cpi-offers.com Open in urlscan Pro
3.122.11.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://o5o4o6.com/
Effective URL:
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870...
Submission: On January 07 via manual (January 7th 2020, 2:46:49 pm UTC) from DE

Summary HTTP 70 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 7 countries across 31 domains to perform 70 HTTP transactions. The main IP is 3.122.11.19, located in Frankfurt am Main, Germany and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is cpi-offers.com.
TLS certificate: Issued by Amazon on December 23rd 2019. Valid for: a year.

This is the only time cpi-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.77.13.95 54.77.13.95	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	3.122.11.19 3.122.11.19	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4 19	213.227.135.229 213.227.135.229	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	35.190.57.20 35.190.57.20	15169 (GOOGLE) (GOOGLE - Google LLC)
3	35.190.65.191 35.190.65.191	15169 (GOOGLE) (GOOGLE - Google LLC)
1	35.190.35.33 35.190.35.33	15169 (GOOGLE) (GOOGLE - Google LLC)
2 4	213.227.134.204 213.227.134.204	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 3	213.227.135.207 213.227.135.207	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	84.110.46.74 84.110.46.74	8551 (BEZEQ-INT...) (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone)
1 1	35.244.168.88 35.244.168.88	15169 (GOOGLE) (GOOGLE - Google LLC)
3 3	213.227.135.211 213.227.135.211	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4 5	148.251.136.142 148.251.136.142	24940 (HETZNER-AS) (HETZNER-AS)
1	104.31.67.13 104.31.67.13	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	88.198.53.171 88.198.53.171	24940 (HETZNER-AS) (HETZNER-AS)
3 4	213.227.134.200 213.227.134.200	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 3	2a02:26f0:f1:... 2a02:26f0:f1:188::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:e6:... 2606:4700:e6::ac40:c81b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	35.190.77.108 35.190.77.108	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	213.227.135.213 213.227.135.213	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	104.26.2.236 104.26.2.236	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	213.32.106.166 213.32.106.166	16276 (OVH) (OVH)
1	35.244.190.228 35.244.190.228	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	213.227.156.13 213.227.156.13	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.227.134.238 213.227.134.238	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	192.207.255.147 192.207.255.147	62821 (AS-MNX) (AS-MNX - MNX Solutions LLC)
1	35.241.13.125 35.241.13.125	15169 (GOOGLE) (GOOGLE - Google LLC)
4	3.120.60.101 3.120.60.101	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
70	18

1 54.77.13.95 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-13-95.eu-west-1.compute.amazonaws.com

o5o4o6.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.11.19 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-11-19.eu-central-1.compute.amazonaws.com

cpi-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 213.227.135.229 (Netherlands) 4 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

go2.enjoycpi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.57.20 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 20.57.190.35.bc.googleusercontent.com

click.alphamob.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.65.191 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 191.65.190.35.bc.googleusercontent.com

track.mobile-bt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.35.33 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 33.35.190.35.bc.googleusercontent.com

click.clickmara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.227.134.204 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

spykemedia.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.135.207 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

gowith.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.appm.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.110.46.74 (Israel) 2 redirects

ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL)
PTR: bzq-84-110-46-74.red.bezeqint.net

trkrc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.168.88 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 88.168.244.35.bc.googleusercontent.com

trk.keepfollowthelight.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.135.211 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

apptastic.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lambadapp.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 148.251.136.142 (Germany) 4 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.142.136.251.148.clients.your-server.de

c.apptrk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
21243.recycling.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.31.67.13 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

onlinish.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.53.171 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-53-171.clients.your-server.de

track.hexcan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.227.134.200 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

marlinads.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sabiamedia.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:f1:188::2a1 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)

itunes.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apps.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:c81b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

srv6.feed-apps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.77.108 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 108.77.190.35.bc.googleusercontent.com

clicks.rtad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.135.213 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

spradit.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.2.236 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

bestperforming.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.32.106.166 (France)

ASN16276 (OVH, FR)
PTR: ip166.ip-213-32-106.eu

www.mobilegames.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.190.228 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 228.190.244.35.bc.googleusercontent.com

click.appmultiple.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.156.13 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

adcrate-solutions.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.134.238 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

aandb.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
smartass.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.207.255.147 (Monroe, United States) 2 redirects

ASN62821 (AS-MNX - MNX Solutions LLC, US)
PTR: haproxy2.ad4game.com

ads.ad4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.13.125 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 125.13.241.35.bc.googleusercontent.com

click.kanmobi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.120.60.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-120-60-101.eu-central-1.compute.amazonaws.com

kobodo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	enjoycpi.com 4 redirects go2.enjoycpi.com	468 B
13	g2afse.com 10 redirects spykemedia.g2afse.com gowith.g2afse.com apptastic.g2afse.com marlinads.g2afse.com thingortwo.g2afse.com Failed mobee.g2afse.com Failed aandb.g2afse.com smartass.g2afse.com sabiamedia.g2afse.com veepn.g2afse.com Failed	2 KB
4	kobodo.co kobodo.co
4	go2affise.com 4 redirects spradit.go2affise.com lambadapp.go2affise.com adcrate-solutions.go2affise.com thingortwo.go2affise.com Failed	956 B
3	apple.com 1 redirects itunes.apple.com apps.apple.com	1003 B
3	apptrk.io 3 redirects c.apptrk.io	690 B
3	mobile-bt.com track.mobile-bt.com	167 B
2	ad4game.com 2 redirects ads.ad4game.com	975 B
2	bestperforming.site bestperforming.site
2	rtad.io clicks.rtad.io	125 B
2	recycling.io 1 redirects 21243.recycling.io	206 B
2	trkrc.com 2 redirects trkrc.com	773 B
2	cpi-offers.com 1 redirects cpi-offers.com	2 KB
1	kanmobi.net click.kanmobi.net	83 B
1	appmultiple.net click.appmultiple.net	83 B
1	mobilegames.mobi www.mobilegames.mobi
1	appm.app 1 redirects media.appm.app	179 B
1	feed-apps.com srv6.feed-apps.com	346 B
1	hexcan.com 1 redirects track.hexcan.com	393 B
1	onlinish.com onlinish.com
1	keepfollowthelight.online 1 redirects trk.keepfollowthelight.online	187 B
1	clickmara.com click.clickmara.com	149 B
1	alphamob.pl click.alphamob.pl	149 B
1	o5o4o6.com 1 redirects o5o4o6.com	634 B
0	onieruco.com Failed onieruco.com Failed
0	flamingmargarita.club Failed mob.flamingmargarita.club Failed
0	blueparrot.media Failed xml.blueparrot.media Failed
0	surfthewave.xyz Failed track1.surfthewave.xyz Failed
0	starklito.com Failed go1.starklito.com Failed
0	waveparadise.xyz Failed mob.waveparadise.xyz Failed
0	hoolopiniomaster.space Failed trk.hoolopiniomaster.space Failed
70	31

	Domain	Requested by
19	go2.enjoycpi.com	4 redirects cpi-offers.com
4	kobodo.co	cpi-offers.com
4	spykemedia.g2afse.com	2 redirects cpi-offers.com
3	marlinads.g2afse.com	2 redirects cpi-offers.com
3	c.apptrk.io	3 redirects
3	track.mobile-bt.com	cpi-offers.com
2	ads.ad4game.com	2 redirects
2	bestperforming.site	cpi-offers.com
2	lambadapp.go2affise.com	2 redirects
2	clicks.rtad.io	cpi-offers.com
2	apps.apple.com	cpi-offers.com
2	21243.recycling.io	1 redirects cpi-offers.com
2	trkrc.com	2 redirects
2	gowith.g2afse.com	2 redirects cpi-offers.com
2	cpi-offers.com	1 redirects
1	click.kanmobi.net	cpi-offers.com
1	sabiamedia.g2afse.com	1 redirects
1	smartass.g2afse.com	1 redirects
1	aandb.g2afse.com	1 redirects
1	adcrate-solutions.go2affise.com	1 redirects
1	click.appmultiple.net	cpi-offers.com
1	www.mobilegames.mobi	cpi-offers.com
1	media.appm.app	1 redirects
1	spradit.go2affise.com	1 redirects
1	srv6.feed-apps.com	cpi-offers.com
1	itunes.apple.com	1 redirects
1	track.hexcan.com	1 redirects
1	onlinish.com	cpi-offers.com
1	apptastic.g2afse.com	1 redirects
1	trk.keepfollowthelight.online	1 redirects
1	click.clickmara.com	cpi-offers.com
1	click.alphamob.pl	cpi-offers.com
1	o5o4o6.com	1 redirects
0	onieruco.com Failed	cpi-offers.com
0	mob.flamingmargarita.club Failed	cpi-offers.com
0	thingortwo.go2affise.com Failed	cpi-offers.com
0	xml.blueparrot.media Failed	cpi-offers.com
0	track1.surfthewave.xyz Failed	cpi-offers.com
0	veepn.g2afse.com Failed	cpi-offers.com
0	mobee.g2afse.com Failed	cpi-offers.com
0	go1.starklito.com Failed	cpi-offers.com
0	thingortwo.g2afse.com Failed	cpi-offers.com
0	mob.waveparadise.xyz Failed	cpi-offers.com
0	trk.hoolopiniomaster.space Failed	cpi-offers.com
70	44

This site contains no links.

