263c
x-apple-aka-ttl
Generated Thu Jan 14 20:23:30 PST 2021, Expires Thu Jan 14 20:23:30 PST 2021, TTL 0s
content-length
0
x-apple-translated-wo-url
/WebObjects/MZStore.woa/wa/viewSoftware?ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer=mat_click_id%3Da81b0a661022489592e2509a93313dc1-20210115-20954%26link_click_id%3D878481803814648899&mat_click_id=a81b0a661022489592e2509a93313dc1-20210115-20954&id=333903271&urlDesc=/twitter
apple-tk
false
apple-timing-app
2 ms
access-control-allow-origin
*
x-true-cache-key
/L/itunes.apple.com/app/twitter/id333903271?mat_click_id=a81b0a661022489592e2509a93313dc1-20210115-20954&ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer=mat_click_id%3Da81b0a661022489592e2509a93313dc1-20210115-20954%26link_click_id%3D878481803814648899Browser vcd=2897
last-modified
Fri, 15 Jan 2021 04:23:30 GMT
x-cache-remote
TCP_MISS from a2-18-215-36.deploy.akamaitechnologies.com (AkamaiGHost/10.2.4-31895370) (-)
apple-seq
0
x-frame-options
SAMEORIGIN
date
Fri, 15 Jan 2021 04:23:30 GMT
apple-originating-system
MZStore
vary
X-Apple-Store-Front, Cookie, X-Apple-Store-Front, Cookie
content-type
text/html; charset=UTF-8
location
https://apps.apple.com/app/twitter/id333903271?mat_click_id=a81b0a661022489592e2509a93313dc1-20210115-20954&ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer=mat_click_id%3Da81b0a661022489592e2509a93313dc1-20210115-20954%26link_click_id%3D878481803814648899
cache-control
max-age=0
x-b3-spanid
d70647f19544263c
x-apple-orig-url
https://itunes.apple.com/app/twitter/id333903271?ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer=mat_click_id%3Da81b0a661022489592e2509a93313dc1-20210115-20954%26link_click_id%3D878481803814648899&mat_click_id=a81b0a661022489592e2509a93313dc1-20210115-20954
x-apple-partner
origin.0
x-apple-application-instance
3022305
x-webobjects-loadaverage
0
aflinkref
cpi-offers.com/
2 B
170 B
Stylesheet
General
Full URL
https://cpi-offers.com/aflinkref?prefix=https%3A//app.adjust.com/3yurzec%3F&idfa=CD30B0FA-4937-4B13-88FA-6A978AA516E1&adgroup=106240552&creative=,&install_callback=http%3A%2F%2Fpostbacks.eu-central-1.elasticbeanstalk.com%2F1.php%3Fsum%3D0.6%26clickid%3DNCT_iphone_fr_ofid7032467_pid552_sub1,_sub2,_sub3adsperfectionppre_nat4_sub4_sub5&redis=3
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.136.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-136-225.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.1 / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 15 Jan 2021 04:23:29 GMT
server
nginx/1.14.1
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-length
2
content-type
text/plain; charset=utf-8
id1262148500
apps.apple.com/US/app/
Redirect Chain
  • https://ila3.co/o/189563?p=17&aff_clickid=NCT_iphone_fr_ofid9172901_pid552_sub1,_sub2,_sub3adsperfectionppre_nat5_sub4_sub5&sub1=106240552&sub2=,&app_name=id927006017&bundle_id=id927006017
  • https://app.appsflyer.com/id1262148500?af_sub_siteid=17_5088432581&af_prt=taptica&pid=z2adigital_int&c=Taptica:EU-en:iOS:Card-Streaming&af_c_id=36667639&af_cost_value=4&af_cost_model=CPI&af_cost_cu...
  • https://apps.apple.com/US/app/id1262148500?mt=8
0
0
Stylesheet
General
Full URL
https://apps.apple.com/US/app/id1262148500?mt=8
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:181::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*

Redirect headers

Location
https://apps.apple.com/US/app/id1262148500?mt=8
Date
Fri, 15 Jan 2021 04:23:30 GMT
Server
http-kit
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/octet-stream
575137
tare.pro/go/216668/
Redirect Chain
  • https://lucazepa.com/sage/married?mean=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D
  • https://funimete.com/0--frjbgyibjhsd?adTagId=2151b962-72f8-11e8-bb75-0e497388635c&cpm=0.001&fallbackUrl=https%3A%2F%2Fbercioles.com%2Fredirect%3Fid%3D9%26auth%3Db37818a439a0d437ea8c11b268bda50cdf38...
  • https://bercioles.com/redirect?id=9&auth=b37818a439a0d437ea8c11b268bda50cdf38b984&clickid=6b9cd0e9-56e9-11eb-98c0-12b3143c308f
  • https://poqueras.com/noid/slope?lame=2H9bknzlz6BNNCcn10k5gQ%3D%3D
  • http://tare.pro/go/216668/575137
0
0
Stylesheet
General
Full URL
http://tare.pro/go/216668/575137
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Server
52.203.234.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-234-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Fri, 15 Jan 2021 04:23:30 GMT
referrer-policy
origin
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BHbZoyrOKjsVhMLU8tgeW0k%2FLWcTRBqjjYYeHRzrW%2FIHlI2EkP4JqZlHp%2FV2M1Q1%2FWD8aGy%2FcepQJLneR0kuyi8ill5YVTeoQCC0Yc0%3D"}],"group":"cf-nel","max_age":604800}
location
http://tare.pro/go/216668/575137
cf-ray
611cd25e2d03ce1b-LHR
content-length
0
cf-request-id
07a5e1ced90000ce1b48220000000001
click
track.media-412.com/
0
0

id333903271
apps.apple.com/app/twitter/
Redirect Chain
  • https://bv.strandnm.xyz/?sddtid=hdk9a&sdpi=42&pdco=Xkskjd2&pdos=2381168&pducid=NCT_iphone_fr_ofid5959871_pid552_sub1,_sub2,_sub3adsperfectionppre_nat8_sub4_sub5&pisc1=106240552&pssc2=,&ppdo=id92700...
  • https://twitter.tlnk.io/serve?action=click&site_id=64980&ref_id=5SSSa6GZ1eW6Q5ZHN8SSTQ52NDg0f4HwxNj4EwNjg10NjA55fHw5N7TQwM37x8NDJ48fDIz8ODExN1jg%3DEEE&sub_placement=%7BCREATIVE_ID%7D&sub_site_name=...
  • https://itunes.apple.com/app/twitter/id333903271?ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer=mat_click_id%3D23d4c46e815d4706a91eb33961a33087-20210115-2...
  • https://apps.apple.com/app/twitter/id333903271?mat_click_id=23d4c46e815d4706a91eb33961a33087-20210115-20954&ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer...
0
0
Stylesheet
General
Full URL
https://apps.apple.com/app/twitter/id333903271?mat_click_id=23d4c46e815d4706a91eb33961a33087-20210115-20954&ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer=mat_click_id%3D23d4c46e815d4706a91eb33961a33087-20210115-20954%26link_click_id%3D878481803193872017
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:181::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*

