Submitted URL: http://d.billypubcontent.com/l/26592355e383b7147bac?sub=30-150-100-522938-3304-1581516470&source=&c_click_id=30-150-100-52293...
Effective URL: https://offers.vaniacozzolino.com/?utm_term=6792578395973615871&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb888...
Submission: On February 12 via api from CA

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 8 HTTP transactions. The main IP is 99.198.106.197, located in Chicago, United States and belongs to SINGLEHOP-LLC, US. The main domain is offers.vaniacozzolino.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 6th 2020. Valid for: 3 months.
This is the only time offers.vaniacozzolino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 62.212.87.141 60781 (LEASEWEB-...)
1 2 213.32.106.170 16276 (OVH)
2 3 99.198.108.194 32475 (SINGLEHOP...)
1 205.147.93.131 393676 (ZENEDGE)
1 1 94.23.206.47 16276 (OVH)
2 99.198.106.197 32475 (SINGLEHOP...)
8 6
Domain Requested by
3 trk.platiniumlink.com 2 redirects www.mobilegames.mobi
3 d.billypubcontent.com 1 redirects d.billypubcontent.com
2 offers.vaniacozzolino.com minently.com
offers.vaniacozzolino.com
2 www.mobilegames.mobi 1 redirects d.billypubcontent.com
1 go-rillatrack.com minently.com
1 minently.com trk.platiniumlink.com
8 6

This site contains no links.

Subject Issuer Validity Valid
www.mobilegames.mobi
Let's Encrypt Authority X3
2020-01-09 -
2020-04-08
3 months crt.sh
trk.platiniumlink.com
Let's Encrypt Authority X3
2020-01-08 -
2020-04-07
3 months crt.sh
minently.com
Let's Encrypt Authority X3
2019-12-11 -
2020-03-10
3 months crt.sh
offers.vaniacozzolino.com
Let's Encrypt Authority X3
2020-02-06 -
2020-05-06
3 months crt.sh

This page contains 1 frames:

Primary Page: https://offers.vaniacozzolino.com/?utm_term=6792578395973615871&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
Frame ID: F482D3D83791E44F08658E943F628079
Requests: 8 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://d.billypubcontent.com/l/26592355e383b7147bac?sub=30-150-100-522938-3304-1581516470&source=&c_click... Page URL
  2. http://d.billypubcontent.com/l/26592355e383b7147bac?sub=30-150-100-522938-3304-1581516470&source=&c_click... HTTP 302
    http://d.billypubcontent.com/gw?sub=30-150-100-522938-3304-1581516470&source=Unknown&url=https%3A%2F%2Fww... Page URL
  3. https://www.mobilegames.mobi/?sl=3792822-2d5f6&tag=bmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6c... Page URL
  4. https://www.mobilegames.mobi/?sl=3792822-2d5f6&tag=bmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6c... HTTP 302
    https://trk.platiniumlink.com/?utm_medium=a7811c4e58af813ce62c923c0ccb27776d8b391a&utm_campaign=DesktopMai... HTTP 302
    https://trk.platiniumlink.com/?utm_term=6792578374498779463&clickverify=1 Page URL
  5. https://trk.platiniumlink.com/proc.php?6ae97aa40c7472939b7ee10387696aca09ecee9f HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_... Page URL
  6. http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lNL20CKZ10909... HTTP 302
    https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=15785... Page URL
  7. https://offers.vaniacozzolino.com/?utm_term=6792578395973615871&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