Subject Issuer	Validity	Valid
cpi-offers.com Amazon	`2019-12-23` - `2021-01-23`	a year	crt.sh
go2.enjoycpi.com Go Daddy Secure Certificate Authority - G2	`2019-03-26` - `2020-03-26`	a year	crt.sh
*.alphamob.pl Let's Encrypt Authority X3	`2020-01-03` - `2020-04-02`	3 months	crt.sh
*.mobile-bt.com Let's Encrypt Authority X3	`2019-12-26` - `2020-03-25`	3 months	crt.sh
*.clickmara.com Let's Encrypt Authority X3	`2019-12-26` - `2020-03-25`	3 months	crt.sh
*.g2afse.com DigiCert ECC Secure Server CA	`2019-08-23` - `2020-08-27`	a year	crt.sh
onlinish.com CloudFlare Inc ECC CA-2	`2019-07-31` - `2020-07-30`	a year	crt.sh
itunes.apple.com DigiCert SHA2 Extended Validation Server CA	`2019-10-28` - `2020-10-28`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-17` - `2020-10-09`	a year	crt.sh
*.rtad.io Let's Encrypt Authority X3	`2019-12-03` - `2020-03-02`	3 months	crt.sh
*.recycling.io Sectigo RSA Domain Validation Secure Server CA	`2019-04-05` - `2021-04-04`	2 years	crt.sh
www.mobilegames.mobi Let's Encrypt Authority X3	`2019-10-12` - `2020-01-10`	3 months	crt.sh
click.appmultiple.net Let's Encrypt Authority X3	`2019-12-04` - `2020-03-03`	3 months	crt.sh
*.kanmobi.net Let's Encrypt Authority X3	`2019-12-05` - `2020-03-04`	3 months	crt.sh
www.kobodo.co Amazon	`2019-03-14` - `2020-04-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name=
Frame ID: 4B7E97EE68846ECCD2E89430785A3CFA
Requests: 70 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://o5o4o6.com/ HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=0... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

70
Requests

57 %
HTTPS

7 %
IPv6

31
Domains

44
Subdomains

18
IPs

7
Countries

3 kB
Transfer

9 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://o5o4o6.com/ HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://spykemedia.g2afse.com/click?pid=230&offer_id=824054&sub1=NCT_iphone_gb_ofid2395237_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat9_sub4_sub5&sub2=220813_&sub4=220813_&sub3=id306310789 HTTP 302
https://spykemedia.g2afse.com/disabled.html

Request Chain 12

https://adcrate-solutions.go2affise.com/click?pid=23&offer_id=678168&sub1=NCT_iphone_gb_ofid3572329_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat13_sub4_sub5&sub2=_4850813&sub4=id306310789 HTTP 302
https://irismedia.g2afse.com/click?pid=30&offer_id=20450&sub1=5e1499c3f456bd00018d4e81&sub2=23__4850813&sub3=&sub4=id306310789 HTTP 302
https://trk.hoolopiniomaster.space/?sddtid=sdam21&sdpi=115&pdco=IRisju124Mda&pdos=112313&pducid=5e1499c3b10b4f00018d9b0e&pisc1=30&pssc2=30_23__4850813&pddo=id306310789&pdumid=

Request Chain 13

https://gowith.g2afse.com/click?pid=141&offer_id=1525229&sub1=NCT_iphone_gb_ofid3424573_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat14_sub4_sub5&sub2=220813_&sub4=id306310789 HTTP 302
https://trkrc.com/t/592903?A1=5e1499b46cea5100012f7d39&A5=141_220813_&A2=&A3=&A4=id306310789 HTTP 302
https://trk.keepfollowthelight.online/click?taghash=43&publisher=29&servty=html&apnname=id306310789&P2=1931_141_220813_&bundleid=id306310789&idfa=&androidid=&pubclickid=11ea315c7426e6018b6a0f1447716b1c_592903_51952 HTTP 302
https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=781&cid={clickid}&sid={A5}&udid=&name=&info=CYGsl&blockTime=0 HTTP 302
https://apptastic.g2afse.com/click?pid=33&offer_id=1073448&sub1=NCT_iphone_gb_ofid3102869_pid616_sub1%7Bclickid%7D_sub2%7BA5%7D_sub3CYGsl_nat33_sub4_sub5&sub2=220616_%7BA5%7D&sub4=id358899126 HTTP 302
https://c.apptrk.io/click?offer_id=74825&aff_id=20021&pub_click_id=5e1499b69b0bfd0001e75040&pub_sub_id=33_220616_{A5}&idfa=&app=id358899126&gaid= HTTP 302
https://21243.recycling.io/click?affiliate_id=20021&offer_id=63865&pub_id=21243&pub_sub_id=20021&pub_sub_sub_id=74825&transaction_id=AfprWPYAAAFvgHhyiAABJEkAAE41&br=OFFER_TARGETING%2CADVANCED_TARGETING HTTP 302
https://c.apptrk.io/click?offer_id=64905&pub_id=21243&pub_sub_id=20021&x=AQAXSx8AAAFvgHh0AgAA-XkAAFL7&pub_click_id= HTTP 302
https://onlinish.com/c/4a09b84f-9a9f-11e5-b565-02f6361de079?transaction_id=AYxOt1oAAAFvgHh0MgAA_YkAAFL7&aff_id=21243&sub_id=20021

Request Chain 14

https://track.hexcan.com/?aff_id=387191&offer_id=3332903&aff_sub=NCT_iphone_gb_ofid2706859_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat15_sub4_sub5&aff_sub2=220813_&aff_sub3=id306310789 HTTP 302
https://marlinads.g2afse.com/click?pid=5&offer_id=834&sub1=80b63c9553d6773a18ccf0b633bc8f42 HTTP 302
https://marlinads.g2afse.com/disabled.html

Request Chain 15

https://marlinads.g2afse.com/click?pid=48&offer_id=3097&sub1=NCT_iphone_gb_ofid3192845_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat16_sub4_sub5&sub2=220813_&sub3=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 HTTP 302
https://itunes.apple.com/gb/app/freeprints-free-photos-delivered/id771946428 HTTP 301
https://apps.apple.com/gb/app/freeprints-free-photos-delivered/id771946428

Request Chain 18

https://adcrate-solutions.go2affise.com/click?pid=23&offer_id=664519&sub1=NCT_iphone_gb_ofid2839761_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat19_sub4_sub5&sub2=_4850813&sub3=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub4=id306310789 HTTP 302
https://aandb.g2afse.com/click?pid=2&offer_id=1087&sub1=5e1499c345190c00018c9c27&sub2=23__4850813&sub3=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub4=id306310789 HTTP 302
https://marlinads.g2afse.com/click?pid=60&offer_id=46&sub1=5e1499c3d37640000158fd76&sub2=2_23__4850813&sub3=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 HTTP 302
https://track.hexcan.com/?aff_id=374320&offer_id=3253123&aff_sub=5e1499c31743df0001cd30fb&aff_sub2=60&idfa=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&Aff_sub3=5e1499c3d37640000158fd76 HTTP 302
https://mob.waveparadise.xyz/redirect?feed=184928&auth=ebuQy0&url=https%3A%2F%2Fglobalpost.top&subid=2_&query=https%3A%2F%2Fglobalpost.top&pub_clickid=38d91fc48a3376d36828c12e22fc31e4

Request Chain 19

https://spradit.go2affise.com/click?pid=9&offer_id=216094&sub1=12523&sub2=220813_&sub3=id306310789&sub5=NCT_iphone_gb_ofid3197380_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat20_sub4_sub5 HTTP 302
https://c.apptrk.io/click?offer_id=74893&aff_id=20872&aff_click_id=5e1499b7e327f20001137cb7&aff_sub=2789220813_&source=12523&aff_sub5=id306310789 HTTP 302
https://21243.recycling.io/click?affiliate_id=20872&offer_id=63865&pub_id=21243&pub_sub_id=20872&pub_sub_sub_id=74893&transaction_id=ATjVGM4AAAFvgHhzRQABJI0AAFGI&br=OFFER_TARGETING%2CADVANCED_TARGETING

Request Chain 21

https://lambadapp.go2affise.com/click?pid=46&offer_id=1509103&sub1=NCT_iphone_gb_ofid2286301_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat22_sub4_sub5&sub2=220813_&sub3=id306310789 HTTP 302
https://bestperforming.site/c/1de4df78-33cb-3e1d-b4f0-6d8661439280?pubid=46&pubid2=220813_&cid=5e1499b74f7b910001d847b0

Request Chain 27

https://track.hexcan.com/?aff_id=387191&offer_id=3350407&aff_sub=NCT_iphone_gb_ofid2508981_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat28_sub4_sub5&aff_sub2=220813_&aff_sub3=id306310789 HTTP 302
https://mob.waveparadise.xyz/redirect?feed=184928&auth=ebuQy0&url=https%3A%2F%2Fglobalpost.top&subid=2_&query=https%3A%2F%2Fglobalpost.top&pub_clickid=30c84d44d17bafddb9f797f7211e687a

Request Chain 29

https://adcrate-solutions.go2affise.com/click?pid=23&offer_id=662300&sub1=NCT_iphone_gb_ofid2799361_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat30_sub4_sub5&sub2=_4850813&sub4=id306310789 HTTP 302
https://aandb.g2afse.com/click?pid=2&offer_id=907&sub1=5e1499c3f456bd00019c9935&sub2=23__4850813&sub3=&sub4=id306310789 HTTP 302
https://marlinads.g2afse.com/click?pid=60&offer_id=3015&sub1=5e1499c3414ba00001aa677f&sub2=2_23__4850813&sub3=&sub4=&sub5=id306310789 HTTP 302
https://go1.phoebemap.com/6mvwdo7?sid=5e1499c31743df0001a6ace8&p=60_2_23__4850813&android_a_id=&idfa=&app_id=id306310789 HTTP 302
https://t1.greatforwarding.com/c55c7b6?p=002849_60_2_23__4850813 HTTP 302
https://t1.contentgreat.com/c/d7japi8?c=0&po=&a=c55c7b6&p=000199_002849_60_2_23__4850813&s=199&st=339&f=4&sh=&ct=&w=&h=&isp=M247%20Europe%20SRL&callback_url={callbackurl}&xcl=mobrain_206393 HTTP 302
https://go1.starklito.com/d7japi8?a=c55c7b6&c=0&callback_url=%7Bcallbackurl%7D&f=4&p=000199_002849_60_2_23__4850813&po=&s=199&sh=&st=339&xcl=mobrain_206393