Redirect headers

x-apple-application-site
ST11
x-apple-jingle-correlation-key
TAIA2EHWG5JHPBMR7HRGT3WLPY
strict-transport-security
max-age=31536000
x-b3-traceid
98100d10f63752778591f9e269eecb7e
x-apple-lokamai-no-cache
true
x-cache
TCP_MISS from a2-16-187-13.deploy.akamaitechnologies.com (AkamaiGHost/10.2.2.1-31386017) (-)
x-apple-request-uuid
98100d10-f637-5277-8591-f9e269eecb7e
b3
98100d10f63752778591f9e269eecb7e-434b7d0530b27eff
x-apple-aka-ttl
Generated Thu Jan 14 20:23:30 PST 2021, Expires Thu Jan 14 20:23:30 PST 2021, TTL 0s
content-length
0
x-apple-translated-wo-url
/WebObjects/MZStore.woa/wa/viewSoftware?ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer=mat_click_id%3D23d4c46e815d4706a91eb33961a33087-20210115-20954%26link_click_id%3D878481803193872017&mat_click_id=23d4c46e815d4706a91eb33961a33087-20210115-20954&id=333903271&urlDesc=/twitter
apple-tk
false
apple-timing-app
1 ms
access-control-allow-origin
*
x-true-cache-key
/L/itunes.apple.com/app/twitter/id333903271?mat_click_id=23d4c46e815d4706a91eb33961a33087-20210115-20954&ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer=mat_click_id%3D23d4c46e815d4706a91eb33961a33087-20210115-20954%26link_click_id%3D878481803193872017Browser vcd=2897
last-modified
Fri, 15 Jan 2021 04:23:30 GMT
x-cache-remote
TCP_MISS from a2-18-215-20.deploy.akamaitechnologies.com (AkamaiGHost/10.2.4-31895370) (-)
apple-seq
0
x-frame-options
SAMEORIGIN
date
Fri, 15 Jan 2021 04:23:30 GMT
apple-originating-system
MZStore
vary
X-Apple-Store-Front, Cookie, X-Apple-Store-Front, Cookie
content-type
text/html; charset=UTF-8
location
https://apps.apple.com/app/twitter/id333903271?mat_click_id=23d4c46e815d4706a91eb33961a33087-20210115-20954&ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer=mat_click_id%3D23d4c46e815d4706a91eb33961a33087-20210115-20954%26link_click_id%3D878481803193872017
cache-control
max-age=0
x-b3-spanid
434b7d0530b27eff
x-apple-orig-url
https://itunes.apple.com/app/twitter/id333903271?ref_src=twsrc%5EMobile_Acq%7Ctwcamp%5Eevergreen_performance%7Ctwgr%5E%7Ctwcon%5E&referrer=mat_click_id%3D23d4c46e815d4706a91eb33961a33087-20210115-20954%26link_click_id%3D878481803193872017&mat_click_id=23d4c46e815d4706a91eb33961a33087-20210115-20954
x-apple-partner
origin.0
x-apple-application-instance
2178105
x-webobjects-loadaverage
0
click
pandamobi.gotrackier.com/
Redirect Chain
  • https://go2.enjoycpi.com/click?pid=552&offer_id=9661214&sub1=,&sub2=,&sub3=adsperfectionppre_nat9&sub4=CD30B0FA-4937-4B13-88FA-6A978AA516E1&sub5=id927006017&sub6=106240
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0
  • https://pandamobi.gotrackier.com/click?campaign_id=1583&pub_id=35&p1=NCT_iphone_fr_ofid8944529_pid616_sub1_sub2_sub3TbLabq_nat19_sub4_sub5&source=106240616_&p3=id284035177
22 B
865 B
Stylesheet
General
Full URL
https://pandamobi.gotrackier.com/click?campaign_id=1583&pub_id=35&p1=NCT_iphone_fr_ofid8944529_pid616_sub1_sub2_sub3TbLabq_nat19_sub4_sub5&source=106240616_&p3=id284035177
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::681f:d50a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-err
CSS_REQUEST
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
date
Fri, 15 Jan 2021 04:23:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4QXZXaY2%2FhiVbvOOZRCUu%2FxbaMeh0P1CsnwTN%2BPd9P8M1xvY9E9%2B9JdUigvwESpTVQM8eYK5xD40%2BKgO%2BaxxD5ePie7W1ORG7MF4EumjPYn31KAPjiNiaBZZSYgGdFzbF7iGKzA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cf-request-id
07a5e1cba900002c368fafd000000001
cf-ray
611cd2590f822c36-FRA
content-length
22
x-rt
0

Redirect headers

date
Fri, 15 Jan 2021 04:23:29 GMT
server
nginx/1.14.1
location
https://pandamobi.gotrackier.com/click?campaign_id=1583&pub_id=35&p1=NCT_iphone_fr_ofid8944529_pid616_sub1_sub2_sub3TbLabq_nat19_sub4_sub5&source=106240616_&p3=id284035177
x-powered-by
Express
vary
Accept
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
content-length
193
12072
track.g4s6.com/tnser/18/
Redirect Chain
  • https://apptrust.g2afse.com/click?pid=57&offer_id=285712&sub1=NCT_iphone_fr_ofid7111922_pid552_sub1,_sub2,_sub3adsperfectionppre_nat10_sub4_sub5&sub2=106240552_,&sub4=id927006017
  • https://adsperfection.g2afse.com/click?pid=377&offer_id=67691&ref_id=600118c1b074790001b352c4&sub1=57.106240552_,&sub2=&sub3=id927006017
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
  • https://click2comm.go2affise.com/click?pid=310&offer_id=2847496&sub1=NCT_iphone_fr_ofid9598746_pid616_sub1,_sub2,_sub3adsperfectionppre_nat16_sub4_sub5&sub2=106240616_,&sub6=id1360098321
  • https://track.g4s6.com/tnser/18/12072?c=&sp=310
0
0

c55c7b6
t1.greatforwarding.com/
Redirect Chain
  • https://mookomedia.g2afse.com/click?pid=42&offer_id=170965&sub1=NCT_iphone_fr_ofid9591066_pid552_sub1,_sub2,_sub3adsperfectionppre_nat11_sub4_sub5&sub4=106240552_,&sub5=id927006017
  • https://278fklc.mapuravity.com/278fklc?p=42_106240552_,&sid=600118c111bcfe0001201082&android_id=&android_a_id=&idfa=&app_id=id927006017&param1=
  • https://t1.greatforwarding.com/c55c7b6?p=002753_42_106240552_,
0
0
Stylesheet
General
Full URL
https://t1.greatforwarding.com/c55c7b6?p=002753_42_106240552_,
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.71.147.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-147-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jan 2021 04:23:30 GMT
Server
nginx
Content-Type
application/json
Cache-Control
private, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
17
Expires
-1