8
Requests

63 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

27 kB
Transfer

60 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://d.billypubcontent.com/l/26592355e383b7147bac?sub=30-150-100-522938-3304-1581516470&source=&c_click_id=30-150-100-522938-3304-1581516470 Page URL
  2. http://d.billypubcontent.com/l/26592355e383b7147bac?sub=30-150-100-522938-3304-1581516470&source=&c_click_id=30-150-100-522938-3304-1581516470&code=11Y3VvBDU6Pjg9Ozo.RUFFP0EAdHRmBW51B35ufAw.Qw54dGECMzQEdXJ7CVVzeYGFLodINmA4NwR5aW8JCXOCDT5EP0AAamoENTc2NwhqgQw9Qz4-EGFpAzQ2NTYHfIMLOEI9DnGFaWUDA2dwawg5CW12bw4.D39yb3YEBHt0awlQeXpzeXMvWW5kMANseGxqCX18gHENdIF9AWdjb3dqBnxpCld6hnZ6e3EvNjAzJC1TaGtyeH97gHZKMElvdmhwJVNoaylZXixlLkBAXzI2YjkuJkh4eXZwY3JwWnl0MDc2OzM5PSgxVVNgWlo7MGxqbWgkTGtqc3gzK091gH59ZTA5NzI1NDo-O0M5PUNHL2NhZ2N1bTQ7Oj83PUEMboQQSABlbwQ0BWc7Owo6Oz09Pj8QYTU2BDQ1BnpuCjo7PD0OdXYBMjMzBGhuawk5CnF4gw91cWx0ZwNnbXMIODo7C3h7dRBBMDEyA3d5eG4JOjo8PT4-PxBvdGVzeQYGd3ptfYBuDkA-QDMxMzM7BWt9dHcLPj8NgHR2AQF0ZWdoBzg4Oz88PUJBD3NudXIEBHx0dAkJgXJ4gw8-EGNlaQQ1NjY3ODk6Ozw9PkBBMDEyMzU2Nzg5Ojs7PT4-P0EwMjI0NTY2ODk6Ozw9Pj5AQTEyMzQ1Njc4OTo7PD09Pz9BAGRreAU2Nzg5Ojs8PT4-QEExMTM0NDY2ODk6OzwMhIODEXcvWzlaW0F.Nns.eXp7fEqHLm02cXJzdEJ-N35BgUiFPVVLbjpZBHBydW8Kb3k5YmEPgnR1AzMEcWd2CQlyd38OPg9.dAIzNDQ2Nzg4OToLg3EPQEExYzQDZ3d.CAh8bW8NP0IPg3BlAzU4BWp3ego7C3pwchBBMAFvd3QGNzw_&_tdf=20 HTTP 302
    http://d.billypubcontent.com/gw?sub=30-150-100-522938-3304-1581516470&source=Unknown&url=https%3A%2F%2Fwww.mobilegames.mobi%2F%3Fsl%3D3792822-2d5f6%26tag%3Dbmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4%26website%3D133231%26placement%3DUnknown&vId=bmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4&hash=26592355e383b7147bac&ete=true Page URL
  3. https://www.mobilegames.mobi/?sl=3792822-2d5f6&tag=bmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4&website=133231&placement=Unknown Page URL
  4. https://www.mobilegames.mobi/?sl=3792822-2d5f6&tag=bmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4&website=133231&placement=Unknown&eyeg=f8e1bfcce4c16b554d33edd06ef5f312&eyer=0.27467210039382217&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=d.billypubcontent.com HTTP 302
    https://trk.platiniumlink.com/?utm_medium=a7811c4e58af813ce62c923c0ccb27776d8b391a&utm_campaign=DesktopMainAgg2019&cid=68006000012099664170212-202002-b7ca1b9563&1=2292 HTTP 302
    https://trk.platiniumlink.com/?utm_term=6792578374498779463&clickverify=1 Page URL
  5. https://trk.platiniumlink.com/proc.php?6ae97aa40c7472939b7ee10387696aca09ecee9f HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6792578374498779463&ext1=615 Page URL
  6. http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lNL20CKZ10909d80007PS002MZ0XHIX03DSRKH01U503DSR00000000&source=157851&data1=0DHeCGOaiQq28lG_HymJ HTTP 302