Request Chain 30

https://media.appm.app/click?pid=206&offer_id=54881&sub1=NCT_iphone_gb_ofid3614026_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat31_sub4_sub5&sub2=220813&sub3=id306310789&sub4= HTTP 302
https://www.mobilegames.mobi/?sl=3793305-5d161&data1=Track1&data2=Track2&tag=&website=206&placement=220813

Request Chain 33

https://lambadapp.go2affise.com/click?pid=46&offer_id=2295788&sub1=NCT_iphone_gb_ofid3622033_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat34_sub4_sub5&sub2=220813_&sub3=id306310789 HTTP 302
https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub1=&sub2=46_220813_

Request Chain 34

https://adcrate-solutions.go2affise.com/click?pid=23&offer_id=712086&sub1=NCT_iphone_gb_ofid3585846_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat35_sub4_sub5&sub2=_4850813&sub4=id306310789 HTTP 302
https://aandb.g2afse.com/click?pid=2&offer_id=8777&sub1=5e1499c345190c0001eb6bb1&sub2=23__4850813&sub3=&sub4=id306310789 HTTP 302
https://smartass.g2afse.com/click?pid=26&offer_id=626464&sub3=5e1499c3d37640000158fd00&sub2=2_23__4850813&sub4=&sub1=id306310789 HTTP 302
https://sabiamedia.g2afse.com/click?pid=80&offer_id=647580&sub1=5e1499c39e508100010f61a9&sub2=26_2_23__4850813&sub3=&sub4=id306310789 HTTP 302
https://ads.ad4game.com/www/delivery/dck.php?offerid=6036&zoneid=62941&subid2=5e1499c35d261c00018452a2&affid=80_26_2_23__4850813&idfa=&gaid= HTTP 302
https://ads.ad4game.com/www/delivery/games.php?poolid=6036&zoneid=62941&subid2=5e1499c35d261c00018452a2&affid=80_26_2_23__4850813 HTTP 302
https://apps.apple.com/app/kapten/id504597178

Request Chain 39

https://lambadapp.go2affise.com/click?pid=46&offer_id=2293884&sub1=NCT_iphone_gb_ofid3621795_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat40_sub4_sub5&sub2=220813_&sub3=id306310789 HTTP 302
https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub1=&sub2=46_220813_

Request Chain 41

https://go2.enjoycpi.com/click?pid=813&offer_id=3445889&sub1=-1-1810870740&sub2=&sub3=affleppre_nat11&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 HTTP 302
https://kobodo.co/?rem

Request Chain 42

https://go2.enjoycpi.com/click?pid=813&offer_id=825018&sub1=-1-1810870740&sub2=&sub3=affleppre_nat12&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 HTTP 302
https://kobodo.co/?rem

Request Chain 44

https://gowith.g2afse.com/click?pid=141&offer_id=1525229&sub1=NCT_iphone_gb_ofid3424573_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat14_sub4_sub5&sub2=220813_&sub4=id306310789 HTTP 302
https://trkrc.com/t/592903?A1=5e1499c36cea510001670d14&A5=141_220813_&A2=&A3=&A4=id306310789 HTTP 302
https://spykemedia.g2afse.com/click?pid=199&offer_id=816945&sub1=11ea315c7c5307f08b6a0f1447716b1c_592903_56282&sub4=1931_141_220813_&sub3=NewsUK&sub2=1931_141_220813_&sub8=Timehop HTTP 302
https://spykemedia.g2afse.com/disabled.html

Request Chain 45

https://adcrate-solutions.go2affise.com/click?pid=23&offer_id=664519&sub1=NCT_iphone_gb_ofid2839761_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat19_sub4_sub5&sub2=_4850813&sub3=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub4=id306310789 HTTP 302
https://aandb.g2afse.com/click?pid=2&offer_id=1087&sub1=5e1499c4f456bd00018aaff3&sub2=23__4850813&sub3=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub4=id306310789 HTTP 302
https://marlinads.g2afse.com/click?pid=60&offer_id=46&sub1=5e1499c4414ba00001aa7062&sub2=2_23__4850813&sub3=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 HTTP 302
https://track.hexcan.com/?aff_id=374320&offer_id=3253123&aff_sub=5e1499c415e01b0001238bcf&aff_sub2=60&idfa=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&Aff_sub3=5e1499c4414ba00001aa7062 HTTP 302
https://mob.waveparadise.xyz/redirect?feed=184928&auth=ebuQy0&url=https%3A%2F%2Fglobalpost.top&subid=2_&query=https%3A%2F%2Fglobalpost.top&pub_clickid=bf321b3c4c9b627c02e24f71fe6ae32e

Request Chain 49

https://lambadapp.go2affise.com/click?pid=46&offer_id=1509103&sub1=NCT_iphone_gb_ofid2286301_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat22_sub4_sub5&sub2=220813_&sub3=id306310789 HTTP 302
https://bestperforming.site/c/1de4df78-33cb-3e1d-b4f0-6d8661439280?pubid=46&pubid2=220813_&cid=5e1499c4e3170a000190726e

Request Chain 51

https://go2.enjoycpi.com/click?pid=813&offer_id=2357055&sub1=-1-1810870740&sub2=&sub3=affleppre_nat24&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 HTTP 302
https://kobodo.co/?rem

Request Chain 52

https://go2.enjoycpi.com/click?pid=813&offer_id=216422&sub1=-1-1810870740&sub2=&sub3=affleppre_nat25&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 HTTP 302
https://kobodo.co/?rem

Request Chain 55

https://track.hexcan.com/?aff_id=387191&offer_id=3350407&aff_sub=NCT_iphone_gb_ofid2508981_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat28_sub4_sub5&aff_sub2=220813_&aff_sub3=id306310789 HTTP 302
https://mob.waveparadise.xyz/redirect?feed=184928&auth=ebuQy0&url=https%3A%2F%2Fglobalpost.top&subid=2_&query=https%3A%2F%2Fglobalpost.top&pub_clickid=7d094a7129b414c0e58e9c43d669d44f

Request Chain 57

https://adcrate-solutions.go2affise.com/click?pid=23&offer_id=662300&sub1=NCT_iphone_gb_ofid2799361_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat30_sub4_sub5&sub2=_4850813&sub4=id306310789 HTTP 302
https://aandb.g2afse.com/click?pid=2&offer_id=907&sub1=5e1499c5f456bd000127a281&sub2=23__4850813&sub3=&sub4=id306310789 HTTP 302
https://marlinads.g2afse.com/click?pid=60&offer_id=3015&sub1=5e1499c5414ba00001aa833e&sub2=2_23__4850813&sub3=&sub4=&sub5=id306310789 HTTP 302
https://go1.phoebemap.com/6mvwdo7?sid=5e1499c51743df00016ccae1&p=60_2_23__4850813&android_a_id=&idfa=&app_id=id306310789 HTTP 302
https://t1.greatforwarding.com/c55c7b6?p=002849_60_2_23__4850813 HTTP 302
https://t1.contentgreat.com/c/3101rca?c=0&po=&a=c55c7b6&p=000199_002849_60_2_23__4850813&s=199&st=339&f=4&sh=&ct=&w=&h=&isp=M247%20Europe%20SRL&callback_url={callbackurl}&xcl=mobrain_173222 HTTP 302
https://go1.starklito.com/3101rca?a=c55c7b6&c=0&callback_url=%7Bcallbackurl%7D&f=4&p=000199_002849_60_2_23__4850813&po=&s=199&sh=&st=339&xcl=mobrain_173222 HTTP 302
https://mob.flamingmargarita.club/redirect?feed=136105&auth=ebuQy0&url=https%3A%2F%2Fticktock.live&subid=364&subid2=000199_002849_60_2_23__4850813&query=2001071146a53ef8f3759063

Request Chain 61

https://lambadapp.go2affise.com/click?pid=46&offer_id=2295788&sub1=NCT_iphone_gb_ofid3622033_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat34_sub4_sub5&sub2=220813_&sub3=id306310789 HTTP 302
https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub1=&sub2=46_220813_

Request Chain 66

https://lambadapp.go2affise.com/click?pid=46&offer_id=2293884&sub1=NCT_iphone_gb_ofid3621795_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat40_sub4_sub5&sub2=220813_&sub3=id306310789 HTTP 302
https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub1=&sub2=46_220813_