Redirect headers

location
https://t1.greatforwarding.com/c55c7b6?p=002753_42_106240552_,
Date
Fri, 15 Jan 2021 04:23:29 GMT
Server
nginx
Connection
keep-alive
Content-Length
4
Content-Type
application/json
click
aptrt.trckswrm.com/
0
75 B
Stylesheet
General
Full URL
https://aptrt.trckswrm.com/click?offer_id=1510&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_fr_ofid9573629_pid552_sub1,_sub2,_sub3adsperfectionppre_nat12_sub4_sub5&pub_sub_id=106240552&pub_sub_sub_id=,&app=id927006017
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.9.5.202 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.202.5.9.5.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 04:23:29 GMT
content-length
0
click
track.media-412.com/
Redirect Chain
  • https://go2.enjoycpi.com/click?pid=552&offer_id=9686905&sub1=,&sub2=,&sub3=adsperfectionppre_nat13&sub4=CD30B0FA-4937-4B13-88FA-6A978AA516E1&sub5=id927006017&sub6=106240
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=831&cid=&sid=&udid=&name=&info=TbLabq&blockTime=0
  • https://track.media-412.com/click?pid=225&offer_id=38119&sub1=106240616_&sub2=NCT_iphone_fr_ofid8864932_pid616_sub1_sub2_sub3TbLabq_nat7_sub4_sub5&sub5=id290638154
0
0

click
track.media-412.com/
Redirect Chain
  • https://click.kanmobi.net/tracking/click?clickid=NCT_iphone_fr_ofid7986914_pid552_sub1,_sub2,_sub3adsperfectionppre_nat14_sub4_sub5&trafficsource=1373697408&offerid=429380059611289311&sub_placement...
  • https://click.iconpeak2trk.com/click?pid=307&offer_id=107&sub1=NV84ZmM4ZGVmZjYzOGY4YjI3YWZhYWRmZjdkNmEwNTc3Mg==&sub2=8e93c98aec563288c63566de0cdb83013c7aae5d&sub3=&sub5=id927006017&sub6=id927006017...
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=691&cid=&sid=307&udid=&name=&info=iconpeakppre&blockTime=0
  • https://track.media-412.com/click?pid=225&offer_id=1447714&sub1=106240616_307&sub2=NCT_iphone_fr_ofid9708806_pid616_sub1_sub2307_sub3iconpeakppre_nat25_sub4_sub5&sub5=id1482926247
0
0

disabled.html
t.9696.me/
Redirect Chain
  • https://t.9696.me/click?pid=729&offer_id=116167&sub4=NCT_iphone_fr_ofid9501040_pid552_sub1,_sub2,_sub3adsperfectionppre_nat15_sub4_sub5&sub1=106240552&sub2=,&sub3=id927006017&sub7=id927006017
  • https://t.9696.me/disabled.html
0
0
Stylesheet
General
Full URL
https://t.9696.me/disabled.html
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.7.209.71 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

location
/disabled.html
date
Fri, 15 Jan 2021 04:23:29 GMT
referer
referrer-policy
no-referrer
server
nginx
content-length
37
content-type
text/html; charset=utf-8
disabled.html
brainadv.g2afse.com/
Redirect Chain
  • https://brainadv.g2afse.com/click?pid=37&offer_id=394194&sub1=106240552_,&sub2=id927006017&sub3=NCT_iphone_fr_ofid9711707_pid552_sub1,_sub2,_sub3adsperfectionppre_nat16_sub4_sub5
  • https://brainadv.g2afse.com/disabled.html
0
0
Stylesheet
General
Full URL
https://brainadv.g2afse.com/disabled.html
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.134.236 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

location
/disabled.html
date
Fri, 15 Jan 2021 04:23:29 GMT
server
nginx
content-length
37
content-type
text/html; charset=utf-8
redirect
xml.blueparrot.media/
Redirect Chain
  • https://c.allontrk.com/click?offer_id=53485&pub_id=38&pub_click_id=NCT_iphone_fr_ofid9657236_pid552_sub1,_sub2,_sub3adsperfectionppre_nat17_sub4_sub5&pub_sub_id=106240552&pub_sub_sub_id=,___8_13153...
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=899&cid=Aoqpv2QAAAF3BEizYAAA0O0AAAAmAAAAAA&sid=38&udid=&name=&info=IrisSL&blockTime=0
  • https://gowtmd.trckswrm.com/click?offer_id=3574&pub_id=6&pub_id=6&pub_click_id=NCT_iphone_fr_ofid9690961_pid616_sub1Aoqpv2QAAAF3BEizYAAA0O0AAAAmAAAAAA_sub238_sub3IrisSL_nat3_sub4_sub5&pub_sub_id=10...
  • http://xml.blueparrot.media/redirect?feed=242010&auth=9tpPZk&url=google.com&pub_click_id=Au9EztIAAAF3BEi_1AAADfYAAAAGAAAAAA&subid=6_106240616
0
113 B
Stylesheet
General
Full URL
http://xml.blueparrot.media/redirect?feed=242010&auth=9tpPZk&url=google.com&pub_click_id=Au9EztIAAAF3BEi_1AAADfYAAAAGAAAAAA&subid=6_106240616
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Server
174.137.133.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-store
Connection
keep-alive
Age
0
Content-Length
0

Redirect headers

location
http://xml.blueparrot.media/redirect?feed=242010&auth=9tpPZk&url=google.com&pub_click_id=Au9EztIAAAF3BEi_1AAADfYAAAAGAAAAAA&subid=6_106240616
date
Fri, 15 Jan 2021 04:23:32 GMT
content-length
0
disabled.html
track.jetads.io/
Redirect Chain
  • https://spradit.go2affise.com/click?pid=49&offer_id=697009&sub1=13413&sub2=106240552_,&sub3=id927006017&sub5=NCT_iphone_fr_ofid8585957_pid552_sub1,_sub2,_sub3adsperfectionppre_nat18_sub4_sub5&sub6=...
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=906&cid=&sid=13413_106240552_,&udid=&name=&info=SpraditSL&blockTime=0
  • https://track.themedia.site/click?pid=5&offer_id=38873&sub1=NCT_iphone_fr_ofid9627135_pid616_sub1_sub213413_106240552_,_sub3SpraditSL_nat11_sub4_sub5&sub2=106240616_13413_106240552_,&sub7=id1454010...
  • http://zorkamarket.g2afse.com/sl?id=5f20049cd1fc3bbe7f2be6e6&pid=1215
  • http://track.jetads.io/sl?id=5f200a51d1fc3bbe7f2be6e7&pid=1215&sub2=1215_
  • http://track.jetads.io/disabled.html
0
0
Stylesheet
General
Full URL
http://track.jetads.io/disabled.html
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Server
213.227.135.231 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location
http://track.jetads.io/disabled.html
Date
Fri, 15 Jan 2021 04:23:29 GMT
Server
nginx
Connection
keep-alive
Content-Length
59
Content-Type
text/html; charset=utf-8
/
promo.worldofwarships.eu/glows-27628/eu-fr/
Redirect Chain
  • https://appricotads.g2afse.com/click?pid=251&offer_id=29613&ref_id=NCT_iphone_fr_ofid8843844_pid552_sub1,_sub2,_sub3adsperfectionppre_nat19_sub4_sub5&sub1=251_4850552&sub2=,&sub6=id927006017
  • http://appricotads.g2afse.com/sl?id=5f36c7061a6e4b1879225163&pid=2&ref_id=&sub1=251_4850552&sub2=,&sub3=&sub4=
  • https://track.wg-aff.com/click?pid=2632&offer_id=24&ref_id=600118c4b3f01200019f3687&sub1=2_,
  • https://rdr.wargaming.net/jtgho0iv/?pub_id=2632&xid=600118c4f85ac20001e20601&xid_param1=2_,&xid_param_2=
  • https://promo.worldofwarships.eu/glows-27628/eu-fr/?pub_id=2632&xid=600118c4f85ac20001e20601&xid_param1=2_%2C&xid_param_2=&sid=SIDQr-tARfMX7btPpn39z4mUQe0LAM6pgsH2Bf4Ro5-7Tp3VP8mbARFMyLs0d1vQhSsnGn...
0
0

