urlscan.io logo urlscan.io
SecurityTrails logo

moviesmale.com Open in urlscan Pro
213.174.132.218  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://traffic.tc-clicks.com/?p=9968&media_type=mainstream&pi=mainstream_popunder&source_type=popunder&click_id=4248e974-5889...
Effective URL: http://moviesmale.com/free.shtml
Submission: On February 26 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 11 HTTP transactions. The main IP is 213.174.132.218, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is moviesmale.com.
This is the only time moviesmale.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 188.40.16.23 24940 (HETZNER-AS)
1 1 94.23.206.47 16276 (OVH)
1 3 99.198.106.197 32475 (SINGLEHOP...)
1 205.147.93.131 393676 (ZENEDGE)
2 4 35.168.149.183 14618 (AMAZON-AES)
2 4 147.135.243.181 16276 (OVH)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 213.174.132.218 39572 (ADVANCEDH...)
11 7
1    188.40.16.23 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.23.16.40.188.clients.your-server.de
traffic.tc-clicks.com
1    94.23.206.47 (France)

ASN16276 (OVH, FR)
PTR: ns3099792.ip-94-23-206.eu
go-rillatrack.com
3    99.198.106.197 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
offers.vaniacozzolino.com
1    205.147.93.131 (United States)

ASN393676 (ZENEDGE, US)
minently.com
4    35.168.149.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-149-183.compute-1.amazonaws.com
getad.xyz
ps.popcash.net
4    147.135.243.181 (Netherlands)

ASN16276 (OVH, FR)
PTR: ip181.ip-147-135-243.eu
core.royalads.net
1    2606:4700:20::681a:3bc (United States)

ASN13335 (CLOUDFLARENET, US)
popcash.net
1    213.174.132.218 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
moviesmale.com
Domain Requested by
4 core.royalads.net 2 redirects getad.xyz
ps.popcash.net
3 offers.vaniacozzolino.com 1 redirects offers.vaniacozzolino.com
2 ps.popcash.net 1 redirects core.royalads.net
2 getad.xyz minently.com
1 moviesmale.com core.royalads.net
1 popcash.net 1 redirects
1 minently.com offers.vaniacozzolino.com
1 go-rillatrack.com 1 redirects
1 traffic.tc-clicks.com
0 www.new-young-boys.com Failed
11 10

This site contains no links.

Subject Issuer Validity Valid
tc-clicks.com
Let's Encrypt Authority X3		 2020-01-24 -
2020-04-23		 3 months crt.sh
offers.vaniacozzolino.com
Let's Encrypt Authority X3		 2020-02-06 -
2020-05-06		 3 months crt.sh
minently.com
Let's Encrypt Authority X3		 2019-12-11 -
2020-03-10		 3 months crt.sh

This page contains 1 frames:

Frame: http://www.new-young-boys.com/out.shtml
Frame ID: 6B086F7828B55A7B81710C8822E220CA
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://traffic.tc-clicks.com/?p=9968&media_type=mainstream&pi=mainstream_popunder&source_type=popunder&cl... Page URL
  2. http://go-rillatrack.com/b.php?trf=m&p=custom_trafficompany&d=5caf619098142974e1094aa0&pid=5lywz14x7d... HTTP 302
    https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=9968&... Page URL
  3. https://offers.vaniacozzolino.com/?utm_term=6797731214267515111&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  4. https://offers.vaniacozzolino.com/proc.php?7a65c16402a7291ace8c871ede01dc1a886c1923 HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_... Page URL
  5. http://getad.xyz/go/216668/456926 Page URL
  6. http://getad.xyz/ad/ad?p=216668&w=456926&t=22861a4868fbfbab&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5... HTTP 303
    http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926 Page URL
  7. http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926&ref=http%3A%2F%2Fge... HTTP 302
    http://popcash.net/world/go/79141/465699 HTTP 301
    http://ps.popcash.net/go/79141/465699 Page URL
  8. http://ps.popcash.net/ad/ad?p=79141&w=465699&t=81e8484d7434b47c&r=aHR0cCUzQSUyRiUyRmNvcmUucm95YWxh... HTTP 303
    http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699 Page URL
  9. http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699&ref=http%3A%2F%2Fps... HTTP 302
    http://moviesmale.com/free.shtml Page URL