70 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request fantastic.html Show response cpi-offers.com/ Redirect Chain http://o5o4o6.com/ https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name=	9 KB 2 KB	125ms 43ms	Document text/html	3.122.11.19 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.122.11.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-3-122-11-19.eu-central-1.compute.amazonaws.com Software nginx/1.14.1 / Express Resource Hash `24fdf870016a6cc30e10f383d8fedf83175d784c3d735e9cc7f396a2c9169e8a` Request headers :method GET :authority cpi-offers.com :scheme https :path /fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers status 200 date Tue, 07 Jan 2020 14:46:11 GMT content-type text/html; charset=utf-8 server nginx/1.14.1 x-powered-by Express access-control-allow-origin * etag W/"2584-GTXicq5OvKTHiJ6FlRvqa5qosC4" content-encoding gzip Redirect headers Cache-Control private Content-Type text/html; charset=utf-8 Date Tue, 07 Jan 2020 14:46:08 GMT Location https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie sid=gZf4f9kDDezaRIKOtzydicL34pbLlVvRp8s+qy2Ppqf1M5PEw+U4Xw==; domain=.o5o4o6.com; path=/; HttpOnly trk=5+O3hR54Np0cE0sW3R0n7cL34pbLlVvRp8s+qy2Ppqf1M5PEw+U4Xw==; domain=.o5o4o6.com; expires=Tue, 07-Jan-2025 20:16:08 GMT; path=/; HttpOnly Content-Length 296
GET H2	429	click go2.enjoycpi.com/	0 0	3181ms 48ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://go2.enjoycpi.com/click?pid=813&offer_id=209225&sub1=-1-1810870740&sub2=&sub3=affleppre_nat1&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET H2	429	click go2.enjoycpi.com/	0 0	3181ms 49ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://go2.enjoycpi.com/click?pid=813&offer_id=1586743&sub1=-1-1810870740&sub2=&sub3=affleppre_nat2&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET H2	429	click go2.enjoycpi.com/	0 0	3181ms 49ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://go2.enjoycpi.com/click?pid=813&offer_id=162972&sub1=-1-1810870740&sub2=&sub3=affleppre_nat3&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET H2	200	click click.alphamob.pl/tracking/	14 B 149 B	1255ms 182ms	Stylesheet text/html	35.190.57.20 Google LLC
General Check archive.org Show headers Download Go to Full URL https://click.alphamob.pl/tracking/click?clickid=NCT_iphone_gb_ofid3527636_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat4_sub4_sub5&trafficsource=1373692397&offerid=423583636705420273&pub_subid=220813_&sub_placement=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.190.57.20 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 20.57.190.35.bc.googleusercontent.com Software / Express Resource Hash `32bc65c82b3dde0447bb4f5a47c6b391dc15f4dc47d17837c050c221d2e90126` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Tue, 07 Jan 2020 14:46:13 GMT via 1.1 google x-powered-by Express etag W/"e-23ba03e4" content-type text/html; charset=utf-8 status 200 alt-svc clear content-length 14
GET H2	200	click track.mobile-bt.com/tracking/	0 42 B	92ms 34ms	Stylesheet text/plain	35.190.65.191 Google LLC
General Check archive.org Show headers Download Go to Full URL https://track.mobile-bt.com/tracking/click?clickid=NCT_iphone_gb_ofid3509332_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat5_sub4_sub5&trafficsource=1373696474&offerid=423075695081667244&pub_subid=220813&sub_placement=id306310789_ Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.190.65.191 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 191.65.190.35.bc.googleusercontent.com Software / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers status 200 date Tue, 07 Jan 2020 14:46:11 GMT via 1.1 google alt-svc clear x-powered-by Express content-length 0
GET H2	200	click click.clickmara.com/tracking/	14 B 149 B	192ms 135ms	Stylesheet text/html	35.190.35.33 Google LLC
General Check archive.org Show headers Download Go to Full URL https://click.clickmara.com/tracking/click?clickid=NCT_iphone_gb_ofid3562809_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat6_sub4_sub5&trafficsource=1373697408&offerid=423610066323595679&sub_placement=id306310789&pub_subid=220813_ Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.190.35.33 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 33.35.190.35.bc.googleusercontent.com Software / Express Resource Hash `32bc65c82b3dde0447bb4f5a47c6b391dc15f4dc47d17837c050c221d2e90126` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Tue, 07 Jan 2020 14:46:12 GMT via 1.1 google x-powered-by Express etag W/"e-23ba03e4" content-type text/html; charset=utf-8 status 200 alt-svc clear content-length 14
GET H2	429	click go2.enjoycpi.com/	0 0	3181ms 50ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://go2.enjoycpi.com/click?pid=813&offer_id=1757005&sub1=-1-1810870740&sub2=&sub3=affleppre_nat7&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET H2	429	click go2.enjoycpi.com/	0 0	3182ms 51ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://go2.enjoycpi.com/click?pid=813&offer_id=998309&sub1=-1-1810870740&sub2=&sub3=affleppre_nat8&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET H2	200	disabled.html spykemedia.g2afse.com/ Redirect Chain https://spykemedia.g2afse.com/click?pid=230&offer_id=824054&sub1=NCT_iphone_gb_ofid2395237_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat9_sub4_sub5&sub2=220813_&sub4=220813_&sub3=id306310789 https://spykemedia.g2afse.com/disabled.html	0 0	31ms 31ms	Stylesheet text/html	213.227.134.204 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://spykemedia.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.134.204 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Redirect headers status 302 date Tue, 07 Jan 2020 14:46:13 GMT server nginx content-length 37 location /disabled.html content-type text/html; charset=utf-8
GET H2	429	click go2.enjoycpi.com/	0 0	3181ms 51ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://go2.enjoycpi.com/click?pid=813&offer_id=889019&sub1=-1-1810870740&sub2=&sub3=affleppre_nat10&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET H2	429	click go2.enjoycpi.com/	0 0	3184ms 54ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://go2.enjoycpi.com/click?pid=813&offer_id=3445889&sub1=-1-1810870740&sub2=&sub3=affleppre_nat11&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET H2	429	click go2.enjoycpi.com/	0 0	3181ms 51ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://go2.enjoycpi.com/click?pid=813&offer_id=825018&sub1=-1-1810870740&sub2=&sub3=affleppre_nat12&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET		/ trk.hoolopiniomaster.space/ Redirect Chain https://adcrate-solutions.go2affise.com/click?pid=23&offer_id=678168&sub1=NCT_iphone_gb_ofid3572329_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat13_sub4_sub5&sub2=_4850813&sub4=id306310789 https://irismedia.g2afse.com/click?pid=30&offer_id=20450&sub1=5e1499c3f456bd00018d4e81&sub2=23__4850813&sub3=&sub4=id306310789 https://trk.hoolopiniomaster.space/?sddtid=sdam21&sdpi=115&pdco=IRisju124Mda&pdos=112313&pducid=5e1499c3b10b4f00018d9b0e&pisc1=30&pssc2=30_23__4850813&pddo=id306310789&pdumid=	0 0