click
click.kanmobi.net/tracking/
Redirect Chain
  • https://click.mnmnck.com/tracking/clicks?clickid=NCT_iphone_fr_ofid9675541_pid552_sub1,_sub2,_sub3adsperfectionppre_nat20_sub4_sub5&trafficsource=1373697408&offerid=432275643885207816&sub_placement...
  • https://ttmma.g2afse.com/click?pid=242&offer_id=475753&sub2=NV8xMzczNjk3NDA4_EDBEC173C5E83DCBDD60D550EC14C4E0&sub4=CD30B0FA-4937-4B13-88FA-6A978AA516E1&sub5=id927006017&sub1=003_20210115042329O5863
  • https://ttmma.g2afse.com/click?pid=17&offer_id=311194&sub1=&sub2=242_NV8xMzczNjk3NDA4_EDBEC173C5E83DCBDD60D550EC14C4E0&sub3=&sub4=CD30B0FA-4937-4B13-88FA-6A978AA516E1&sub5=id927006017&sub6=242&sub7...
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=765&cid=600118c18374b10001b8055c&sid=17_242_NV8xMzczNjk3NDA4_EDBEC173C5E83DCBDD60D550EC14C4E0&udid=&name=&info=Target4SL&blockTi...
  • https://click.kanmobi.net/tracking/click?clickid=NCT_iphone_fr_ofid9118842_pid616_sub1600118c18374b10001b8055c_sub217_242_NV8xMzczNjk3NDA4_EDBEC173C5E83DCBDD60D550EC14C4E0_sub3Target4SL_nat10_sub4_...
0
41 B
Stylesheet
General
Full URL
https://click.kanmobi.net/tracking/click?clickid=NCT_iphone_fr_ofid9118842_pid616_sub1600118c18374b10001b8055c_sub217_242_NV8xMzczNjk3NDA4_EDBEC173C5E83DCBDD60D550EC14C4E0_sub3Target4SL_nat10_sub4_sub5&trafficsource=1373692397&offerid=431309929346771470&pub_subid=106240616_17_242_NV8xMzczNjk3NDA4_EDBEC173C5E83DCBDD60D550EC14C4E0&sub_placement=id358801284
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.13.125 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
125.13.241.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 04:23:29 GMT
via
1.1 google
x-powered-by
Express
alt-svc
clear
content-length
0

Redirect headers

date
Fri, 15 Jan 2021 04:23:29 GMT
server
nginx/1.14.1
location
https://click.kanmobi.net/tracking/click?clickid=NCT_iphone_fr_ofid9118842_pid616_sub1600118c18374b10001b8055c_sub217_242_NV8xMzczNjk3NDA4_EDBEC173C5E83DCBDD60D550EC14C4E0_sub3Target4SL_nat10_sub4_sub5&trafficsource=1373692397&offerid=431309929346771470&pub_subid=106240616_17_242_NV8xMzczNjk3NDA4_EDBEC173C5E83DCBDD60D550EC14C4E0&sub_placement=id358801284
x-powered-by
Express
vary
Accept
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
content-length
378
click
apnp.trckswrm.com/
Redirect Chain
  • https://zenoclick.g2afse.com/click?pid=2&offer_id=41505&sub1=NCT_iphone_fr_ofid9597268_pid552_sub1,_sub2,_sub3adsperfectionppre_nat21_sub4_sub5&sub2=106240552_,&sub6=id927006017
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=941&cid=clickid&sid=2&udid=&name=&info=ZenoClickSL&blockTime=0
  • https://apnp.trckswrm.com/click?offer_id=8812&pub_id=7&pub_id=7&pub_click_id=NCT_iphone_fr_ofid9684020_pid616_sub1clickid_sub22_sub3ZenoClickSL_nat35_sub4_sub5&pub_sub_id=106240616&pub_sub_sub_id=2...
0
75 B
Stylesheet
General
Full URL
https://apnp.trckswrm.com/click?offer_id=8812&pub_id=7&pub_id=7&pub_click_id=NCT_iphone_fr_ofid9684020_pid616_sub1clickid_sub22_sub3ZenoClickSL_nat35_sub4_sub5&pub_sub_id=106240616&pub_sub_sub_id=2&app=id1083982226
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.9.6.203 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.6.9.5.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 04:23:32 GMT
content-length
0

Redirect headers

date
Fri, 15 Jan 2021 04:23:29 GMT
server
nginx/1.14.1
location
https://apnp.trckswrm.com/click?offer_id=8812&pub_id=7&pub_id=7&pub_click_id=NCT_iphone_fr_ofid9684020_pid616_sub1clickid_sub22_sub3ZenoClickSL_nat35_sub4_sub5&pub_sub_id=106240616&pub_sub_sub_id=2&app=id1083982226
x-powered-by
Express
vary
Accept
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
content-length
236
disabled.html
track.jetads.io/
Redirect Chain
  • https://toptopmedia.g2afse.com/click?pid=214&offer_id=3093175&sub1=NCT_iphone_fr_ofid9499469_pid552_sub1,_sub2,_sub3adsperfectionppre_nat22_sub4_sub5&sub2=106240552_,&sub3=id927006017
  • https://omnidatasolution.com/ntn/click/b2c093c4-e792-5864-9772-b22f35f418e4?dsp=affisejetads&f_click=600118c1bb1a3a0001956320&exchange=214&domain=id927006017&idfa=
  • https://track.jetads.io/click?pid=1227&offer_id=2552710&sub1=75e3d79e-03f8-44e0-8d8b-695917133713yTI_b2c093c4-e792-5864-9772-b22f35f418e4_1539546788&sub2=1539546788&sub4=null&sub7=id927006017
  • http://track.jetads.io/sl?id=5f200a51d1fc3bbe7f2be6e7&pid=1215&sub2=1227_1539546788
  • http://track.jetads.io/disabled.html
0
0
Stylesheet
General
Full URL
http://track.jetads.io/disabled.html
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Server
213.227.135.231 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location
http://track.jetads.io/disabled.html
Date
Fri, 15 Jan 2021 04:23:31 GMT
Server
nginx
Connection
keep-alive
Content-Length
59
Content-Type
text/html; charset=utf-8
disabled.html
brainadv.g2afse.com/
Redirect Chain
  • https://olamob.g2afse.com/click?pid=7&offer_id=18964&sub1=NCT_iphone_fr_ofid9661344_pid552_sub1,_sub2,_sub3adsperfectionppre_nat23_sub4_sub5&sub2=106240552_,&sub4=id927006017
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=978&cid=&sid=7&udid=&name=&info=OlaMobSL&blockTime=0
  • https://brainadv.g2afse.com/click?pid=3&offer_id=394194&sub3=NCT_iphone_fr_ofid9711472_pid616_sub1_sub27_sub3OlaMobSL_nat16_sub4_sub5&sub1=106240616_7&sub2=id1184083151
  • https://brainadv.g2afse.com/disabled.html
0
0
Stylesheet
General
Full URL
https://brainadv.g2afse.com/disabled.html
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.227.134.236 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