    https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5e44160e9814294e64273168 Page URL
  7. https://offers.vaniacozzolino.com/?utm_term=6792578395973615871&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://d.billypubcontent.com/l/26592355e383b7147bac?sub=30-150-100-522938-3304-1581516470&source=&c_click_id=30-150-100-522938-3304-1581516470&code=11Y3VvBDU6Pjg9Ozo.RUFFP0EAdHRmBW51B35ufAw.Qw54dGECMzQEdXJ7CVVzeYGFLodINmA4NwR5aW8JCXOCDT5EP0AAamoENTc2NwhqgQw9Qz4-EGFpAzQ2NTYHfIMLOEI9DnGFaWUDA2dwawg5CW12bw4.D39yb3YEBHt0awlQeXpzeXMvWW5kMANseGxqCX18gHENdIF9AWdjb3dqBnxpCld6hnZ6e3EvNjAzJC1TaGtyeH97gHZKMElvdmhwJVNoaylZXixlLkBAXzI2YjkuJkh4eXZwY3JwWnl0MDc2OzM5PSgxVVNgWlo7MGxqbWgkTGtqc3gzK091gH59ZTA5NzI1NDo-O0M5PUNHL2NhZ2N1bTQ7Oj83PUEMboQQSABlbwQ0BWc7Owo6Oz09Pj8QYTU2BDQ1BnpuCjo7PD0OdXYBMjMzBGhuawk5CnF4gw91cWx0ZwNnbXMIODo7C3h7dRBBMDEyA3d5eG4JOjo8PT4-PxBvdGVzeQYGd3ptfYBuDkA-QDMxMzM7BWt9dHcLPj8NgHR2AQF0ZWdoBzg4Oz88PUJBD3NudXIEBHx0dAkJgXJ4gw8-EGNlaQQ1NjY3ODk6Ozw9PkBBMDEyMzU2Nzg5Ojs7PT4-P0EwMjI0NTY2ODk6Ozw9Pj5AQTEyMzQ1Njc4OTo7PD09Pz9BAGRreAU2Nzg5Ojs8PT4-QEExMTM0NDY2ODk6OzwMhIODEXcvWzlaW0F.Nns.eXp7fEqHLm02cXJzdEJ-N35BgUiFPVVLbjpZBHBydW8Kb3k5YmEPgnR1AzMEcWd2CQlyd38OPg9.dAIzNDQ2Nzg4OToLg3EPQEExYzQDZ3d.CAh8bW8NP0IPg3BlAzU4BWp3ego7C3pwchBBMAFvd3QGNzw_&_tdf=20 HTTP 302
  • http://d.billypubcontent.com/gw?sub=30-150-100-522938-3304-1581516470&source=Unknown&url=https%3A%2F%2Fwww.mobilegames.mobi%2F%3Fsl%3D3792822-2d5f6%26tag%3Dbmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4%26website%3D133231%26placement%3DUnknown&vId=bmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4&hash=26592355e383b7147bac&ete=true
Request Chain 3
  • https://www.mobilegames.mobi/?sl=3792822-2d5f6&tag=bmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4&website=133231&placement=Unknown&eyeg=f8e1bfcce4c16b554d33edd06ef5f312&eyer=0.27467210039382217&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=d.billypubcontent.com HTTP 302
  • https://trk.platiniumlink.com/?utm_medium=a7811c4e58af813ce62c923c0ccb27776d8b391a&utm_campaign=DesktopMainAgg2019&cid=68006000012099664170212-202002-b7ca1b9563&1=2292 HTTP 302
  • https://trk.platiniumlink.com/?utm_term=6792578374498779463&clickverify=1
Request Chain 4
  • https://trk.platiniumlink.com/proc.php?6ae97aa40c7472939b7ee10387696aca09ecee9f HTTP 302
  • https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6792578374498779463&ext1=615
Request Chain 6
  • http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lNL20CKZ10909d80007PS002MZ0XHIX03DSRKH01U503DSR00000000&source=157851&data1=0DHeCGOaiQq28lG_HymJ HTTP 302
  • https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5e44160e9814294e64273168

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
26592355e383b7147bac
d.billypubcontent.com/l/
36 KB
12 KB
Document
General
Full URL
http://d.billypubcontent.com/l/26592355e383b7147bac?sub=30-150-100-522938-3304-1581516470&source=&c_click_id=30-150-100-522938-3304-1581516470
Protocol
HTTP/1.1
Server
62.212.87.141 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a

Request headers

Host
d.billypubcontent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Wed, 12 Feb 2020 15:13:14 GMT
Content-Type
text/html
Last-Modified
Tue, 20 Aug 2019 14:25:14 GMT
Transfer-Encoding
chunked
ETag
W/"5d5c02ca-8fdd"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Content-Encoding
gzip
gw
d.billypubcontent.com/
Redirect Chain
  • http://d.billypubcontent.com/l/26592355e383b7147bac?sub=30-150-100-522938-3304-1581516470&source=&c_click_id=30-150-100-522938-3304-1581516470&code=11Y3VvBDU6Pjg9Ozo.RUFFP0EAdHRmBW51B35ufAw.Qw54dGE...
  • http://d.billypubcontent.com/gw?sub=30-150-100-522938-3304-1581516470&source=Unknown&url=https%3A%2F%2Fwww.mobilegames.mobi%2F%3Fsl%3D3792822-2d5f6%26tag%3Dbmconv_20200212161314_acfd2537_fdb3_46f0_...
1 KB
1 KB
Document
General
Full URL
http://d.billypubcontent.com/gw?sub=30-150-100-522938-3304-1581516470&source=Unknown&url=https%3A%2F%2Fwww.mobilegames.mobi%2F%3Fsl%3D3792822-2d5f6%26tag%3Dbmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4%26website%3D133231%26placement%3DUnknown&vId=bmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4&hash=26592355e383b7147bac&ete=true
Requested by
Host: d.billypubcontent.com
URL: http://d.billypubcontent.com/l/26592355e383b7147bac?sub=30-150-100-522938-3304-1581516470&source=&c_click_id=30-150-100-522938-3304-1581516470
Protocol
HTTP/1.1
Server
62.212.87.141 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e13ed77dfeaa6337766a94370d26a84f27097e38ef8aeb897f3cdcb5a39e2b4b

Request headers

Host
d.billypubcontent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://d.billypubcontent.com/l/26592355e383b7147bac?sub=30-150-100-522938-3304-1581516470&source=&c_click_id=30-150-100-522938-3304-1581516470
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
BSESSID=trk53bf905b-5d9c-426d-acc6-60a10e9518db
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://d.billypubcontent.com/l/26592355e383b7147bac?sub=30-150-100-522938-3304-1581516470&source=&c_click_id=30-150-100-522938-3304-1581516470

Response headers

Server
nginx
Date
Wed, 12 Feb 2020 15:13:14 GMT
Content-Type
text/html
Last-Modified
Fri, 05 Jul 2019 14:59:57 GMT
Transfer-Encoding
chunked
ETag
W/"5d1f65ed-589"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Content-Encoding
gzip

Redirect headers

Location
//d.billypubcontent.com/gw?sub=30-150-100-522938-3304-1581516470&source=Unknown&url=https%3A%2F%2Fwww.mobilegames.mobi%2F%3Fsl%3D3792822-2d5f6%26tag%3Dbmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4%26website%3D133231%26placement%3DUnknown&vId=bmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4&hash=26592355e383b7147bac&ete=true
Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate
Pragma
no-cache
Set-Cookie
BSESSID=trk53bf905b-5d9c-426d-acc6-60a10e9518db; Max-Age=63072000; Expires=Fri, 11 Feb 2022 15:13:14 GMT; Path=/
Connection
close
/
www.mobilegames.mobi/
5 KB
5 KB
Document
General
Full URL
https://www.mobilegames.mobi/?sl=3792822-2d5f6&tag=bmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4&website=133231&placement=Unknown
Requested by
Host: d.billypubcontent.com
URL: http://d.billypubcontent.com/l/26592355e383b7147bac?sub=30-150-100-522938-3304-1581516470&source=Unknown&url=https%3A%2F%2Fwww.mobilegames.mobi%2F%3Fsl%3D3792822-2d5f6%26tag%3Dbmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4%26website%3D133231%26placement%3DUnknown&vId=bmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4&hash=26592355e383b7147bac&ete=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.32.106.170 , France, ASN16276 (OVH, FR),
Reverse DNS
ip170.ip-213-32-106.eu
Software
openresty /
Resource Hash
420820b0ad6d04138143a820f24fdc60e566021d5f1d28ac06aaff447c9b212a

Request headers

Host
www.mobilegames.mobi
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
http://d.billypubcontent.com/l/26592355e383b7147bac?sub=30-150-100-522938-3304-1581516470&source=Unknown&url=https%3A%2F%2Fwww.mobilegames.mobi%2F%3Fsl%3D3792822-2d5f6%26tag%3Dbmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4%26website%3D133231%26placement%3DUnknown&vId=bmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4&hash=26592355e383b7147bac&ete=true
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
http://d.billypubcontent.com/l/26592355e383b7147bac?sub=30-150-100-522938-3304-1581516470&source=Unknown&url=https%3A%2F%2Fwww.mobilegames.mobi%2F%3Fsl%3D3792822-2d5f6%26tag%3Dbmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4%26website%3D133231%26placement%3DUnknown&vId=bmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4&hash=26592355e383b7147bac&ete=true

Response headers

Server
openresty
Date
Wed, 12 Feb 2020 15:13:14 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
/
trk.platiniumlink.com/
Redirect Chain
  • https://www.mobilegames.mobi/?sl=3792822-2d5f6&tag=bmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4&website=133231&placement=Unknown&eyeg=f8e1bfcce4c16b554d33edd06ef5f312&eyer=0.274672100...
  • https://trk.platiniumlink.com/?utm_medium=a7811c4e58af813ce62c923c0ccb27776d8b391a&utm_campaign=DesktopMainAgg2019&cid=68006000012099664170212-202002-b7ca1b9563&1=2292
  • https://trk.platiniumlink.com/?utm_term=6792578374498779463&clickverify=1
9 KB
3 KB
Document
General
Full URL
https://trk.platiniumlink.com/?utm_term=6792578374498779463&clickverify=1
Requested by
Host: www.mobilegames.mobi
URL: https://www.mobilegames.mobi/?sl=3792822-2d5f6&tag=bmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4&website=133231&placement=Unknown
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.194 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
trk.platiniumlink.com
:scheme
https
:path
/?utm_term=6792578374498779463&clickverify=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
u=4bf76b84eca81ed18fcb07371067784d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://www.mobilegames.mobi/?sl=3792822-2d5f6&tag=bmconv_20200212161314_acfd2537_fdb3_46f0_a3ad_ca5e1c6cfcf4&website=133231&placement=Unknown

Response headers

status
200
server
nginx
date
Wed, 12 Feb 2020 15:13:15 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Redirect headers

status
302
server
nginx
date
Wed, 12 Feb 2020 15:13:15 GMT
content-type
text/html; charset=UTF-8
location
https://trk.platiniumlink.com/?utm_term=6792578374498779463&clickverify=1
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=4bf76b84eca81ed18fcb07371067784d; expires=Thu, 11-Feb-2021 15:13:15 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e
minently.com/RnSda/rDN3/ojdn/
Redirect Chain
  • https://trk.platiniumlink.com/proc.php?6ae97aa40c7472939b7ee10387696aca09ecee9f
  • https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6792578374498779463&ext1=615
6 KB
4 KB
Document
General
Full URL
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6792578374498779463&ext1=615
Requested by
Host: trk.platiniumlink.com
URL: https://trk.platiniumlink.com/?utm_term=6792578374498779463&clickverify=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.147.93.131 , United States, ASN393676 (ZENEDGE, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
9206dd5fcf877f8f97ddf5ed1630f695a9df3de33aea498dcaebafd4b9109469
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

:method
GET
:authority
minently.com
:scheme
https
:path
/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6792578374498779463&ext1=615
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://trk.platiniumlink.com/?utm_term=6792578374498779463&clickverify=1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://trk.platiniumlink.com/?utm_term=6792578374498779463&clickverify=1#

Response headers

status
200
content-type
text/html;charset=utf-8
expires
Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
date
Wed, 12 Feb 2020 15:13:18 GMT
content-encoding
gzip
vary
Accept-Encoding Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status
NOTCACHED
x-zen-fury
8b68720504d6e5cfa41c41f99e5444c428727b0d
set-cookie
MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=7530da964e7d6f099da49943df3851ff_1581520398.7484; domain=minently.com; path=/; expires=Sat, 09-Feb-2030 15:13:18 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1581520398.7525; domain=minently.com; path=/; expires=Sat, 09-Feb-2030 15:13:18 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3VU95ZjFheGpEYnM1VnAzeVJ4VlArQmsxUUVBWXd0bm9vMitUQll0a016dQ%3D%3D; domain=minently.com; path=/; expires=Sat, 09-Feb-2030 15:13:18 UTC; Secure 7530da964e7d6f099da49943df3851ff_1581520398.7484_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bGwza3U5VWdtZDNxV1dFdzd0M0xJNkc5T05zYkFZVGs2eE1CL0pQVlF5NnU5amRJdklpeVo5Z1hTOStIOTl5NFZlMnRhT1VJNFRHZ0tWd3o2M05JbTBvSkpGZG1Rdmo1bENBRWxGK092bHk2YVNZdVQxcmlaYkdTZFJneWZ6ZWNaaDFiNzhORUxFMHJEM1dxNldCRDJvc1Nsc0VhVlpGWHdkQkNEZWZxR1R3MzQzN2c3amFPWlVKdWhjRGRyMzh3UW5pVzJWQXRseVc1VXloeXFGTFVCdmN4WGkxeUxCODAxT0pGc3U2aDdYMHVQay9uRVY4WFhMZ3l5QnQ3eWFXUFRRUlFtck92cys5YUpNMWpTdHg3bU4zNDI2VGRLbGxaRHEzR3RLU1JTenBSRlFUSE1sL2ZhSTF4a2kvOGx4aDZ6UGQ5bTNoeVZkZnYwQjlWMFZHZ21hY2FBUit3bDZGOWRQS3BjQnlQdXZJMGc4a1A3ZVZ0clB4VExwZytmcnBJZDJGNnkvREhacVZyYVRlUExqNDZNYitWR3R2NG80M0IwYzRwNHZUREJwU2Z3QWdGWlMxa0prUWkxOHZZRnpaVFFabThLcEhvcTZSM1RCRnUyanc0c3lPc1drNEFSSStqUHMxcG5BUGFmZnNiY3huZmJjYkhmVmtGcGd2RGR6ZDB6dmdvc05XSnN2VG1TZzR1dmlkNUJ0dTk1alo3N3NGVlZhcDRCb215ODZjQ29NTVZGU0VNNi8vK25xdnVLblNJKzlyUVRHNHNIcTRjeDdLMktuc1lXZlA1ZGFTeG9iVTBpQmVjMDZEN2hSd2g2UkFNd1NNZnBMQ1ZuYmZQdEEwVzBUbFh1SFZTcG1qSFdhcDRIUUZHaFZyYk85dDRqVzdqMTNlOE9iRVd3SlJCcnRWRzE2c0hpdXpoMDNPYXlzbjR0SThySTNkSXJCMXJEb1lwOWZpNEZ3eVA1dXoyTHFwUklzaXV4RXN1R0h4cVpUaUtlUU1KR05Qei8vM1hDd0hZWmtkd2JnY096OWtSUmF5K1Q5NFJDbnBobC9XY1ZLMXlicmpzVC9jd1UzUW02SUhsWUNKTnRUcS9tOENEMWNJYXpUOUgrczlOaXNodmpDcHRmSm5oZG5YSmtWQjhRaG9uL3hjbFQ5MHlUUFM0VjZYczNhUVo2TnNFNTZMKzFoV2d1bmpTY0JLbEIyelBsTkFFWGlRMXlzUUlyVXJ2TjJDR2Zuc0s2dWd0Yk8wY3hHanB6Zmh2RDdDV3ZhbFlibURSbmFSTUMzQ281OTJML2RiT2lPZDdPeXNKalJJOWVjMnpZRHFPMENobVJwZw%3D%3D; domain=minently.com; path=/; expires=Sat, 09-Feb-2030 15:13:18 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=T1pLelYyQVF0Y05aWXJDZUt3Vjh0R254SllOZ28rTjMwRzAza2RqUFpvazdTZ2xmNGplZEdVVjNvMTkzeUZRZUJIZ3BraksvRXg2WGVCOWRQMEIvQmZDRFVaYmdJMVlDY0piM1J0WVlvNzg9; domain=minently.com; path=/; expires=Wed, 12-Feb-2020 16:18:18 UTC; Secure SERVERID=sfc52; path=/
server
ZENEDGE
x-cdn
Served-By-Zenedge

Redirect headers

status
302
server
nginx
date
Wed, 12 Feb 2020 15:13:15 GMT
content-type
text/html; charset=UTF-8
location
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6792578374498779463&ext1=615
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
b.php
go-rillatrack.com/
0
0

/
offers.vaniacozzolino.com/
Redirect Chain
  • http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lNL20CKZ10909d80007PS002MZ0XHIX03DSRKH01U503DSR00000000&source=157851&data1=0DHeCGOaiQq28lG_HymJ
  • https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5e44160e9814294e64273168
3 KB
2 KB
Document
General
Full URL
https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5e44160e9814294e64273168
Requested by
Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6792578374498779463&ext1=615
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.106.197 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
0a2f51e6cfde1e7f84b7e6341879cb4091e8a8ca03382f328cde2c0fa355019c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
offers.vaniacozzolino.com
:scheme
https
:path
/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5e44160e9814294e64273168
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://minently.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://minently.com/RnSda/rDN3/uSJk/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e/_jM36KNxxBGQcREmK_LyGasMcJK8E2E?ori=52x&ex=6&pbi=5e44160ebcc182.982615425

Response headers

status
200
server
nginx
date
Wed, 12 Feb 2020 15:13:20 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=520ed55ecfcf6970eee0e20208919e22; expires=Thu, 11-Feb-2021 15:13:20 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 12 Feb 2020 15:13:18 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Round
5c6b12d41e26dc53cb2c4efe
Raund
108dviiloa
Location
https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5e44160e9814294e64273168
Primary Request /
offers.vaniacozzolino.com/
726 B
726 B
Document
General
Full URL
https://offers.vaniacozzolino.com/?utm_term=6792578395973615871&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
Requested by
Host: offers.vaniacozzolino.com
URL: https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5e44160e9814294e64273168
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.106.197 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
98f0878eecf3461e71fb3db8960e90c0d04c8fbc56dee10e32e24067c1cf832e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
offers.vaniacozzolino.com
:scheme
https
:path
/?utm_term=6792578395973615871&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5e44160e9814294e64273168
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
u=520ed55ecfcf6970eee0e20208919e22
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5e44160e9814294e64273168

Response headers

status
200
server
nginx
date
Wed, 12 Feb 2020 15:13:20 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
go-rillatrack.com
URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lNL20CKZ10909d80007PS002MZ0XHIX03DSRKH01U503DSR00000000&source=157851&data1=0DHeCGOaiQq28lG_HymJ&

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| next

1 Cookies

Domain/Path Name / Value
offers.vaniacozzolino.com/ Name: u
Value: 520ed55ecfcf6970eee0e20208919e22