GET H2	403	4a09b84f-9a9f-11e5-b565-02f6361de079 onlinish.com/c/ Redirect Chain https://gowith.g2afse.com/click?pid=141&offer_id=1525229&sub1=NCT_iphone_gb_ofid3424573_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat14_sub4_sub5&sub2=220813_&sub4=id306310789 https://trkrc.com/t/592903?A1=5e1499b46cea5100012f7d39&A5=141_220813_&A2=&A3=&A4=id306310789 https://trk.keepfollowthelight.online/click?taghash=43&publisher=29&servty=html&apnname=id306310789&P2=1931_141_220813_&bundleid=id306310789&idfa=&androidid=&pubclickid=11ea315c7426e6018b6a0f144771... https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=781&cid={clickid}&sid={A5}&udid=&name=&info=CYGsl&blockTime=0 https://apptastic.g2afse.com/click?pid=33&offer_id=1073448&sub1=NCT_iphone_gb_ofid3102869_pid616_sub1%7Bclickid%7D_sub2%7BA5%7D_sub3CYGsl_nat33_sub4_sub5&sub2=220616_%7BA5%7D&sub4=id358899126 https://c.apptrk.io/click?offer_id=74825&aff_id=20021&pub_click_id=5e1499b69b0bfd0001e75040&pub_sub_id=33_220616_{A5}&idfa=&app=id358899126&gaid= https://21243.recycling.io/click?affiliate_id=20021&offer_id=63865&pub_id=21243&pub_sub_id=20021&pub_sub_sub_id=74825&transaction_id=AfprWPYAAAFvgHhyiAABJEkAAE41&br=OFFER_TARGETING%2CADVANCED_TARGE... https://c.apptrk.io/click?offer_id=64905&pub_id=21243&pub_sub_id=20021&x=AQAXSx8AAAFvgHh0AgAA-XkAAFL7&pub_click_id= https://onlinish.com/c/4a09b84f-9a9f-11e5-b565-02f6361de079?transaction_id=AYxOt1oAAAFvgHh0MgAA_YkAAFL7&aff_id=21243&sub_id=20021	0 0	104ms 45ms	Stylesheet text/html	104.31.67.13 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://onlinish.com/c/4a09b84f-9a9f-11e5-b565-02f6361de079?transaction_id=AYxOt1oAAAFvgHh0MgAA_YkAAFL7&aff_id=21243&sub_id=20021 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.31.67.13 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Redirect headers Location https://onlinish.com/c/4a09b84f-9a9f-11e5-b565-02f6361de079?transaction_id=AYxOt1oAAAFvgHh0MgAA_YkAAFL7&aff_id=21243&sub_id=20021 content-length 0
GET H2	200	disabled.html marlinads.g2afse.com/ Redirect Chain https://track.hexcan.com/?aff_id=387191&offer_id=3332903&aff_sub=NCT_iphone_gb_ofid2706859_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat15_sub4_sub5&aff_sub2=220813_&aff_sub3=id306310789 https://marlinads.g2afse.com/click?pid=5&offer_id=834&sub1=80b63c9553d6773a18ccf0b633bc8f42 https://marlinads.g2afse.com/disabled.html	0 0	28ms 27ms	Stylesheet text/html	213.227.134.200 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://marlinads.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.134.200 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Redirect headers status 302 date Tue, 07 Jan 2020 14:46:12 GMT server nginx content-length 37 location /disabled.html content-type text/html; charset=utf-8
GET H2	200	id771946428 apps.apple.com/gb/app/freeprints-free-photos-delivered/ Redirect Chain https://marlinads.g2afse.com/click?pid=48&offer_id=3097&sub1=NCT_iphone_gb_ofid3192845_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat16_sub4_sub5&sub2=220813_&sub3=E49C14F3-7E22-4C3C-BC21-0B49BFA7... https://itunes.apple.com/gb/app/freeprints-free-photos-delivered/id771946428 https://apps.apple.com/gb/app/freeprints-free-photos-delivered/id771946428	0 0	746ms 742ms	Stylesheet text/html	2a02:26f0:f1:188::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/gb/app/freeprints-free-photos-delivered/id771946428 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f1:188::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers access-control-allow-origin * Redirect headers x-apple-application-site MR22 x-apple-jingle-correlation-key GMCBFDEEJG5TNNHOVK2U5RLBYQ strict-transport-security max-age=31536000 vary X-Apple-Store-Front, Cookie, X-Apple-Store-Front, Cookie x-apple-lokamai-no-cache true x-cache TCP_MISS from a72-247-179-86.deploy.akamaitechnologies.com (AkamaiGHost/9.8.5.1.1-27758809) (-) status 301 last-modified Tue, 07 Jan 2020 14:46:12 GMT x-apple-aka-ttl Generated Tue Jan 07 06:46:12 PST 2020, Expires Tue Jan 07 06:46:12 PST 2020, TTL 0s content-length 0 cache-control max-age=0 x-apple-translated-wo-url /WebObjects/MZStore.woa/wa/viewSoftware?id=771946428&cc=gb&urlDesc=/freeprints-free-photos-delivered apple-timing-app 2 ms x-true-cache-key /L/itunes.apple.com/gb/app/freeprints-free-photos-delivered/id771946428Browser vcd=2897 apple-tk false x-cache-remote TCP_REFRESH_MISS from a2-18-215-36.deploy.akamaitechnologies.com (AkamaiGHost/9.8.5.1.1-27758809) (S) apple-seq 0 location https://apps.apple.com/gb/app/freeprints-free-photos-delivered/id771946428 date Tue, 07 Jan 2020 14:46:12 GMT apple-originating-system MZStore x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin * x-apple-request-uuid 3304128c-8449-bb36-b4ee-aab54ec561c4 x-apple-orig-url https://itunes.apple.com/gb/app/freeprints-free-photos-delivered/id771946428 x-apple-partner origin.0 x-apple-application-instance 3012201 x-webobjects-loadaverage 0
GET H2	200	/ srv6.feed-apps.com/srv/click/	20 B 346 B	213ms 146ms	Stylesheet text/html	2606:4700:e6::ac40:c81b Cloudflare
General Check archive.org Show headers Download Go to Full URL https://srv6.feed-apps.com/srv/click/?pid=61012323&p1=NCT_iphone_gb_ofid2465008_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat17_sub4_sub5&p2=220813_&sub3=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub4=id306310789&sub5=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:c81b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `d7ba5fc0384ab15cd0377651d44ca3944c75e1c0935f4fcdcf4aac8beb118c19` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Tue, 07 Jan 2020 14:46:12 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare access-control-allow-origin * expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/html; charset=utf-8 status 200 cache-control no-cache cf-ray 5516b844c91564d9-FRA
GET H2	200	click clicks.rtad.io/tracking/	0 42 B	15557ms 54ms	Stylesheet text/plain	35.190.77.108 Google LLC
General Check archive.org Show headers Download Go to Full URL https://clicks.rtad.io/tracking/click?clickid=NCT_iphone_gb_ofid1625756_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat18_sub4_sub5&trafficsource=1373692397&offerid=421121830434980907&pub_subid=220813_&sub_placement=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.190.77.108 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 108.77.190.35.bc.googleusercontent.com Software / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers status 200 date Tue, 07 Jan 2020 14:46:27 GMT via 1.1 google alt-svc clear x-powered-by Express content-length 0
GET		redirect mob.waveparadise.xyz/ Redirect Chain https://adcrate-solutions.go2affise.com/click?pid=23&offer_id=664519&sub1=NCT_iphone_gb_ofid2839761_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat19_sub4_sub5&sub2=_4850813&sub3=E49C14F3-7E22-4C3C... https://aandb.g2afse.com/click?pid=2&offer_id=1087&sub1=5e1499c345190c00018c9c27&sub2=23__4850813&sub3=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub4=id306310789 https://marlinads.g2afse.com/click?pid=60&offer_id=46&sub1=5e1499c3d37640000158fd76&sub2=2_23__4850813&sub3=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306... https://track.hexcan.com/?aff_id=374320&offer_id=3253123&aff_sub=5e1499c31743df0001cd30fb&aff_sub2=60&idfa=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&Aff_sub3=5e1499c3d37640000158fd76 https://mob.waveparadise.xyz/redirect?feed=184928&auth=ebuQy0&url=https%3A%2F%2Fglobalpost.top&subid=2_&query=https%3A%2F%2Fglobalpost.top&pub_clickid=38d91fc48a3376d36828c12e22fc31e4	0 0

GET H/1.1	200 OK	click 21243.recycling.io/ Redirect Chain https://spradit.go2affise.com/click?pid=9&offer_id=216094&sub1=12523&sub2=220813_&sub3=id306310789&sub5=NCT_iphone_gb_ofid3197380_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat20_sub4_sub5 https://c.apptrk.io/click?offer_id=74893&aff_id=20872&aff_click_id=5e1499b7e327f20001137cb7&aff_sub=2789220813_&source=12523&aff_sub5=id306310789 https://21243.recycling.io/click?affiliate_id=20872&offer_id=63865&pub_id=21243&pub_sub_id=20872&pub_sub_sub_id=74893&transaction_id=ATjVGM4AAAFvgHhzRQABJI0AAFGI&br=OFFER_TARGETING%2CADVANCED_TARGE...	0 38 B	235ms 44ms	Stylesheet text/plain	148.251.136.142 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://21243.recycling.io/click?affiliate_id=20872&offer_id=63865&pub_id=21243&pub_sub_id=20872&pub_sub_sub_id=74893&transaction_id=ATjVGM4AAAFvgHhzRQABJI0AAFGI&br=OFFER_TARGETING%2CADVANCED_TARGETING Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 148.251.136.142 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.142.136.251.148.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers content-length 0 Redirect headers Location https://21243.recycling.io/click?affiliate_id=20872&offer_id=63865&pub_id=21243&pub_sub_id=20872&pub_sub_sub_id=74893&transaction_id=ATjVGM4AAAFvgHhzRQABJI0AAFGI&br=OFFER_TARGETING%2CADVANCED_TARGETING content-length 0
GET		click gowith.g2afse.com/	0 0

GET H2	403	1de4df78-33cb-3e1d-b4f0-6d8661439280 bestperforming.site/c/ Redirect Chain https://lambadapp.go2affise.com/click?pid=46&offer_id=1509103&sub1=NCT_iphone_gb_ofid2286301_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat22_sub4_sub5&sub2=220813_&sub3=id306310789 https://bestperforming.site/c/1de4df78-33cb-3e1d-b4f0-6d8661439280?pubid=46&pubid2=220813_&cid=5e1499b74f7b910001d847b0	0 0	206ms 88ms	Stylesheet text/html	104.26.2.236 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://bestperforming.site/c/1de4df78-33cb-3e1d-b4f0-6d8661439280?pubid=46&pubid2=220813_&cid=5e1499b74f7b910001d847b0 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.236 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Redirect headers date Tue, 07 Jan 2020 14:46:15 GMT referrer-policy no-referrer server nginx location https://bestperforming.site/c/1de4df78-33cb-3e1d-b4f0-6d8661439280?pubid=46&pubid2=220813_&cid=5e1499b74f7b910001d847b0 content-type text/html; charset=utf-8 status 302 referer content-length 150
GET H2	429	click go2.enjoycpi.com/	0 0	3180ms 51ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://go2.enjoycpi.com/click?pid=813&offer_id=2982264&sub1=-1-1810870740&sub2=&sub3=affleppre_nat23&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET H2	429	click go2.enjoycpi.com/	0 0	3183ms 54ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://go2.enjoycpi.com/click?pid=813&offer_id=2357055&sub1=-1-1810870740&sub2=&sub3=affleppre_nat24&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET H2	429	click go2.enjoycpi.com/	0 0	3180ms 52ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://go2.enjoycpi.com/click?pid=813&offer_id=216422&sub1=-1-1810870740&sub2=&sub3=affleppre_nat25&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET		click thingortwo.g2afse.com/	0 0

GET H2	200	click track.mobile-bt.com/tracking/	0 42 B	88ms 34ms	Stylesheet text/plain	35.190.65.191 Google LLC
General Check archive.org Show headers Download Go to Full URL https://track.mobile-bt.com/tracking/click?clickid=NCT_iphone_gb_ofid3525481_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat27_sub4_sub5&trafficsource=1373692397&offerid=423578190418440302&pub_subid=220813_&sub_placement=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.190.65.191 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 191.65.190.35.bc.googleusercontent.com Software / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers status 200 date Tue, 07 Jan 2020 14:46:11 GMT via 1.1 google alt-svc clear x-powered-by Express content-length 0
GET		redirect mob.waveparadise.xyz/ Redirect Chain https://track.hexcan.com/?aff_id=387191&offer_id=3350407&aff_sub=NCT_iphone_gb_ofid2508981_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat28_sub4_sub5&aff_sub2=220813_&aff_sub3=id306310789 https://mob.waveparadise.xyz/redirect?feed=184928&auth=ebuQy0&url=https%3A%2F%2Fglobalpost.top&subid=2_&query=https%3A%2F%2Fglobalpost.top&pub_clickid=30c84d44d17bafddb9f797f7211e687a	0 0