location
/disabled.html
date
Fri, 15 Jan 2021 04:23:29 GMT
server
nginx
content-length
37
content-type
text/html; charset=utf-8
click
aptrt.trckswrm.com/
0
75 B
Stylesheet
General
Full URL
https://aptrt.trckswrm.com/click?offer_id=872&pub_id=29&pub_id=29&pub_click_id=NCT_iphone_fr_ofid9524596_pid552_sub1,_sub2,_sub3adsperfectionppre_nat24_sub4_sub5&pub_sub_id=106240552&pub_sub_sub_id=,&app=id927006017
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.9.5.202 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.202.5.9.5.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 04:23:29 GMT
content-length
0
click
clicks.rtad.io/tracking/
Redirect Chain
  • https://cellonltd.g2afse.com/click?pid=43&offer_id=825552&sub1=NCT_iphone_fr_ofid9673561_pid552_sub1,_sub2,_sub3adsperfectionppre_nat25_sub4_sub5&sub2=106240552_,&sub3=id927006017
  • https://cellonltd.g2afse.com/click?pid=55&offer_id=808294&sub1=NCT_iphone_fr_ofid9673561_pid552_sub1,_sub2,_sub3adsperfectionppre_nat25_sub4_sub5&sub2=106240552_,&sub3=id927006017&sub4=&sub5=&sub6=
  • https://cellonltd.go2affise.com/sl?id=600113cff7c443aec153f24f&pid=55&sub1=NCT_iphone_fr_ofid9673561_pid552_sub1,_sub2,_sub3adsperfectionppre_nat25_sub4_sub5&sub2=106240552_,&sub3=id927006017&sub4=...
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=841&cid=600118c4a2840f0001a3d9b1&sid=55&udid=&name=&info=CellonSL&blockTime=0
  • https://clicks.rtad.io/tracking/click?clickid=NCT_iphone_fr_ofid9677035_pid616_sub1600118c4a2840f0001a3d9b1_sub255_sub3CellonSL_nat20_sub4_sub5&trafficsource=1373692397&offerid=432275643885207816&p...
0
0

click
track.media-412.com/
0
0

575137
tare.pro/go/216668/
Redirect Chain
  • https://digitalfuture.g2afse.com/click?pid=2&offer_id=1217626&sub1=NCT_iphone_fr_ofid9531287_pid552_sub1,_sub2,_sub3adsperfectionppre_nat27_sub4_sub5&sub2=106240552_,&sub5=id927006017
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0
  • https://nexamob.g2afse.com/click?pid=15&offer_id=23824&sub1=NCT_iphone_fr_ofid9237725_pid616_sub1_sub22_sub3ElishaSL_nat32_sub4_sub5&sub2=106240616_2&sub3=id1342468799&sub5=id1342468799
  • http://letsleeper.com/stue/cream?flat=IpWz7C0sV9J4MXD5x25Jbw%3D%3D&pid=104&clk=NCT_iphone_fr_ofid9237725_pid616_sub1_sub22_sub3ElishaSL_nat32_sub4_sub5&sid=15&sid2=106240616_2
  • http://tare.pro/go/216668/575137
0
0
Stylesheet
General
Full URL
http://tare.pro/go/216668/575137
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Server
52.203.234.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-234-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date
Fri, 15 Jan 2021 04:23:32 GMT
Referrer-Policy
origin
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vsHoVfiy%2FCcfYyC92P93v9sEv9pmo%2FxnGhe1UPhXTwBHMAZ429rVzhX1DLUoHzvJQQt34Q%2FG1uGdFL5H6hAKsBpJ0jGnvtDVu2RycWEhfA%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
http://tare.pro/go/216668/575137
Connection
keep-alive
CF-RAY
611cd26cad07f927-MXP
Content-Length
0
cf-request-id
07a5e1d7ec0000f9272d25a000000001
/
srv6.feed-apps.com/srv/click/
20 B
682 B
Stylesheet
General
Full URL
https://srv6.feed-apps.com/srv/click/?pid=62228632&p1=NCT_iphone_fr_ofid9598328_pid552_sub1,_sub2,_sub3adsperfectionppre_nat28_sub4_sub5&p2=106240552&p3=,&sub4=id927006017&sub5=id927006017
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6c04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40-29+ubuntu16.04.1+deb.sury.org+1
Resource Hash
d7ba5fc0384ab15cd0377651d44ca3944c75e1c0935f4fcdcf4aac8beb118c19

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 04:23:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40-29+ubuntu16.04.1+deb.sury.org+1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VOqCdf%2BlthmUjSHxkfI2E93eQQInF6sOQjE02X6lbtBDoyg0gn5k7%2FW4Uh%2BD50O9VdLJGP6DAS9x0MPmn%2Fu%2FdomK2TjPTJA03CJW10%2FCRm%2FALzZk8TokKLdU7YplqNI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
611cd2582c1c2b7d-FRA
cf-request-id
07a5e1cb1b00002b7dbe1e6000000001
sl
apptastic.g2afse.com/
Redirect Chain
  • https://apptastic.g2afse.com/click?pid=46&offer_id=3813758&sub1=NCT_iphone_fr_ofid9590848_pid552_sub1,_sub2,_sub3adsperfectionppre_nat29_sub4_sub5&sub2=106240552_,&sub4=id927006017
  • http://apptastic.g2afse.com/sl?id=5ed0ee1c96f015dc9b166976&pid=192&sub1=FR&sub2=3813758&sub3=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+C...
0
0
Stylesheet
General
Full URL
http://apptastic.g2afse.com/sl?id=5ed0ee1c96f015dc9b166976&pid=192&sub1=FR&sub2=3813758&sub3=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&sub4=82.102.18.114&sub5=46
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Server
104.27.178.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

location
http://apptastic.g2afse.com/sl?id=5ed0ee1c96f015dc9b166976&pid=192&sub1=FR&sub2=3813758&sub3=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&sub4=82.102.18.114&sub5=46
date
Fri, 15 Jan 2021 04:23:29 GMT
server
nginx
content-length
307
content-type
text/html; charset=utf-8
click
track.media-412.com/
0
0