Page Statistics

11
Requests

36 %
HTTPS

13 %
IPv6

9
Domains

10
Subdomains

7
IPs

4
Countries

13 kB
Transfer

21 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://traffic.tc-clicks.com/?p=9968&media_type=mainstream&pi=mainstream_popunder&source_type=popunder&click_id=4248e974-5889-11ea-80d8-06097625304a&sub_id=524_662_ Page URL
  2. http://go-rillatrack.com/b.php?trf=m&p=custom_trafficompany&d=5caf619098142974e1094aa0&pid=5lywz14x7dwf8ivoxn5cssgk0,14331597,5,9968&source=9968 HTTP 302
    https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=9968&cid=5e5664869814297fe7035d9c Page URL
  3. https://offers.vaniacozzolino.com/?utm_term=6797731214267515111&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e Page URL
  4. https://offers.vaniacozzolino.com/proc.php?7a65c16402a7291ace8c871ede01dc1a886c1923 HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6797731214267515111&ext1=6437 Page URL
  5. http://getad.xyz/go/216668/456926 Page URL
  6. http://getad.xyz/ad/ad?p=216668&w=456926&t=22861a4868fbfbab&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200 HTTP 303
    http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926 Page URL
  7. http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926&ref=http%3A%2F%2Fgetad.xyz%2Fgo%2F216668%2F456926&scrw=1600&scrh=1200&nlc=GZd695uj5n531rMi&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
    http://popcash.net/world/go/79141/465699 HTTP 301
    http://ps.popcash.net/go/79141/465699 Page URL
  8. http://ps.popcash.net/ad/ad?p=79141&w=465699&t=81e8484d7434b47c&r=aHR0cCUzQSUyRiUyRmNvcmUucm95YWxhZHMubmV0JTJG&vw=1600&vh=1200 HTTP 303
    http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699 Page URL
  9. http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F79141%2F465699&scrw=1600&scrh=1200&nlc=61zR9p7F5n531rMi&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
    http://moviesmale.com/free.shtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://go-rillatrack.com/b.php?trf=m&p=custom_trafficompany&d=5caf619098142974e1094aa0&pid=5lywz14x7dwf8ivoxn5cssgk0,14331597,5,9968&source=9968 HTTP 302
  • https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=9968&cid=5e5664869814297fe7035d9c
Request Chain 3
  • https://offers.vaniacozzolino.com/proc.php?7a65c16402a7291ace8c871ede01dc1a886c1923 HTTP 302
  • https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6797731214267515111&ext1=6437
Request Chain 6
  • http://getad.xyz/ad/ad?p=216668&w=456926&t=22861a4868fbfbab&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200 HTTP 303
  • http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926
Request Chain 7
  • http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926&ref=http%3A%2F%2Fgetad.xyz%2Fgo%2F216668%2F456926&scrw=1600&scrh=1200&nlc=GZd695uj5n531rMi&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
  • http://popcash.net/world/go/79141/465699 HTTP 301
  • http://ps.popcash.net/go/79141/465699
Request Chain 8
  • http://ps.popcash.net/ad/ad?p=79141&w=465699&t=81e8484d7434b47c&r=aHR0cCUzQSUyRiUyRmNvcmUucm95YWxhZHMubmV0JTJG&vw=1600&vh=1200 HTTP 303
  • http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
traffic.tc-clicks.com/ 		1000 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffic.tc-clicks.com/?p=9968&media_type=mainstream&pi=mainstream_popunder&source_type=popunder&click_id=4248e974-5889-11ea-80d8-06097625304a&sub_id=524_662_
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.40.16.23 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.23.16.40.188.clients.your-server.de
Software
/
Resource Hash
04e16c7bd1039aa706ac8779dd91c08a84ce2a1f230273dfd4c7192be5c0a240

Request headers

:method
GET
:authority
traffic.tc-clicks.com
:scheme
https
:path
/?p=9968&media_type=mainstream&pi=mainstream_popunder&source_type=popunder&click_id=4248e974-5889-11ea-80d8-06097625304a&sub_id=524_662_
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Wed, 26 Feb 2020 12:28:53 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
traffic-back=ok; expires=Wed, 26-Feb-2020 12:29:23 GMT; Max-Age=30; path=/; domain=.tc-clicks.com t-uuid=5lywz14xgc7a9zike91c0cckc; expires=Tue, 26-Feb-2030 12:28:53 GMT; Max-Age=315619200; path=/; domain=.tc-clicks.com traffic-visited-offers=98598%7C1582720133%7C98598%7Cunspecified; expires=Thu, 27-Feb-2020 12:28:53 GMT; Max-Age=86400; path=/; domain=.tc-clicks.com rts-trck=1; expires=Wed, 26-Feb-2020 12:38:53 GMT; Max-Age=600; path=/; domain=traffic.tc-clicks.com
last-modified
Wed, 26 Feb 2020 12:28:53 GMT
expires
Wed, 26 Feb 2020 12:28:53 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex, nofollow
content-encoding
gzip
/
offers.vaniacozzolino.com/
Redirect Chain
  • http://go-rillatrack.com/b.php?trf=m&p=custom_trafficompany&d=5caf619098142974e1094aa0&pid=5lywz14x7dwf8ivoxn5cssgk0,14331597,5,9968&source=9968
  • https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=9968&cid=5e5664869814297fe7035d9c
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=9968&cid=5e5664869814297fe7035d9c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.106.197 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
9c37fe6ab1cca44824384c43da477b16e5eefefd6d9cce24a21e0e926fe9a4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
offers.vaniacozzolino.com
:scheme
https
:path
/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=9968&cid=5e5664869814297fe7035d9c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://traffic.tc-clicks.com/?p=9968&media_type=mainstream&pi=mainstream_popunder&source_type=popunder&click_id=4248e974-5889-11ea-80d8-06097625304a&sub_id=524_662_