GET H2	200	click clicks.rtad.io/tracking/	0 83 B	15555ms 54ms	Stylesheet text/plain	35.190.77.108 Google LLC
General Check archive.org Show headers Download Go to Full URL https://clicks.rtad.io/tracking/click?clickid=NCT_iphone_gb_ofid3446833_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat29_sub4_sub5&trafficsource=1373692397&offerid=423514159703723131&pub_subid=220813_&sub_placement=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.190.77.108 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 108.77.190.35.bc.googleusercontent.com Software / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers status 200 date Tue, 07 Jan 2020 14:46:27 GMT via 1.1 google alt-svc clear x-powered-by Express content-length 0
GET		d7japi8 go1.starklito.com/ Redirect Chain https://adcrate-solutions.go2affise.com/click?pid=23&offer_id=662300&sub1=NCT_iphone_gb_ofid2799361_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat30_sub4_sub5&sub2=_4850813&sub4=id306310789 https://aandb.g2afse.com/click?pid=2&offer_id=907&sub1=5e1499c3f456bd00019c9935&sub2=23__4850813&sub3=&sub4=id306310789 https://marlinads.g2afse.com/click?pid=60&offer_id=3015&sub1=5e1499c3414ba00001aa677f&sub2=2_23__4850813&sub3=&sub4=&sub5=id306310789 https://go1.phoebemap.com/6mvwdo7?sid=5e1499c31743df0001a6ace8&p=60_2_23__4850813&android_a_id=&idfa=&app_id=id306310789 https://t1.greatforwarding.com/c55c7b6?p=002849_60_2_23__4850813 https://t1.contentgreat.com/c/d7japi8?c=0&po=&a=c55c7b6&p=000199_002849_60_2_23__4850813&s=199&st=339&f=4&sh=&ct=&w=&h=&isp=M247%20Europe%20SRL&callback_url={callbackurl}&xcl=mobrain_206393 https://go1.starklito.com/d7japi8?a=c55c7b6&c=0&callback_url=%7Bcallbackurl%7D&f=4&p=000199_002849_60_2_23__4850813&po=&s=199&sh=&st=339&xcl=mobrain_206393	0 0

GET H/1.1	200 OK	/ www.mobilegames.mobi/ Redirect Chain https://media.appm.app/click?pid=206&offer_id=54881&sub1=NCT_iphone_gb_ofid3614026_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat31_sub4_sub5&sub2=220813&sub3=id306310789&sub4= https://www.mobilegames.mobi/?sl=3793305-5d161&data1=Track1&data2=Track2&tag=&website=206&placement=220813	0 0	157ms 33ms	Stylesheet text/html	213.32.106.166 OVH
General Check archive.org Show headers Download Go to Full URL https://www.mobilegames.mobi/?sl=3793305-5d161&data1=Track1&data2=Track2&tag=&website=206&placement=220813 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.32.106.166 , France, ASN16276 (OVH, FR), Reverse DNS ip166.ip-213-32-106.eu Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Redirect headers date Tue, 07 Jan 2020 14:46:19 GMT referrer-policy no-referrer server nginx location https://www.mobilegames.mobi/?sl=3793305-5d161&data1=Track1&data2=Track2&tag=&website=206&placement=220813 content-type text/html; charset=utf-8 status 302 referer content-length 149
GET		click gowith.g2afse.com/	0 0

GET H2	200	click click.appmultiple.net/tracking/	0 83 B	1358ms 32ms	Stylesheet text/plain	35.244.190.228 Google LLC
General Check archive.org Show headers Download Go to Full URL https://click.appmultiple.net/tracking/click?clickid=NCT_iphone_gb_ofid3502369_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat33_sub4_sub5&trafficsource=1373692397&offerid=423534499326687230&pub_subid=220813_&sub_placement=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.244.190.228 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 228.190.244.35.bc.googleusercontent.com Software / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers status 200 date Tue, 07 Jan 2020 14:46:13 GMT via 1.1 google alt-svc clear x-powered-by Express content-length 0
GET		click mobee.g2afse.com/ Redirect Chain https://lambadapp.go2affise.com/click?pid=46&offer_id=2295788&sub1=NCT_iphone_gb_ofid3622033_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat34_sub4_sub5&sub2=220813_&sub3=id306310789 https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub1=&sub2=46_220813_	0 0

GET H2	200	id504597178 apps.apple.com/app/kapten/ Redirect Chain https://adcrate-solutions.go2affise.com/click?pid=23&offer_id=712086&sub1=NCT_iphone_gb_ofid3585846_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat35_sub4_sub5&sub2=_4850813&sub4=id306310789 https://aandb.g2afse.com/click?pid=2&offer_id=8777&sub1=5e1499c345190c0001eb6bb1&sub2=23__4850813&sub3=&sub4=id306310789 https://smartass.g2afse.com/click?pid=26&offer_id=626464&sub3=5e1499c3d37640000158fd00&sub2=2_23__4850813&sub4=&sub1=id306310789 https://sabiamedia.g2afse.com/click?pid=80&offer_id=647580&sub1=5e1499c39e508100010f61a9&sub2=26_2_23__4850813&sub3=&sub4=id306310789 https://ads.ad4game.com/www/delivery/dck.php?offerid=6036&zoneid=62941&subid2=5e1499c35d261c00018452a2&affid=80_26_2_23__4850813&idfa=&gaid= https://ads.ad4game.com/www/delivery/games.php?poolid=6036&zoneid=62941&subid2=5e1499c35d261c00018452a2&affid=80_26_2_23__4850813 https://apps.apple.com/app/kapten/id504597178	0 0	724ms 724ms	Stylesheet text/html	2a02:26f0:f1:188::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/app/kapten/id504597178 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f1:188::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers access-control-allow-origin * Redirect headers X-servername ads.ad4game.com\ 80\ 81 Pragma no-cache Date Tue, 07 Jan 2020 14:46:28 GMT Server nginx X-serveraddr 10.100.0.138 Transfer-Encoding chunked Content-Type text/html Location https://apps.apple.com/app/kapten/id504597178 Cache-Control no-cache, no-store, must-revalidate X-host ads.ad4game.com Connection close Expires 0
GET		click gowith.g2afse.com/	0 0

GET H2	429	click go2.enjoycpi.com/	0 0	3179ms 52ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://go2.enjoycpi.com/click?pid=813&offer_id=3616623&sub1=-1-1810870740&sub2=&sub3=affleppre_nat37&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET H2	200	click click.kanmobi.net/tracking/	0 83 B	1132ms 32ms	Stylesheet text/plain	35.241.13.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://click.kanmobi.net/tracking/click?clickid=NCT_iphone_gb_ofid3428724_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat38_sub4_sub5&trafficsource=1373671014&offerid=423352981660427341&pub_subid=220813&sub_placement=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.241.13.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.13.241.35.bc.googleusercontent.com Software / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers status 200 date Tue, 07 Jan 2020 14:46:13 GMT via 1.1 google alt-svc clear x-powered-by Express content-length 0
GET H2	200	click track.mobile-bt.com/tracking/	0 83 B	86ms 33ms	Stylesheet text/plain	35.190.65.191 Google LLC
General Check archive.org Show headers Download Go to Full URL https://track.mobile-bt.com/tracking/click?clickid=NCT_iphone_gb_ofid2680433_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat39_sub4_sub5&trafficsource=1373696474&offerid=422706203876341823&pub_subid=220813&sub_placement=id306310789_ Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.190.65.191 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 191.65.190.35.bc.googleusercontent.com Software / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers status 200 date Tue, 07 Jan 2020 14:46:11 GMT via 1.1 google alt-svc clear x-powered-by Express content-length 0
GET		click mobee.g2afse.com/ Redirect Chain https://lambadapp.go2affise.com/click?pid=46&offer_id=2293884&sub1=NCT_iphone_gb_ofid3621795_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat40_sub4_sub5&sub2=220813_&sub3=id306310789 https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub1=&sub2=46_220813_	0 0

GET H2	429	click go2.enjoycpi.com/	0 0	29ms 28ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://go2.enjoycpi.com/click?pid=813&offer_id=889019&sub1=-1-1810870740&sub2=&sub3=affleppre_nat10&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET H/1.1	200 OK	/ kobodo.co/ Redirect Chain https://go2.enjoycpi.com/click?pid=813&offer_id=3445889&sub1=-1-1810870740&sub2=&sub3=affleppre_nat11&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 https://kobodo.co/?rem	0 0	399ms 37ms	Stylesheet text/html	3.120.60.101 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://kobodo.co/?rem Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.60.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-3-120-60-101.eu-central-1.compute.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Redirect headers date Tue, 07 Jan 2020 14:46:15 GMT referrer-policy no-referrer server nginx location https://kobodo.co/?rem content-type text/html; charset=utf-8 status 302 referer content-length 45
GET H/1.1	200 OK	/ kobodo.co/ Redirect Chain https://go2.enjoycpi.com/click?pid=813&offer_id=825018&sub1=-1-1810870740&sub2=&sub3=affleppre_nat12&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 https://kobodo.co/?rem	0 0	37ms 37ms	Stylesheet text/html	3.120.60.101 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://kobodo.co/?rem Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.60.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-3-120-60-101.eu-central-1.compute.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Redirect headers date Tue, 07 Jan 2020 14:46:15 GMT referrer-policy no-referrer server nginx location https://kobodo.co/?rem content-type text/html; charset=utf-8 status 302 referer content-length 45
GET		click veepn.g2afse.com/	0 0