disabled.html
track.jetads.io/
Redirect Chain
  • https://bondika.g2afse.com/click?pid=2&offer_id=46136&sub1=106240552&sub2=,&sub3=NCT_iphone_fr_ofid8423154_pid552_sub1,_sub2,_sub3adsperfectionppre_nat31_sub4_sub5&sub4=CD30B0FA-4937-4B13-88FA-6A97...
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=611&cid=&sid=2&udid=&name=&info=BondikaSL&blockTime=0
  • https://track.themedia.site/click?pid=5&offer_id=28887&sub1=NCT_iphone_fr_ofid9496029_pid616_sub1_sub22_sub3BondikaSL_nat34_sub4_sub5&sub2=106240616_2&sub7=id927006017&sub8=id927006017
  • http://zorkamarket.g2afse.com/sl?id=5f20049cd1fc3bbe7f2be6e6&pid=1215
  • http://track.jetads.io/sl?id=5f200a51d1fc3bbe7f2be6e7&pid=1215&sub2=1215_
  • http://track.jetads.io/disabled.html
0
0
Stylesheet
General
Full URL
http://track.jetads.io/disabled.html
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Server
213.227.135.231 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location
http://track.jetads.io/disabled.html
Date
Fri, 15 Jan 2021 04:23:29 GMT
Server
nginx
Connection
keep-alive
Content-Length
59
Content-Type
text/html; charset=utf-8
redirect
xml.blueparrot.media/
Redirect Chain
  • https://appnappmo.g2afse.com/click?pid=2&offer_id=72439&sub1=NCT_iphone_fr_ofid8029869_pid552_sub1,_sub2,_sub3adsperfectionppre_nat32_sub4_sub5&sub2=106240552_,&sub5=id927006017
  • https://appalgo.g2afse.com/click?pid=14&offer_id=50695&sub1=600118c4db138f00014233c3&sub2=2_106240552_,&sub3=&sub4=&sub5=id927006017
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=807&cid=&sid=14&udid=&name=&info=appalgorem&blockTime=0
  • https://click.clickmara.com/tracking/click?clickid=NCT_iphone_fr_ofid9308497_pid616_sub1_sub214_sub3appalgorem_nat22_sub4_sub5&trafficsource=1373671014&offerid=431560412108010800&pub_subid=10624061...
  • https://ila3.co/o/188408?p=150&aff_clickid=1610684612000R7051&sub1=NV82ZTZjYTM5YTZkMTY3YmQzZDk4ZTZlNWE5MGQzMWVkNA==_aef093e2a58b36cde0d7dc2b7791a6aea0e22a20&idfa=&app_name=id842250179
  • https://click.iconpeak2trk.com/click?pid=385&offer_id=8213&ext1=2841eb56e96d581570d3c252_188408_228125&sub1=150_5006002808&sub3=&sub5=id842250179&sub6=
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=691&cid=&sid=385&udid=&name=&info=iconpeakppre&blockTime=0
  • https://digitalfuture.g2afse.com/click?pid=2&offer_id=1238491&sub1=NCT_iphone_fr_ofid9648766_pid616_sub1_sub2385_sub3iconpeakppre_nat1_sub4_sub5&sub2=106240616_385&sub5=id593715088
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=886&cid=&sid=2&udid=&name=&info=ElishaSL&blockTime=0
  • https://toptopmedia.g2afse.com/click?pid=214&offer_id=3127678&sub1=NCT_iphone_fr_ofid9693175_pid616_sub1_sub22_sub3ElishaSL_nat19_sub4_sub5&sub2=106240616_2&sub3=id766443283
  • https://gowith.go2affise.com/click?pid=199&offer_id=2032324&sub1=600118c4b31f940001476cfc&sub2=214&sub3=&sub4=id766443283&ip=&device_ua=&sub5=
  • http://xml.blueparrot.media/redirect?feed=242010&auth=9tpPZk&url=google.com&pub_click_id=&subid=199_214
0
113 B
Stylesheet
General
Full URL
http://xml.blueparrot.media/redirect?feed=242010&auth=9tpPZk&url=google.com&pub_click_id=&subid=199_214
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Server
174.137.133.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-store
Connection
keep-alive
Age
0
Content-Length
0

Redirect headers

location
http://xml.blueparrot.media/redirect?feed=242010&auth=9tpPZk&url=google.com&pub_click_id=&subid=199_214
date
Fri, 15 Jan 2021 04:23:32 GMT
referer
referrer-policy
no-referrer
server
nginx
content-length
142
content-type
text/html; charset=utf-8
21367515bcdfaf81e2d9.js
trk104.nedo.xyz/l/
Redirect Chain
  • https://appnapp.g2afse.com/click?pid=33&offer_id=2486777&sub1=NCT_iphone_fr_ofid9520792_pid552_sub1,_sub2,_sub3adsperfectionppre_nat33_sub4_sub5&sub2=106240552_,&sub5=id927006017
  • https://zappiering.com/noid/hurried?wiry=yUTfM5ug980FMq10Mn96ng%3D%3D&pid=20&clk=
  • https://thespook.xyz/l/21367515bcdfaf81e2d9?source=ww
  • https://trk104.nedo.xyz/l/21367515bcdfaf81e2d9.js?source=ww
0
0
Stylesheet
General
Full URL
https://trk104.nedo.xyz/l/21367515bcdfaf81e2d9.js?source=ww
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.204.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Fri, 15 Jan 2021 04:23:29 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qvQA87GH%2Bz5BuTW8Nb2XZvlo0qg63ciDM7ucKDiUaPzOQ9JjfxmlQ6%2FY5enYJNa%2BG%2F1Im19KmfAQDaHT%2BCjgBs%2BxIV75mtcvXRIKc4%2BQxO4kER70gDOKcsA%3D"}],"group":"cf-nel","max_age":604800}
location
https://trk104.nedo.xyz/l/21367515bcdfaf81e2d9.js?source=ww
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
611cd25b6fbb4ac2-FRA
cf-request-id
07a5e1cd2200004ac22415f000000001
expires
Thu, 01 Jan 1970 00:00:01 GMT
click
times25.go2affise.com/
Redirect Chain
  • https://monetizeplus.g2afse.com/click?pid=819&offer_id=833310&sub1=NCT_iphone_fr_ofid9520397_pid552_sub1,_sub2,_sub3adsperfectionppre_nat34_sub4_sub5&sub2=106240552_,&sub5=id927006017
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=793&cid=&sid=819&udid=&name=&info=monetizeppre&blockTime=0
  • https://adcrate-solutions.go2affise.com/click?pid=80&offer_id=1387622&sub1=NCT_iphone_fr_ofid9678797_pid616_sub1_sub2819_sub3monetizeppre_nat22_sub4_sub5&sub2=106240616_819&sub4=id290638154
  • https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=881&cid=&sid=80&udid=&name=&info=AdcrateAffiseSL&blockTime=0
  • https://times25.go2affise.com/click?pid=607&offer_id=147123&sub1=NCT_iphone_fr_ofid9224105_pid616_sub1_sub280_sub3AdcrateAffiseSL_nat15_sub4_sub5&sub2=106240616_80&sub5=id285755462
0
0

redirect
xml.blueparrot.media/
Redirect Chain
  • https://gowith.go2affise.com/click?pid=141&offer_id=1755130&sub1=NCT_iphone_fr_ofid9677583_pid552_sub1,_sub2,_sub3adsperfectionppre_nat35_sub4_sub5&sub2=106240552_,&sub4=id927006017
  • http://xml.blueparrot.media/redirect?feed=242010&auth=9tpPZk&url=google.com&pub_click_id=&subid=141_106240552_,
0
0
Stylesheet
General
Full URL
http://xml.blueparrot.media/redirect?feed=242010&auth=9tpPZk&url=google.com&pub_click_id=&subid=141_106240552_,
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Server
174.137.133.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-store
Connection
keep-alive
Age
0
Content-Length
38