Response headers

status
200
server
nginx
date
Wed, 26 Feb 2020 12:28:54 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=72e3594ecb62ae7a9e0cc9a5f5d3ac73; expires=Thu, 25-Feb-2021 12:28:54 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 26 Feb 2020 12:28:54 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Round
5c6b12d41e26dc53cb2c4efe
Raund
107axr9nel
Location
https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=9968&cid=5e5664869814297fe7035d9c
/
offers.vaniacozzolino.com/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offers.vaniacozzolino.com/?utm_term=6797731214267515111&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
Requested by
Host: offers.vaniacozzolino.com
URL: https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=9968&cid=5e5664869814297fe7035d9c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.106.197 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b3f64ba9fa6cb47826db5a0eb0ef66ab76ca7479f8d77148e9caccb0be2a35fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
offers.vaniacozzolino.com
:scheme
https
:path
/?utm_term=6797731214267515111&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=9968&cid=5e5664869814297fe7035d9c
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
u=72e3594ecb62ae7a9e0cc9a5f5d3ac73
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://offers.vaniacozzolino.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=9968&cid=5e5664869814297fe7035d9c

Response headers

status
200
server
nginx
date
Wed, 26 Feb 2020 12:28:54 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP
minently.com/RnSda/rDN3/ojdn/
Redirect Chain
  • https://offers.vaniacozzolino.com/proc.php?7a65c16402a7291ace8c871ede01dc1a886c1923
  • https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6797731214267515111&ext1=6437
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6797731214267515111&ext1=6437
Requested by
Host: offers.vaniacozzolino.com
URL: https://offers.vaniacozzolino.com/?utm_term=6797731214267515111&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.147.93.131 , United States, ASN393676 (ZENEDGE, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
7fe2162aecc084897b3393a95c08336d158568dbca7ab451c49fd44edd84f8b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

:method
GET
:authority
minently.com
:scheme
https
:path
/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6797731214267515111&ext1=6437
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://offers.vaniacozzolino.com/?utm_term=6797731214267515111&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://offers.vaniacozzolino.com/?utm_term=6797731214267515111&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e#