GET H2	200	disabled.html spykemedia.g2afse.com/ Redirect Chain https://gowith.g2afse.com/click?pid=141&offer_id=1525229&sub1=NCT_iphone_gb_ofid3424573_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat14_sub4_sub5&sub2=220813_&sub4=id306310789 https://trkrc.com/t/592903?A1=5e1499c36cea510001670d14&A5=141_220813_&A2=&A3=&A4=id306310789 https://spykemedia.g2afse.com/click?pid=199&offer_id=816945&sub1=11ea315c7c5307f08b6a0f1447716b1c_592903_56282&sub4=1931_141_220813_&sub3=NewsUK&sub2=1931_141_220813_&sub8=Timehop https://spykemedia.g2afse.com/disabled.html	0 0	28ms 28ms	Stylesheet text/html	213.227.134.204 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://spykemedia.g2afse.com/disabled.html Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.134.204 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Redirect headers status 302 date Tue, 07 Jan 2020 14:46:28 GMT server nginx content-length 37 location /disabled.html content-type text/html; charset=utf-8
GET		redirect mob.waveparadise.xyz/ Redirect Chain https://adcrate-solutions.go2affise.com/click?pid=23&offer_id=664519&sub1=NCT_iphone_gb_ofid2839761_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat19_sub4_sub5&sub2=_4850813&sub3=E49C14F3-7E22-4C3C... https://aandb.g2afse.com/click?pid=2&offer_id=1087&sub1=5e1499c4f456bd00018aaff3&sub2=23__4850813&sub3=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub4=id306310789 https://marlinads.g2afse.com/click?pid=60&offer_id=46&sub1=5e1499c4414ba00001aa7062&sub2=2_23__4850813&sub3=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306... https://track.hexcan.com/?aff_id=374320&offer_id=3253123&aff_sub=5e1499c415e01b0001238bcf&aff_sub2=60&idfa=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&Aff_sub3=5e1499c4414ba00001aa7062 https://mob.waveparadise.xyz/redirect?feed=184928&auth=ebuQy0&url=https%3A%2F%2Fglobalpost.top&subid=2_&query=https%3A%2F%2Fglobalpost.top&pub_clickid=bf321b3c4c9b627c02e24f71fe6ae32e	0 0

GET		l.php track1.surfthewave.xyz/	0 0

GET		click gowith.g2afse.com/	0 0

GET		redirect xml.blueparrot.media/	0 0

GET H2	403	1de4df78-33cb-3e1d-b4f0-6d8661439280 bestperforming.site/c/ Redirect Chain https://lambadapp.go2affise.com/click?pid=46&offer_id=1509103&sub1=NCT_iphone_gb_ofid2286301_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat22_sub4_sub5&sub2=220813_&sub3=id306310789 https://bestperforming.site/c/1de4df78-33cb-3e1d-b4f0-6d8661439280?pubid=46&pubid2=220813_&cid=5e1499c4e3170a000190726e	0 0	83ms 83ms	Stylesheet text/html	104.26.2.236 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://bestperforming.site/c/1de4df78-33cb-3e1d-b4f0-6d8661439280?pubid=46&pubid2=220813_&cid=5e1499c4e3170a000190726e Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.2.236 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Redirect headers date Tue, 07 Jan 2020 14:46:28 GMT referrer-policy no-referrer server nginx location https://bestperforming.site/c/1de4df78-33cb-3e1d-b4f0-6d8661439280?pubid=46&pubid2=220813_&cid=5e1499c4e3170a000190726e content-type text/html; charset=utf-8 status 302 referer content-length 150
GET H2	429	click go2.enjoycpi.com/	0 0	28ms 28ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://go2.enjoycpi.com/click?pid=813&offer_id=2982264&sub1=-1-1810870740&sub2=&sub3=affleppre_nat23&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET H/1.1	200 OK	/ kobodo.co/ Redirect Chain https://go2.enjoycpi.com/click?pid=813&offer_id=2357055&sub1=-1-1810870740&sub2=&sub3=affleppre_nat24&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 https://kobodo.co/?rem	0 0	38ms 37ms	Stylesheet text/html	3.120.60.101 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://kobodo.co/?rem Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.60.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-3-120-60-101.eu-central-1.compute.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Redirect headers date Tue, 07 Jan 2020 14:46:29 GMT referrer-policy no-referrer server nginx location https://kobodo.co/?rem content-type text/html; charset=utf-8 status 302 referer content-length 45
GET H/1.1	200 OK	/ kobodo.co/ Redirect Chain https://go2.enjoycpi.com/click?pid=813&offer_id=216422&sub1=-1-1810870740&sub2=&sub3=affleppre_nat25&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 https://kobodo.co/?rem	0 0	37ms 37ms	Stylesheet text/html	3.120.60.101 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://kobodo.co/?rem Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.60.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-3-120-60-101.eu-central-1.compute.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Redirect headers date Tue, 07 Jan 2020 14:46:29 GMT referrer-policy no-referrer server nginx location https://kobodo.co/?rem content-type text/html; charset=utf-8 status 302 referer content-length 45
GET		click thingortwo.g2afse.com/	0 0

GET		sl thingortwo.go2affise.com/	0 0

GET		redirect mob.waveparadise.xyz/ Redirect Chain https://track.hexcan.com/?aff_id=387191&offer_id=3350407&aff_sub=NCT_iphone_gb_ofid2508981_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat28_sub4_sub5&aff_sub2=220813_&aff_sub3=id306310789 https://mob.waveparadise.xyz/redirect?feed=184928&auth=ebuQy0&url=https%3A%2F%2Fglobalpost.top&subid=2_&query=https%3A%2F%2Fglobalpost.top&pub_clickid=7d094a7129b414c0e58e9c43d669d44f	0 0

GET		l.php track1.surfthewave.xyz/	0 0

GET		redirect mob.flamingmargarita.club/ Redirect Chain https://adcrate-solutions.go2affise.com/click?pid=23&offer_id=662300&sub1=NCT_iphone_gb_ofid2799361_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat30_sub4_sub5&sub2=_4850813&sub4=id306310789 https://aandb.g2afse.com/click?pid=2&offer_id=907&sub1=5e1499c5f456bd000127a281&sub2=23__4850813&sub3=&sub4=id306310789 https://marlinads.g2afse.com/click?pid=60&offer_id=3015&sub1=5e1499c5414ba00001aa833e&sub2=2_23__4850813&sub3=&sub4=&sub5=id306310789 https://go1.phoebemap.com/6mvwdo7?sid=5e1499c51743df00016ccae1&p=60_2_23__4850813&android_a_id=&idfa=&app_id=id306310789 https://t1.greatforwarding.com/c55c7b6?p=002849_60_2_23__4850813 https://t1.contentgreat.com/c/3101rca?c=0&po=&a=c55c7b6&p=000199_002849_60_2_23__4850813&s=199&st=339&f=4&sh=&ct=&w=&h=&isp=M247%20Europe%20SRL&callback_url={callbackurl}&xcl=mobrain_173222 https://go1.starklito.com/3101rca?a=c55c7b6&c=0&callback_url=%7Bcallbackurl%7D&f=4&p=000199_002849_60_2_23__4850813&po=&s=199&sh=&st=339&xcl=mobrain_173222 https://mob.flamingmargarita.club/redirect?feed=136105&auth=ebuQy0&url=https%3A%2F%2Fticktock.live&subid=364&subid2=000199_002849_60_2_23__4850813&query=2001071146a53ef8f3759063	0 0

GET		l.php track1.surfthewave.xyz/	0 0

GET		click gowith.g2afse.com/	0 0

GET		redirect xml.blueparrot.media/	0 0

GET		click mobee.g2afse.com/ Redirect Chain https://lambadapp.go2affise.com/click?pid=46&offer_id=2295788&sub1=NCT_iphone_gb_ofid3622033_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat34_sub4_sub5&sub2=220813_&sub3=id306310789 https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub1=&sub2=46_220813_	0 0

GET		redirect xml.blueparrot.media/	0 0

GET		click gowith.g2afse.com/	0 0

GET		redirect xml.blueparrot.media/	0 0

GET H2	429	click go2.enjoycpi.com/	0 0	34ms 34ms	Stylesheet text/html	213.227.135.229 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://go2.enjoycpi.com/click?pid=813&offer_id=3616623&sub1=-1-1810870740&sub2=&sub3=affleppre_nat37&sub4=E49C14F3-7E22-4C3C-BC21-0B49BFA75387&sub5=id306310789 Requested by Host: cpi-offers.com URL: https://cpi-offers.com/fantastic.html?size=0&red=0&ids=&lastid=&apid=813&info=affleppre&blockTime=026345&cid=-1-1810870740&sid=&udid=&name= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.227.135.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET		click mobee.g2afse.com/ Redirect Chain https://lambadapp.go2affise.com/click?pid=46&offer_id=2293884&sub1=NCT_iphone_gb_ofid3621795_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat40_sub4_sub5&sub2=220813_&sub3=id306310789 https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub1=&sub2=46_220813_	0 0

GET		redirect xml.blueparrot.media/	0 0

GET		toolbar onieruco.com/rnd/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trk.hoolopiniomaster.space
URL: https://trk.hoolopiniomaster.space/?sddtid=sdam21&sdpi=115&pdco=IRisju124Mda&pdos=112313&pducid=5e1499c3b10b4f00018d9b0e&pisc1=30&pssc2=30_23__4850813&pddo=id306310789&pdumid=