Redirect headers

location
http://xml.blueparrot.media/redirect?feed=242010&auth=9tpPZk&url=google.com&pub_click_id=&subid=141_106240552_,
date
Fri, 15 Jan 2021 04:23:32 GMT
referer
referrer-policy
no-referrer
server
nginx
content-length
150
content-type
text/html; charset=utf-8
click
track.media-412.com/
0
0

click
click.clickmara.com/tracking/
0
80 B
Stylesheet
General
Full URL
https://click.clickmara.com/tracking/click?clickid=NCT_iphone_fr_ofid9612647_pid552_sub1,_sub2,_sub3adsperfectionppre_nat37_sub4_sub5&trafficsource=1373692397&offerid=432167137710464523&pub_subid=106240552_,&sub_placement=id927006017
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.35.33 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
33.35.190.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 04:23:30 GMT
via
1.1 google
x-powered-by
Express
alt-svc
clear
content-length
0
id1501720596
apps.apple.com/app/
Redirect Chain
  • https://aver-leer.com/nm?pubref=NCT_iphone_fr_ofid8289399_pid552_sub1,_sub2,_sub3adsperfectionppre_nat38_sub4_sub5&pubref=NCT_iphone_fr_ofid8289399_pid552_sub1,_sub2,_sub3adsperfectionppre_nat38_su...
  • https://app.adjust.com/vzrhw86?adgroup=106240552&creative=%2C&event_callback_g2gfaz=https%3A%2F%2Faver-leer.com%2Fevent%2Fsecondary_event%3Fydrid%3D1770448b7f64584ob32of82b54297c74&event_callback_8...
  • https://apps.apple.com/app/id1501720596?mt=8
0
0
Stylesheet
General
Full URL
https://apps.apple.com/app/id1501720596?mt=8
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:181::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*

Redirect headers

location
https://apps.apple.com/app/id1501720596?mt=8
date
Fri, 15 Jan 2021 04:23:31 GMT
connection
close
X-Robots-Tag
noindex
content-length
67
content-type
text/html; charset=utf-8
21367515bcdfaf81e2d9.js
trk104.nedo.xyz/l/
Redirect Chain
  • https://appnapp.g2afse.com/click?pid=33&offer_id=2492536&sub1=NCT_iphone_fr_ofid9589697_pid552_sub1,_sub2,_sub3adsperfectionppre_nat39_sub4_sub5&sub2=106240552_,&sub5=id927006017
  • https://zappiering.com/noid/hurried?wiry=yUTfM5ug980FMq10Mn96ng%3D%3D&pid=20&clk=
  • https://thespook.xyz/l/21367515bcdfaf81e2d9?source=ww
  • https://trk104.nedo.xyz/l/21367515bcdfaf81e2d9.js?source=ww
0
0
Stylesheet
General
Full URL
https://trk104.nedo.xyz/l/21367515bcdfaf81e2d9.js?source=ww
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.204.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Fri, 15 Jan 2021 04:23:29 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kT4K472RtX8KWGJYpN%2BLARWEo2PSTHdPzG3MCAqm20N70mD26B58koaW0JvZvEKUhplcYcbUG%2BgIMacOGY86rlVbthPAMV4mb7rxmlYw0wWRnsFHNsozNHs%3D"}],"group":"cf-nel","max_age":604800}
location
https://trk104.nedo.xyz/l/21367515bcdfaf81e2d9.js?source=ww
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
611cd25b6fb94ac2-FRA
cf-request-id
07a5e1cd2200004ac22d97d000000001
expires
Thu, 01 Jan 1970 00:00:01 GMT
redirect
xml.blueparrot.media/
Redirect Chain
  • https://lambadapp.go2affise.com/click?pid=46&offer_id=3624375&sub1=NCT_iphone_fr_ofid9428483_pid552_sub1,_sub2,_sub3adsperfectionppre_nat40_sub4_sub5&sub2=106240552_,&sub3=id927006017
  • https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub2=46_106240552_,
  • http://xml.blueparrot.media/redirect?feed=221274&auth=9tpPZk&url=http://www.google.com&subid=4_46_106240552_,
0
0
Stylesheet
General
Full URL
http://xml.blueparrot.media/redirect?feed=221274&auth=9tpPZk&url=http://www.google.com&subid=4_46_106240552_,
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Server
174.137.133.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-store
Connection
keep-alive
Age
0
Content-Length
38

Redirect headers

location
http://xml.blueparrot.media/redirect?feed=221274&auth=9tpPZk&url=http://www.google.com&subid=4_46_106240552_,
date
Fri, 15 Jan 2021 04:23:30 GMT
server
nginx
content-length
144
content-type
text/html; charset=utf-8
c55c7b6
t1.greatforwarding.com/
Redirect Chain
  • https://mookomedia.g2afse.com/click?pid=42&offer_id=170965&sub1=NCT_iphone_fr_ofid9591066_pid552_sub1,_sub2,_sub3adsperfectionppre_nat11_sub4_sub5&sub4=106240552_,&sub5=id927006017
  • https://278fklc.mapuravity.com/278fklc?p=42_106240552_,&sid=600118c511bcfe0001f91388&android_id=&android_a_id=&idfa=&app_id=id927006017&param1=
  • https://t1.greatforwarding.com/c55c7b6?p=002753_42_106240552_,
0
0
Stylesheet
General
Full URL
https://t1.greatforwarding.com/c55c7b6?p=002753_42_106240552_,
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.54.163.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-163-223.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jan 2021 04:23:33 GMT
Server
nginx
Content-Type
application/json
Cache-Control
private, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
17
Expires
-1

Redirect headers

location
https://t1.greatforwarding.com/c55c7b6?p=002753_42_106240552_,
Date
Fri, 15 Jan 2021 04:23:33 GMT
Server
nginx
Connection
keep-alive
Content-Length
4
Content-Type
application/json
click
apptastic.g2afse.com/
0
0

click
gowith.go2affise.com/
0
0

redirect
xml.blueparrot.media/
Redirect Chain
  • https://lambadapp.go2affise.com/click?pid=46&offer_id=3624375&sub1=NCT_iphone_fr_ofid9428483_pid552_sub1,_sub2,_sub3adsperfectionppre_nat40_sub4_sub5&sub2=106240552_,&sub3=id927006017
  • https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub2=46_106240552_,
  • http://xml.blueparrot.media/redirect?feed=221274&auth=9tpPZk&url=http://www.google.com&subid=4_46_106240552_,
0
0
Stylesheet
General
Full URL
http://xml.blueparrot.media/redirect?feed=221274&auth=9tpPZk&url=http://www.google.com&subid=4_46_106240552_,
Requested by
Host: cpi-offers.com
URL: http://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=552&info=adsperfectionppre&blockTime=0
Protocol
HTTP/1.1
Server
174.137.133.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-store
Connection
keep-alive
Age
0
Content-Length
38