Response headers

status
200
content-type
text/html;charset=utf-8
expires
Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
date
Wed, 26 Feb 2020 12:28:55 GMT
content-encoding
gzip
vary
Accept-Encoding Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status
NOTCACHED
x-zen-fury
3715ec5f13c22e155506edf69c9dc4e10b722757
set-cookie
MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=ec035ba913389bc5c988fea8be3229f7_1582720134.8121; domain=minently.com; path=/; expires=Sat, 23-Feb-2030 12:28:54 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1582720134.8149; domain=minently.com; path=/; expires=Sat, 23-Feb-2030 12:28:54 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3Y2tsbzMwL3dKK2ptdWdyNnRIUHNIcmhLSkdSSzg5WDA2Q1hyRFAybDc0cA%3D%3D; domain=minently.com; path=/; expires=Sat, 23-Feb-2030 12:28:54 UTC; Secure ec035ba913389bc5c988fea8be3229f7_1582720134.8121_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRlA1OG5qTUtIS3FsZjArTnpESzg4bnV5WUs4OFFSblZYWGlBODNoeDB1MHZ6WHFscndvL0pYTE1YdWF4aEFGS0lHbFpnL0xCWVBkbExWZ0xnOVBlVGR5b1ZWdEhaYStkWjRNaHY5R3BmeHM5MzNyR2g2QUlVRjhIUGVwcGlrRUpUemk5ZzhsSmRtQmVPdG81YmhUcXB4OTM5Qm1vMm5KU0NSWmxkdGdnR2ZsL0lxRExRNXVDTlIvKzViVlp1SUMyYkNhVTJ4ZXFnaHlFZUxvekpoUkh6TWVoR1p6TkZzOEpabTcvV3g5OW5SK0RKZ1h2V0t5VGEySlZEaUs1bk5kWVNSaVRPVnE4YjJOUS92allXVWVjTXBCR3RuRjNySzUrZXBOVkpOODZrcThFZitXOFJRQ1pWbTZWclVXcXVzdUZFaElqVnppeWtvaG04dVJ1MnQyRk9pZlllM1Q1dDE1SEFSQjhvZ2V6Sk0xMDRXS2ZLQkZrZGh5WE1sdkFacGhOZ0x6V29mUWpQVXNJWlJobnM0cStmcmtyeTFQemFDT1pwUlF1U2xPZ2hVRzdzUU5MY3pUbGtDMktwVEV3V1lqZ0QxTkIxSzZCSzg2UWZsRnV2dndhenNtMTh3ZkFlL0pQVFR4MlJsMkE2ZDdQcHBlRFFvRllBVk1ZTEJWVmhGZFZGSGVjZGlDWGRpNHZPTTFMdTZmaHlsS1BFeTl1dGF5ZzBXdEJVcGRnWWlNWjhGMHFjSjluNEs2czFDSFJpbFA3V3RaQWtKWS9CRUV3eVFLUndaNWpmM3BYY29ZN2NpZzRrVzN4eGNucW9KUFZSWFdCanh0Y0xKTUVRNDZ1NEQ3eStQbld5UW1CNVdkcmIzZHUxQmpIa29hbG9hY25TalcxTW9jcWhRdWJlRVBna0hOQzB2dXhhdGlwWUIxMkc1RUhmV09tS2EwRkZqQXZxMEZPa1ExVDNmam9NNllBSTgvRTluaWROQ0o2akRvZVBpL1JWWHAvTlhONmsweVpRZ2tJUHhYUm9TTXkzbk5aNmkwK0dwaUUzUlIwWmVWOGlBQ0JHempKeDFhRjcvd21uQlBXOHM1aWlXemtRdVRpQ1RsM3FtbXZCWnQwdG15R1hId0t1c2pZZmVTYm9wTUhjZ1RXVFhDejVlRUlpeVNNRnQ2elZGSEZTOHhabnNhUy94d3F5cUJzVE1PL2ptQzN4S3B4clBxN3lWQlJ4TStlUEV5dVhRdnpnYkRWWisyeQ%3D%3D; domain=minently.com; path=/; expires=Sat, 23-Feb-2030 12:28:54 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=VFFUN0F1Y1drbjlvKzZwcXBEcVc4bW5ZakdXU0czaFZPTkhMVHNmVnRKRnBaalE4MzZzKzVqTWZBbHlJRUVGZjRIZXcyaHNoZllUT0F4K0FaSmhLTnA1UGQxcytMV0FJT1NUc2xOUFR3Zm89; domain=minently.com; path=/; expires=Wed, 26-Feb-2020 13:33:55 UTC; Secure SERVERID=sfc7; path=/
server
ZENEDGE
x-cdn
Served-By-Zenedge

Redirect headers

status
302
server
nginx
date
Wed, 26 Feb 2020 12:28:54 GMT
content-type
text/html; charset=UTF-8
location
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6797731214267515111&ext1=6437
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
456926
getad.xyz/go/216668/ 		0
0
456926
getad.xyz/go/216668/ 		466 B
517 B 		Document
General
Check archive.org
Download Go to
Full URL
http://getad.xyz/go/216668/456926
Requested by
Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6797731214267515111&ext1=6437
Protocol
HTTP/1.1
Server
35.168.149.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-149-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b473e2d6c5867e61f249c2721a6d49723b4eac30e8876dec4b126cd67bf20f10

Request headers

Host
getad.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
https://minently.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://minently.com/

Response headers

Date
Wed, 26 Feb 2020 12:28:56 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Content-Encoding
gzip
Cookie set /
core.royalads.net/click/
Redirect Chain
  • http://getad.xyz/ad/ad?p=216668&w=456926&t=22861a4868fbfbab&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200
  • http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926
951 B
873 B 		Document
General
Check archive.org
Download Go to
Full URL
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926
Requested by
Host: getad.xyz
URL: http://getad.xyz/go/216668/456926
Protocol
HTTP/1.1
Server
147.135.243.181 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
ip181.ip-147-135-243.eu
Software
nginx /
Resource Hash
d36f0e5d30ccb65d75e475d66cebb44e9528254852e7622641983eda3175f412