Domain: mob.waveparadise.xyz
URL: https://mob.waveparadise.xyz/redirect?feed=184928&auth=ebuQy0&url=https%3A%2F%2Fglobalpost.top&subid=2_&query=https%3A%2F%2Fglobalpost.top&pub_clickid=38d91fc48a3376d36828c12e22fc31e4

Domain: gowith.g2afse.com
URL: https://gowith.g2afse.com/click?pid=141&offer_id=1288752&sub1=NCT_iphone_gb_ofid2693455_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat21_sub4_sub5&sub2=220813_&sub4=id306310789

Domain: thingortwo.g2afse.com
URL: https://thingortwo.g2afse.com/click?pid=75&offer_id=7366&sub1=NCT_iphone_gb_ofid172696_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat26_sub4_sub5&sub2=75_4850813&sub3=&sub4=id306310789

Domain: mob.waveparadise.xyz
URL: https://mob.waveparadise.xyz/redirect?feed=184928&auth=ebuQy0&url=https%3A%2F%2Fglobalpost.top&subid=2_&query=https%3A%2F%2Fglobalpost.top&pub_clickid=30c84d44d17bafddb9f797f7211e687a

Domain: go1.starklito.com
URL: https://go1.starklito.com/d7japi8?a=c55c7b6&c=0&callback_url=%7Bcallbackurl%7D&f=4&p=000199_002849_60_2_23__4850813&po=&s=199&sh=&st=339&xcl=mobrain_206393

Domain: gowith.g2afse.com
URL: https://gowith.g2afse.com/click?pid=141&offer_id=1547102&sub1=NCT_iphone_gb_ofid3594405_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat32_sub4_sub5&sub2=220813_&sub4=id306310789

Domain: mobee.g2afse.com
URL: https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub1=&sub2=46_220813_

Domain: gowith.g2afse.com
URL: https://gowith.g2afse.com/click?pid=141&offer_id=1547107&sub1=NCT_iphone_gb_ofid3594375_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat36_sub4_sub5&sub2=220813_&sub4=id306310789

Domain: mobee.g2afse.com
URL: https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub1=&sub2=46_220813_

Domain: veepn.g2afse.com
URL: http://veepn.g2afse.com/click?pid=442&offer_id=22&sub1=5SSSa3GZ1eW4Q5ZHN7SSTY35Nzk4f3HwxNT7c4NDA54Mzg35fHw4M4zQ4M34x8MTE51fHwx5MTIzM8TM%3DEEE&sub2=0_&sub4=id306310789&sub5=

Domain: mob.waveparadise.xyz
URL: https://mob.waveparadise.xyz/redirect?feed=184928&auth=ebuQy0&url=https%3A%2F%2Fglobalpost.top&subid=2_&query=https%3A%2F%2Fglobalpost.top&pub_clickid=bf321b3c4c9b627c02e24f71fe6ae32e

Domain: track1.surfthewave.xyz
URL: http://track1.surfthewave.xyz/l.php?trf=m&portal=custom_53845yssl&d=5df76bfb5f5f901942306136&source=184928&pid=1849282_

Domain: gowith.g2afse.com
URL: https://gowith.g2afse.com/click?pid=141&offer_id=1288752&sub1=NCT_iphone_gb_ofid2693455_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat21_sub4_sub5&sub2=220813_&sub4=id306310789

Domain: xml.blueparrot.media
URL: http://xml.blueparrot.media/redirect?feed=221727&auth=9tpPZk&url=google.com

Domain: thingortwo.g2afse.com
URL: https://thingortwo.g2afse.com/click?pid=75&offer_id=7366&sub1=NCT_iphone_gb_ofid172696_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat26_sub4_sub5&sub2=75_4850813&sub3=&sub4=id306310789

Domain: thingortwo.go2affise.com
URL: http://thingortwo.go2affise.com/sl?id=5bffbf8000ca309f85166dd2&pid=106

Domain: mob.waveparadise.xyz
URL: https://mob.waveparadise.xyz/redirect?feed=184928&auth=ebuQy0&url=https%3A%2F%2Fglobalpost.top&subid=2_&query=https%3A%2F%2Fglobalpost.top&pub_clickid=7d094a7129b414c0e58e9c43d669d44f

Domain: track1.surfthewave.xyz
URL: http://track1.surfthewave.xyz/l.php?trf=m&portal=custom_53845yssl&d=5df76bfb5f5f901942306136&source=184928&pid=1849282_

Domain: mob.flamingmargarita.club
URL: https://mob.flamingmargarita.club/redirect?feed=136105&auth=ebuQy0&url=https%3A%2F%2Fticktock.live&subid=364&subid2=000199_002849_60_2_23__4850813&query=2001071146a53ef8f3759063

Domain: track1.surfthewave.xyz
URL: http://track1.surfthewave.xyz/l.php?trf=m&portal=custom_53845yssl&d=5df364f15f5f90064f562ec8&source=136105.364&pid=136105364

Domain: gowith.g2afse.com
URL: https://gowith.g2afse.com/click?pid=141&offer_id=1547102&sub1=NCT_iphone_gb_ofid3594405_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat32_sub4_sub5&sub2=220813_&sub4=id306310789

Domain: xml.blueparrot.media
URL: http://xml.blueparrot.media/redirect?feed=221727&auth=9tpPZk&url=google.com

Domain: mobee.g2afse.com
URL: https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub1=&sub2=46_220813_

Domain: xml.blueparrot.media
URL: http://xml.blueparrot.media/redirect?feed=221274&auth=9tpPZk&url=https://www.netflix.com&subid=4_46_220813_

Domain: gowith.g2afse.com
URL: https://gowith.g2afse.com/click?pid=141&offer_id=1547107&sub1=NCT_iphone_gb_ofid3594375_pid813_sub1-1-1810870740_sub2_sub3affleppre_nat36_sub4_sub5&sub2=220813_&sub4=id306310789

Domain: xml.blueparrot.media
URL: http://xml.blueparrot.media/redirect?feed=221727&auth=9tpPZk&url=google.com

Domain: mobee.g2afse.com
URL: https://mobee.g2afse.com/click?pid=4&offer_id=876454&sub1=&sub2=46_220813_

Domain: xml.blueparrot.media
URL: http://xml.blueparrot.media/redirect?feed=221274&auth=9tpPZk&url=https://www.netflix.com&subid=4_46_220813_

Domain: onieruco.com
URL: http://onieruco.com/rnd/toolbar?zmlj=4Cq0yFf%2FZw4ygYl5agJv1KU9Jm8%2F7gYOw3GGpqkDJhI%3D

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21243.recycling.io
aandb.g2afse.com
adcrate-solutions.go2affise.com
ads.ad4game.com
apps.apple.com
apptastic.g2afse.com
bestperforming.site
c.apptrk.io
click.alphamob.pl
click.appmultiple.net
click.clickmara.com
click.kanmobi.net
clicks.rtad.io
cpi-offers.com
go1.starklito.com
go2.enjoycpi.com
gowith.g2afse.com
itunes.apple.com
kobodo.co
lambadapp.go2affise.com
marlinads.g2afse.com
media.appm.app
mob.flamingmargarita.club
mob.waveparadise.xyz
mobee.g2afse.com
o5o4o6.com
onieruco.com
onlinish.com
sabiamedia.g2afse.com
smartass.g2afse.com
spradit.go2affise.com
spykemedia.g2afse.com
srv6.feed-apps.com
thingortwo.g2afse.com
thingortwo.go2affise.com
track.hexcan.com
track.mobile-bt.com
track1.surfthewave.xyz
trk.hoolopiniomaster.space
trk.keepfollowthelight.online
trkrc.com
veepn.g2afse.com
www.mobilegames.mobi
xml.blueparrot.media
go1.starklito.com
gowith.g2afse.com
mob.flamingmargarita.club
mob.waveparadise.xyz
mobee.g2afse.com
onieruco.com
thingortwo.g2afse.com
thingortwo.go2affise.com
track1.surfthewave.xyz
trk.hoolopiniomaster.space
veepn.g2afse.com
xml.blueparrot.media
104.26.2.236
104.31.67.13
148.251.136.142
192.207.255.147
213.227.134.200
213.227.134.204
213.227.134.238
213.227.135.207
213.227.135.211
213.227.135.213
213.227.135.229
213.227.156.13
213.32.106.166
2606:4700:e6::ac40:c81b
2a02:26f0:f1:188::2a1
3.120.60.101
3.122.11.19
35.190.35.33
35.190.57.20
35.190.65.191
35.190.77.108
35.241.13.125
35.244.168.88
35.244.190.228
54.77.13.95
84.110.46.74
88.198.53.171
24fdf870016a6cc30e10f383d8fedf83175d784c3d735e9cc7f396a2c9169e8a
32bc65c82b3dde0447bb4f5a47c6b391dc15f4dc47d17837c050c221d2e90126
d7ba5fc0384ab15cd0377651d44ca3944c75e1c0935f4fcdcf4aac8beb118c19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cpi-offers.com Open in urlscan Pro 3.122.11.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

57 %HTTPS

7 %IPv6

31 Domains

44 Subdomains

18 IPs

7 Countries

3 kBTransfer

9 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cpi-offers.com Open in urlscan Pro
3.122.11.19 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

57 %
HTTPS

7 %
IPv6

31
Domains

44
Subdomains

18
IPs

7
Countries

3 kB
Transfer

9 kB
Size

0
Cookies

70 HTTP transactions
0 data transactions