Redirect headers

location
http://xml.blueparrot.media/redirect?feed=221274&auth=9tpPZk&url=http://www.google.com&subid=4_46_106240552_,
date
Fri, 15 Jan 2021 04:23:34 GMT
server
nginx
content-length
144
content-type
text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
track.media-412.com
URL
https://track.media-412.com/click?pid=225&offer_id=857180&sub1=106240552_,&sub2=NCT_iphone_fr_ofid8865115_pid552_sub1,_sub2,_sub3adsperfectionppre_nat7_sub4_sub5&sub5=id927006017
Domain
track.g4s6.com
URL
https://track.g4s6.com/tnser/18/12072?c=&sp=310
Domain
track.media-412.com
URL
https://track.media-412.com/click?pid=225&offer_id=38119&sub1=106240616_&sub2=NCT_iphone_fr_ofid8864932_pid616_sub1_sub2_sub3TbLabq_nat7_sub4_sub5&sub5=id290638154
Domain
track.media-412.com
URL
https://track.media-412.com/click?pid=225&offer_id=1447714&sub1=106240616_307&sub2=NCT_iphone_fr_ofid9708806_pid616_sub1_sub2307_sub3iconpeakppre_nat25_sub4_sub5&sub5=id1482926247
Domain
promo.worldofwarships.eu
URL
https://promo.worldofwarships.eu/glows-27628/eu-fr/?pub_id=2632&xid=600118c4f85ac20001e20601&xid_param1=2_%2C&xid_param_2=&sid=SIDQr-tARfMX7btPpn39z4mUQe0LAM6pgsH2Bf4Ro5-7Tp3VP8mbARFMyLs0d1vQhSsnGnkB8A_73Cml6cwrFc0xcUQg-jyNyJrxVWo18fnDdrS0T2azWcQiAghmU3JiF6S5_9fLj2d-D5YlF8&enctid=c8jg1k83plpp&lpsn=WOWS+TMPLT1+CODE+BOOM+global&foris=1&utm_source=wlap&utm_medium=affiliate&utm_campaign=jtgho0iv&utm_content=2632
Domain
clicks.rtad.io
URL
https://clicks.rtad.io/tracking/click?clickid=NCT_iphone_fr_ofid9677035_pid616_sub1600118c4a2840f0001a3d9b1_sub255_sub3CellonSL_nat20_sub4_sub5&trafficsource=1373692397&offerid=432275643885207816&pub_subid=106240616_55&idfa=55A18F10-B22B-4CED-B068-8843C24B9732&gaid=55A18F10-B22B-4CED-B068-8843C24B9732&sub_placement=id1453411110
Domain
track.media-412.com
URL
https://track.media-412.com/click?pid=225&offer_id=1444989&sub1=106240552_,&sub2=NCT_iphone_fr_ofid9685552_pid552_sub1,_sub2,_sub3adsperfectionppre_nat26_sub4_sub5&sub4=CD30B0FA-4937-4B13-88FA-6A978AA516E1&sub5=id927006017
Domain
track.media-412.com
URL
https://track.media-412.com/click?pid=225&offer_id=1044668&sub1=106240552_,&sub2=NCT_iphone_fr_ofid9285996_pid552_sub1,_sub2,_sub3adsperfectionppre_nat30_sub4_sub5&sub5=id927006017
Domain
times25.go2affise.com
URL
https://times25.go2affise.com/click?pid=607&offer_id=147123&sub1=NCT_iphone_fr_ofid9224105_pid616_sub1_sub280_sub3AdcrateAffiseSL_nat15_sub4_sub5&sub2=106240616_80&sub5=id285755462
Domain
track.media-412.com
URL
https://track.media-412.com/click?pid=225&offer_id=1437289&sub1=106240552_,&sub2=NCT_iphone_fr_ofid9572095_pid552_sub1,_sub2,_sub3adsperfectionppre_nat36_sub4_sub5&sub5=id927006017
Domain
apptastic.g2afse.com
URL
https://apptastic.g2afse.com/click?pid=46&offer_id=3813758&sub1=NCT_iphone_fr_ofid9590848_pid552_sub1,_sub2,_sub3adsperfectionppre_nat29_sub4_sub5&sub2=106240552_,&sub4=id927006017
Domain
gowith.go2affise.com
URL
https://gowith.go2affise.com/click?pid=141&offer_id=1755130&sub1=NCT_iphone_fr_ofid9677583_pid552_sub1,_sub2,_sub3adsperfectionppre_nat35_sub4_sub5&sub2=106240552_,&sub4=id927006017

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

278fklc.mapuravity.com
apnp.trckswrm.com
app.adjust.com
app.appsflyer.com
appalgo.g2afse.com
appnapp.g2afse.com
appnappmo.g2afse.com
apps.apple.com
apptastic.g2afse.com
aptrt.trckswrm.com
aver-leer.com
bercioles.com
bondika.g2afse.com
brainadv.g2afse.com
bv.strandnm.xyz
c.allontrk.com
click.clickmara.com
click.iconpeak2trk.com
click.kanmobi.net
click.mnmnck.com
clicks.rtad.io
cpi-offers.com
digitalfuture.g2afse.com
funimete.com
go2.enjoycpi.com
gowith.go2affise.com
gowtmd.trckswrm.com
ila3.co
itunes.apple.com
lambadapp.go2affise.com
letsleeper.com
lucazepa.com
mobee.g2afse.com
mookomedia.g2afse.com
nexamob.g2afse.com
olamob.g2afse.com
omnidatasolution.com
pandamobi.gotrackier.com
poqueras.com
promo.worldofwarships.eu
spradit.go2affise.com
srv6.feed-apps.com
t.9696.me
t1.greatforwarding.com
tare.pro
thespook.xyz
times25.go2affise.com
toptopmedia.g2afse.com
track.g4s6.com
track.jetads.io
track.media-412.com
track.themedia.site
trk104.nedo.xyz
ttmma.g2afse.com
twitter.tlnk.io
valuadle.g2afse.com
xml.blueparrot.media
zappiering.com
zenoclick.g2afse.com
zorkamarket.g2afse.com
apptastic.g2afse.com
clicks.rtad.io
gowith.go2affise.com
promo.worldofwarships.eu
times25.go2affise.com
track.g4s6.com
track.media-412.com
104.21.32.17
104.21.69.236
104.27.178.200
107.178.241.150
172.64.164.30
172.64.204.22
172.64.99.24
172.67.143.188
172.67.158.57
173.212.201.66
174.137.133.18
185.151.204.11
212.7.209.69
212.7.209.71
213.227.134.194
213.227.134.198
213.227.134.204
213.227.134.220
213.227.134.236
213.227.135.207
213.227.135.229
213.227.135.231
213.227.135.235
213.227.156.13
213.227.156.19
213.227.156.233
213.227.156.234
2606:4700:3033::ac43:de25
2606:4700:3039::681f:d50a
2606:4700:e0::ac40:6c04
2a02:26f0:6c00:181::2a1
3.124.136.225
3.226.13.42
3.231.97.236
34.120.248.84
34.95.74.198
35.190.35.33
35.241.13.125
44.238.181.62
5.9.5.202
5.9.6.203
52.203.234.71
52.49.52.35
52.54.163.223
52.71.147.113
65.9.58.77
1c439fcd21bab032475e5d1570615485417e6cfb202f774f9f16d77f0448d0d6
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
9870d573399508f45b37a8e479ef243a82c48e54c8089c85b43b7e8dbb82ae34
d7ba5fc0384ab15cd0377651d44ca3944c75e1c0935f4fcdcf4aac8beb118c19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855