Request headers

Host
core.royalads.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://getad.xyz/go/216668/456926
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://getad.xyz/go/216668/456926

Response headers

Server
nginx
Date
Wed, 26 Feb 2020 12:28:58 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache
Set-Cookie
cflag=813;Domain=core.royalads.net;Path=/
Content-Encoding
gzip

Redirect headers

Date
Wed, 26 Feb 2020 12:28:56 GMT
Content-Type
text/html; charset=utf-8
Content-Length
115
Connection
keep-alive
Server
nginx
Location
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926
465699
ps.popcash.net/go/79141/
Redirect Chain
  • http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926&ref=http%3A%2F%2Fgetad.xyz%2Fgo%2F216668%2F456926&scrw=1600&scrh=1200&nlc=GZd695uj5n531rMi&ven=&ver=&p=falsexundefi...
  • http://popcash.net/world/go/79141/465699
  • http://ps.popcash.net/go/79141/465699
469 B
527 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ps.popcash.net/go/79141/465699
Requested by
Host: core.royalads.net
URL: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926
Protocol
HTTP/1.1
Server
35.168.149.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-149-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash
040d1cb3ec2e4d2fe6b1050f419a28df340fb223dfd0cc9108633c4071be3117

Request headers

Host
ps.popcash.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://core.royalads.net/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=dbf1ba6cbaf1ac2500b1518b8f60960c81582720137
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926

Response headers

Date
Wed, 26 Feb 2020 12:28:57 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Date
Wed, 26 Feb 2020 12:28:57 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Set-Cookie
__cfduid=dbf1ba6cbaf1ac2500b1518b8f60960c81582720137; expires=Fri, 27-Mar-20 12:28:57 GMT; path=/; domain=.popcash.net; HttpOnly; SameSite=Lax
Location
http://ps.popcash.net/go/79141/465699
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
56b1ebf849ac2748-FRA
Cookie set /
core.royalads.net/click/
Redirect Chain
  • http://ps.popcash.net/ad/ad?p=79141&w=465699&t=81e8484d7434b47c&r=aHR0cCUzQSUyRiUyRmNvcmUucm95YWxhZHMubmV0JTJG&vw=1600&vh=1200
  • http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699
955 B
873 B 		Document
General
Check archive.org
Download Go to
Full URL
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699
Requested by
Host: ps.popcash.net
URL: http://ps.popcash.net/go/79141/465699
Protocol
HTTP/1.1
Server
147.135.243.181 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
ip181.ip-147-135-243.eu
Software
nginx /
Resource Hash
5cf89de4eb7690f09ced3b476e4bd1006a61c9575fd56c22b909a6c8edef83ed

Request headers

Host
core.royalads.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://ps.popcash.net/go/79141/465699
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ps.popcash.net/go/79141/465699

Response headers

Server
nginx
Date
Wed, 26 Feb 2020 12:28:59 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache
Set-Cookie
cflag=913;Domain=core.royalads.net;Path=/
Content-Encoding
gzip

Redirect headers

Date
Wed, 26 Feb 2020 12:28:57 GMT
Content-Type
text/html; charset=utf-8
Content-Length
115
Connection
keep-alive
Server
nginx
Location
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699
Primary Request free.shtml
moviesmale.com/
Redirect Chain
  • http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F79141%2F465699&scrw=1600&scrh=1200&nlc=61zR9p7F5n531rMi&ven=&ver=&p=falsexun...
  • http://moviesmale.com/free.shtml
2 KB
797 B 		Document
General
Check archive.org
Download Go to
Full URL
http://moviesmale.com/free.shtml
Requested by
Host: core.royalads.net
URL: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699
Protocol
HTTP/1.1
Server
213.174.132.218 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.8.0 /
Resource Hash
397f5a59082ec878bcfeb41a8aa440a87d7cb412ac7d2f99153fe884440917e2

Request headers

Host
moviesmale.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://core.royalads.net/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699

Response headers

Server
nginx/1.8.0
Date
Wed, 26 Feb 2020 12:28:58 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 26 Feb 2020 12:28:59 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-cookie
hash=ab8bed81-88ef-46ab-a588-204917470d23; expires=Thu, 27-Feb-2020 12:28:59 GMT; path=/; version=1.0
Location
http://moviesmale.com/free.shtml
Cache-Control
no-cache
out.shtml
www.new-young-boys.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
getad.xyz
URL
http://getad.xyz/go/216668/456926?
Domain
www.new-young-boys.com
URL
http://www.new-young-boys.com/out.shtml

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies